Copy
The week in API strategy, news, articles, and upcoming events.
James Higginbotham, Curator  A hand-curated weekly newsletter for API developers, sponsored by LaunchAny and CaseySoftware

Find this via Twitter? Subscribe now so you don't miss out
 
 

API Developer Weekly

Oct 13, 2022 - Issue #427
This week, news has arrived that after 7 years ProgrammableWeb is shutting down. While it isn't the same as it used to be, this is still a major milestone for many of us that jumped into the API world early. Thanks to John Musser and many others for their work in the early days of the site!

We also have a nice introduction to client-side rendering of the AsyncAPI specification, the next major release of the AsyncAPI Spec (v3), and a tool called JSON Crack that helps to visualize JSON data. We also have a look at how JPMorgan Chase helped to remove the need for screen scraping, and a look at API governance and API lifecycles. 

Happy Reading!
-- James
 
Hot Topics
ProgrammableWeb is Shutting Down
Albert Putnam(@AlbertPutnam) tuned me into the fact that ProgrammableWeb is shutting down this month, after seventeen years of operation. I have mixed feelings about this, in that I don't tune into the site much anymore because it is a static API directory and a pay for play blog, lacking the original heart and soul the blog had back in the day. by Kin Lane , Postman Open Technologies [apievangelist.com]

Event driven API documentation made simple (Client-Side Rendering)
This post originally appeared on Michal's Corner This guide is directed toward folks seeking instructions on generating documentation using their AsyncAPI files. Event-driven APIs are not the same as the synchronous APIs you usually document with OpenAPI or GraphQL. [asyncapi.com]

Release v3.0.0-next-major-spec.3 · asyncapi/spec
You can't perform that action at this time. You signed in with another tab or window. You signed out in another tab or window. Reload to refresh your session. Reload to refresh your session. by asyncapi [github.com]

JSON Crack - Crack your data into pieces
Simple visualization tool for your JSON data. No forced structure, paste your JSON and view it instantly. [jsoncrack.com]

8 KB is not enough: why WAFs can't protect APIs
WAFs were a top-notch security instrument a decade ago, but now they are not. They fail to protect APIs. Meanwhile, the number of API-specific vulnerabilities grew more than twofold in 2022. According to a report by Wallarm, many such vulnerabilities have critical severity, and 33% are immediately exploited. by by ferrisbuller on October 17, 2022 [securityboulevard.com]

PII Leaks and Other Risks From Unsecure E-Commerce APIs
Download Examining Security Risks in Logistics APIs Used by Online Shopping Platforms PII Leaks and Other Risks From Unsecure E-Commerce APIs Application programming interfaces (APIs) are one of the chief enablers that have made the integration of different systems from different entities a reality. [trendmicro.com]

More Than 30% of All Malicious Attacks Target Shadow APIs
Sunnyvale, Calif. - October 4, 2022 - Cequence Security, the leading provider of Unified API Protection, today released its first half 2022 report, titled " API Protection Report: Shadow APIs and API Abuse Explode. " Chief among the findings was approximately 5 billion (31%) malicious transactions targeted unknown, unmanaged and unprotected APIs, commonly referred to as shadow APIs, making this the top threat challenging the industry. [darkreading.com]

Linking for Fun and Profit: Using Linksets in APIs
Linking for Fun and Profit: Using Linksets in APIs - Erik Wilde, Axway Linkset is a new IETF specification that defines two formats for representing Web Links. This means that links that typically are sent in HTTP headers or embedded in other data now can be represented as standalone resources. by OpenAPI Initiative [youtube.com]
 
Business of APIs
JPMorgan Chase says it has fully eliminated screen scraping
JPMorgan Chase has reached a milestone five years in the making - the bank says it is now routing all inquiries from third-party apps and services to access customer data through its secure application programming interface instead of allowing these services to collect data through screen scraping. by Penny Crosman, Kate Berry, Ken McCarthy, Carter Pape, Orla McCaffrey, Polo Rocha, Catherine Leffert [americanbanker.com]

The 4 components of API governance
Institution: an organization founded for religious, educational, professional, or social purposes The "institutions" mentioned in the API governance's definition represent who works on APIs. These are the different sub-organizations (inside the organization putting API governance in place) that directly or indirectly work on APIs. by Arnaud Lauret [apihandyman.io]

How to Achieve API Governance
With APIs popping up everywhere, API strategy demands common design patterns, central discoverability, and putting users first. #APImanagement #APIgovernance [thenewstack.io]

Full Lifecycle Vs. Specialized: What Companies Should Consider When Creating APIs
There's a recurring trend in the software industry. New technologies are often discovered by people who use them to do amazing things. Others discover and adopt the new tech to solve similar problems and innovate further. by Jason Harmon CTO [blog.stoplight.io]

(Un)Related
GraphQL and REST Can Coexist, Author Will Lyon Says
It's been called 'the better REST' by more than one vendor. GraphQL champion Will Lyon believes GraphQL to be the REST we've needed all along. [thenewstack.io]

What Is The Difference Between EDI and API?
EDIs and APIs are, in a sense, two sides of the same coin - information needs to flow from one entity to the other, in a specified format, in a useful way. However, the details of the specific technologies expose a good deal more complexity, and the differences between them might not be readily apparent. by Kristopher Sandoval [nordicapis.com]

Council Post: What's Happening To Middleware In The Cloud-Native Era?
Chief Technology Evangelist at . Humanizing Technology. Architecting Transformation. The Evolution Of Middleware Spending two decades in the middleware field has given me deep insight into the evolution of this technology domain. by Asanka Abeysinghe [forbes.com]
 
 
Want to share something?
As always, if you want to chat, share a link, or make a suggestion, feel free to drop us a quick note or tagging us on Twitter (@launchany and @caseysoftware) or by emailing us at: james@launchany.com
 
UPCOMING EVENTS
Follow on Twitter    Forward to Friend    Subscribe
Copyright © 2022 LaunchAny, All rights reserved.
unsubscribe from this list