REST API Notes for 2017/08/14


Early in July, Sam Newman had a very interesting post entitled "Microservice Insecurity". Sam explains the challenges with successful microservice adoption, concluding that there actually very valid reasons not to introduce microservices to a project.

It might be a surprise coming from the author of the excellent Building Microservices. Any time I do one of these note round-ups, it is harding finding RESTful API information that isn't about microservices. Even with published patterns from the likes of Microsoft, the promise, combined with their ambiguity, makes them the perfect patter for subject matter experts and snake oil salesmen alike. (And, no, as Stephen O'Grady points out, the difference isn't a matter of size.) It is essential to carefully evaluate any proposed solution. Everything comes with tradeoffs and you are not Netflix. Choose accordingly.


There have been a couple of notable events since the last newsletter. The first is that the AsyncAPI specification now has its own editor! It follows the, by now, familiar two column layout: YAML on the left, real-time HTML rendered view on the right. Anyone who is familiar using the Swagger-Editor will feel right at home.

Speaking of which, the OpenAPI 3.0 specification is released. The August announcement follows a seven month release process. Notable new features includes support for callbacks and links, a "static" alternative to hypermedia.


I'm pleased to announce that my team is growing again. I've got a great opportunity for someone familiar with enterprise software systems, love working with developers, and is looking to unlock a whole host of future opportunities. Some familiarity with message queuing or event driven architectures is a big plus (Kafka, RabbitMq, and/or Anazon Simple Queue Service [SQS]). For more information, check out the listing and, if interested, apply!

My fellow co-worker, Irakli Nadareishvili, is also hiring for an Application Security Engineer. If your hats tend to skew white, consider this chance to join a great team doing big things.

Finally, if you have an upcoming in-person API-related event that isn't captured on, let me know! I'd be glad to add it.

Until next time, Matthew (@libel_vox and

Subscribe to Net API Notes

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.