Companies of all sizes are struggling to keep their APIs safe, as evidenced by the many recent hacks, leaks, and exploits. While the traditional approach to API security largely focuses on technical aspects, like managing Denial of Service attacks and preventing code injections, it turns out that a growing number of hacks are actually caused by poor management of API permissions or flaws in business logic. Read more
The life of an API follows a predictable lifecycle – from creation to deprecation, each stage of the API lifecycle denotes an important event, and it carries with it a set of best practices. API developers tend to think about the future in very positive ways – how the API will behave, what its design will be – but in doing so, they don’t always consider what the end of that API might look like. Read more
Client libraries are one of few ways to dramatically improve Developer Experience (DX) for your APIs. However, with all the programming languages your developers use, creating client libraries can be quite a challenge — and that’s not to mention the maintenance that comes with every update to your APIs. Read more
At first glance, it would seem that the API space has embraced unified design standards. RESTful development uses HTTP to communicate between a client and a server. OpenAPI Spec serves to extend REST APIs, improving documentation and making APIs machine-friendly.
However, with just a little digging, it becomes apparent that this isn’t always the case. Read more
As we’ve described many times before, the OpenAPI Specification is a powerful solution for API agility and extensibility. Overseen by the OpenAPI Initiative, the specification drives many modern implementations to new heights. Such is the case with today’s topic, the OpenAPI CLI Generator. Read more
Big organizations are slow to change, especially when it comes to technology. After all, the stakes are high, and the complexity of existing systems is even higher. There comes a time when you can’t put off embracing new technology any longer. Read more
As the API space has grown and transitioned, there have been several major sea changes in what an effective language in the industry looks like. Moving away from classical server-client architecture and into the realm of serverless or other new paradigms can leave old languages feeling inadequate. Read more
Workarounds are clever, but less than ideal solutions to problems that shouldn’t really exist. In the world of APIs, an example of this might be scraping an application’s frontend to make up for endpoints that don’t exist.
At first sight, workarounds may seem like a bad thing. Read more
