Net API Notes for 2021/09/22 - Issue 176
Net API Notes is a regular, hand-curated digest of impactful news and analysis for busy API practitioners. Are you reading this on the web and not subscribed yet? Sign up today and be the first to get ad-free, actionable info delivered weekly to your inbox.
Greetings, and happy first day of autumn! The air was crisp this morning as I dropped the kids off at the bus, my oldest is getting ready for his homecoming dance, and I'm busy prepping presentations for the fall conference season. If that wasn't enough, there are new notes, too!
Let's dive in.
NOTES
SOLVING THREE COMMON API PROBLEMS WITH LIGHTWEIGHT GOVERNANCE
STRAT / DESIGN / DOC / DEV & TEST / DEPLOY / SECURITY / MONITOR / DISCOVERY
As companies manage an increasing amount of APIs, they find that the hands-off, or ad-hoc, approach they had in the beginning doesn't scale. Thankfully, James Higginbotham has a piece on solving three common API problems with lightweight API governance.
The three challenges James identifies are:
- API Instability, or providers constantly breaking contracts with consumers
- Addressing scalability
- Remediating security vulnerabilities
If APIs in your portfolio demonstrate any of those items, be sure to give James's article a look.
USING OPENAPI TO GENERATE SDKS
STRAT / DESIGN / DOC / DEV & TEST / DEPLOY / SECURITY / MONITOR / DISCOVERY
I don't talk about SDKs enough. If a team has the bandwidth to support keeping code for multiple languages up to date, an SDK can be a wonderful way to sidestep many of consumers' challenges when getting started.
But how do companies do this in practice? Stephen Jayakar has a wonderful piece on the Plaid engineering blog on this very thing. Titled "Adopting OpenAPI Schema to Generate Plaid's SDKs", he starts with the difficulty Plaid had maintaining three different sources of truth:
1) the documentation 2) the language SDKs (or client libraries) 3) the actual API
"-we realized keeping all three of these developer-facing surface areas updated and synchronized can be a challenge as our API evolved. Ideally, we wanted one source of truth for our API in order to enforce a consistent experience for external developers, which is why we decided to use an OpenAPI schema as a point of reference to generate the docs, the client libraries, and part of our API."
There are many practical considerations throughout, including how the team engineer new approaches to accommodate Plaid's non-standard API authentication. Good stuff.
INTRODUCTION OF ASYNCAPI FOR APACHE KAFKA
STRAT / DESIGN / DOC / DEV & TEST / DEPLOY / SECURITY / MONITOR / DISCOVERY
It seems as though more people are taking advantage of real-time, asynchronous API architectures. And Kafka is a popular choice for message delivery. But how do you describe those Kafka events that are part of a topic?
Hot off the presses, Lorna Mitchell shares her Apache Conference slides, "Introduction to AsyncAPI for Apache Kafka". If you've been a reader for a while, you know AsyncAPI is a specification for event-driven APIs. What Lorna does here is show how to get started with the format. I also appreciated the demonstration of how the API description can be used, whether that was code generation, documentation, or more.
As the AsyncAPI community continues to grow, I'm excited to see more of these types of how-tos.
MILESTONES
- Tyk raised $35 million for its "open-source, open-ended approach to enterprise API management".
- Stephen Mizell has gone and taken the complexity research I talked about a few issues ago and turned it into an upcoming book! He's posted a bit about why a book. I am excited to see the final product. You can order your copy on Gumroad.
WRAPPING UP
Next week is the 2021 ASC event. Yours truly will be speaking at 12:20 pm PDT on Tuesday, September 28th (3:20 pm Eastern, 7:20 pm UTC). I'm presenting "We Wrote an API Description; Now What?". If that isn't your thing, there's a host of other great speakers sharing their tips, tricks, and tribulations. Registration for the two-day event is a very reasonable $39, with $10 of that going to support growing Black and Latinx technology involvement.
For that and other conferences, check out Net API Events. Do you have an event that should be added? Let me know.
Postman, my employer, also had a pretty big week. Not only was V9 released featuring a host of new and updated features, a gauntlet was also thrown. Writing on the blog, Postman co-founder and CEO Abhinav Asthana challenged the industry to evolve beyond traditional API management. It is an inspiring vision, and I hope you get a chance to check it out.
Finally, thanks Patreons! Their support helps keep this newsletter is free of advertising, information selling, or paywalls for everyone's benefit. Thank you!
Till next time, Matthew
@libel_vox and matthewreinbold.com
While I work at Postman, a luxurious mane upon an API's lion-like body, the opinions presented above are mine.