Too much traffic can be a dangerous thing. To many application developers, this seems like a good problem to have – traffic is exactly what you want for your service, so accordingly, the more the better. The simple truth is, however, that too much of a good thing can be very dangerous – and in the API space, this can have dramatic effects. Read more
In the initial years of the world wide web, much was innovated as it was needed — while the fundamentals were open and commonly agreed upon, the systems that used these fundamentals often were not. Innovation led to unique solutions, which led to the development of proprietary systems and approaches. Read more
In 2007 Kevin Kelly gave a TED talk in which he forecasted how the World Wide Web would look 5000 days into the future, prophesizing the emergence of the IoT and AI. He envisioned a more connected planet where all manufactured goods tap into a single, global, intelligent network. Read more
Unfortunately, the reality of mobile apps is that at some point, someone is going to try to do something they’re not allowed to. Whether this is through brute-forcing keys, spoofing identities, or simply issuing distributed attacks across the application’s server dependencies, the threat to public-facing APIs in the mobile space is real, dangerous, and often inefficiently mitigated. Read more
Recently on the Nordic APIs channel we’ve had a few people ask — how do you handle batch processes that are secured with OAuth 2.0? Batch requests are ones executed automatically or programmed to repeat recurringly.
Usually we use OAuth to confirm user identity for API calls, but the problem is that OAuth 2.0 isn’t really designed for batch processing. Read more
