REST API Notes for 2018/04/03

After a quick weekend trip to Pittsburgh, it's time to jump back into things. A handful of things to note from the past week.


Good grief. The specter of an Oracle win has been hanging over API designers' heads since, at least, 2014. Two years ago (!) we seemed to have some resolution, as Google's mimicry of the Java API interface was deemed to be fair use. But, with $9 billion on the line, Oracle wasn't willing to go away easily. Here we go again.

It is unlikely to end there; next stop looks like the Supreme Court. While I doubt the looming legal drama prevented people from doing meaningful work, it would be nice to have this definitively settled.


Sometimes short explanations are the best explanations. Peter Williams has posted his hypermedia format manifesto. In it, he succinctly declares the tradeoffs he's come to value when creating API designs:

  • evolvability over message and implementation simplicity
  • self describing messages over reduced message sizes
  • standards over bespoke solutions
  • human readability over client simplicity
  • uniformity over flexibility

It is a great read, and a crystallization of important points that take lesser authors hundreds (or thousands?) of words to express.


While I'm discussing concentrated fabulous, Asbjorn Ulsberg, writing on the Nordic APIs blog, revisits common REST misconceptions. He discusses the erroneous statements that:

  • REST is just CRUD
  • Some URI Constructions are more RESTful than Others
  • REST APIs Should be Versioned
  • Hypermedia is Optional for REST APIs

Even for veteran API developers, this piece is a great refresher for principles to build on.


  • After several weeks of damning press, Facebook has been taking steps to mitigating future mistakes. That includes, most recently, imposing new rate limits for users on the Instagram API. The previous rate of 5,000 calls per hour now appears to be closer to 200.
  • Cloud Elements published its 2018 State of API Integration Report. My brows furrowed greatly while skimming; the conclusions seemed more akin to wish fulfillment than my experience would predict. I'll need to spend additional time in order to see the line they draw between the survey responses and the future drawn.
  • Also recently published was InfoQ's eMag, "Microservices, Patterns and Practices". I've always been impressed with InfoQ's quality. This collection, some of which previously appeared on their site, is a compact reference for microservice padawans and practitioners.
  • Aadhaar is India’s 12-digit biometric identity number. Security has always been a concern with the scheme. Despite claims that there were no security problems, several leaks have occurred. As a copious Keith Casey twitter rant recounts, securing this kind of API is one of the first things that should have been done.


Lots to love about what I'm seeing on If you have an event you'd like added either respond to this note directly or send me an email at ''.

Til next time,


@libel_vox and

Subscribe to Net API Notes

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.