- July 01, 2016

hero-book-blogAPI Developer Weekly – June 30, 2016 – Issue #118
A hand-curated weekly newsletter for API developers, published with permission from LaunchAny and CaseySoftware.

Subscribe to their newsletter to stay updated on the latest API trends and industry news.

Hot Topics

A Beginner’s Guide to Using and Testing RESTful APIs
by Jennifer Riggins Imagine if every PhD dissertation resulted in something that changed the world? Sadly, most end up with a copy on the shelf at the university library, maybe one in the author’s office, and little more. But one, about 16 years ago, led to the foundation of that thing we spend our lives on – the Web. by Jennifer Riggins []

Are Web APIs as available and performant as you think?
We frequently preach how web APIs make it easier for applications to interact with external services. When you call them, you expect the server to deliver desired results, and to do so quickly. However, what if an API is unavailable? What if it changes? What if its performance is poor? by Erik Wittern, @erikwittern []

Lessons Learned from the #api360 Microservices Summit 2016
At the API Academy #api360 Microservice Summit event, held in New York City, a collection of microservice experts presented their thoughts on the current state-of-the-art of microservices and associated architectural and organisational issues, process and technology. []

Leapfrogging with REST API Design
How far can REST API design take a platform? To get an expert’s insight on this subject, we sat down with Matthew Reinbold, Senior Manager of Digital Product and API Platform at Capital One. []

Severe Swagger Code Generator vulnerability compromises NodeJS, PHP, Java
Researchers have discovered a vulnerability within the Swagger specification which may place tools based on NodeJS, PHP, Ruby, and Java at risk of exploit. According to Rapid7, the vulnerability has been found in injectable code payloads through the Swagger Code Generator for NodeJS, PHP, Ruby, and Java. by Charlie Osborne []

Slack API Credentials Left in GitHub Repos Open New Door for Corporate Hacking
Careless developers from companies around the world have forgotten to remove sensitive API access tokens from Slack bots uploaded on GitHub, security researchers from Detectify Labs reported today. Security experts claim they’ve found over 1,500 Slack access tokens while scanning GitHub projects. by Catalin Cimpanu []

Presentation: Uber Trip Experiences: Unlocking Your Platform’s Potential
Andrew Noonan walks through the evolution of the Uber Developer Platform, the launch of Trip Experiences, and the future of the Uber platform. []

Data-Oriented Designs for Common API Problems
We recently received an excellent post on the Apigee Community from Matt Miller regarding the design of specific data-oriented REST APIs. Matt posed this question: what do you do with API functionality that doesn’t correspond to traditional CRUD operations in obvious ways? []

Presentation: Learnings from Implementing a Hypermedia Client
Uli Holtel discusses the principles of hypermedia APIs, how to decouple from media type formats, using profiles, ‘fully dynamic’ vs. ‘tightly coupled’ client, tools, code artifacts and examples. []

You’ve seen why and how to model data in JSON. Once you have the data in JSON, you can store and retrieve the JSON documents in any simple key-value databases. If your application only has to set and get the documents based on the key, use any key-value store. []

API Digest #47: APIs Are Soon to Die Out?
Even in the heart of summer, by far the majority of API community are working at full pace, discovering new API opportunities and sharing useful ideas. We have gathered the berries of them and prepared a refreshing cocktail of latest API news and articles. []

Upcoming Web API Events
A list of upcoming Web API Events, maintained by Matthew Reinbold

The Business of APIs

Accumulating Feedback: 4 Questions API Providers Need to Ask Their Users
American activist Bryant H. McGill once said, “one of the most sincere forms of respect is actually listening to what another has to say.” For API providers, listening to the average user, accepting feedback, ingesting these experiences, and iterating on this information is a powerful exercise. by Kristopher Sandoval []

How to Successfully Market an API
The bible for project managers, technical evangelists, or marketing aficionados in the process of promoting an API program. In it we reveal how to plan an API-first business, how to make it discoverable, promote it to press and developer networks, establish quality developer relations, and advocate on behalf of your users to spark adoption and long-lasting integrations. []

That Time I Joined Twilio
Twilio is one of the few companies aligned with my core values as a technologist: the importance of the developer and developer experience, the value of design and design thinking, and the significance of powerful, accessible “plumbing”. There is no other publicly traded company like it. []

Microservice architecture is agile software architecture
Since the term “microservices” hit the software industry like a bolt of lightning in 2014, technical professionals of all stripes have been analyzing this new architectural style from their own frames of reference. Having lived through the rise and fall of service-oriented architecture, I had the same reaction as many others: How does microservice architecture differ from SOA? []

BetterWorks Announces API to Connect Workplace Data Points
BetterWorks announced an API that connects data points from across an enterprise into a single report, dashboard, or method. The API enables companies to gather the data necessary to create and measure company goals. BetterWorks aims to “combine the power of goals and the value of people”. []

(Un)Related Topics

Creating a scalable API with microservices
So you want to build an API, and do it with microservices? Microservices are perfect for building APIs. Teams can focus on building small, independent components that perform a specific API call. You can write each endpoint in a different language, provide different SLAs and even scale the microservices independently. []

Enabling Any Of Alexa’s 1400 Skills Is Now Just A Voice Command Away
Who knew from the outset that Amazon’s Echo smart speaker and its underlying Alexa voice assistant would become this popular and have such a huge backing from the developer community? But as Amazon’s Alexa Skill Kit, Alexa Voice Service and Alexa Fund turn a year old, we’re seeing even more greatness added to the platform. []

Microsoft Prepares for Serverless Computing with Azure Functions Preview – The New Stack
Moving to the cloud means more than not having to worry about hardware and system maintenance anymore; it’s a shift in the way you design applications and services. PaaS takes you further towards that than IaaS but serverless (sometimes called stateless) computing like AWS Lambda, IBM OpenWhisk, Google’s upcoming Cloud Functions and Microsoft’s new Azure … by Mary Branscombe, Joab Jackson, TC Currie []

How to Manage Secrets for Amazon EC2 Container Service-Based Applications by Using Amazon S3 and Docker
Docker enables you to package, ship, and run applications as containers. This approach provides a comprehensive abstraction layer that allows developers to “containerize” or “package” any application and have it run on any infrastructure. Docker containers are analogous to shipping containers in that they provide a standard and consistent way of shipping almost anything. by Matthew McClean []

FaaS, PaaS, and the Benefits of the Serverless Architecture
This article discusses what serverless is, comparing it with PaaS and SPaaS, the benefits and costs of a serverless architecture and the need for a framework. Initially, serverless meant developers did not have to care for setting up and administering the servers running their back-end applications. []

Want to share something?
As always, if you want to chat, share a link, or make a suggestion, feel free to drop us a quick note using Twitter (@launchany and @caseysoftware) or by emailing us at: