REST API Notes for 2018/08/01

Hello August! It's that time of year for family vacations, personal passion projects, and time away from work. At least that's what the number of auto-responses from last week tells me. Likewise, as I mentioned earlier this year, these notes will also be taking a hiatus this month. Unless there is massive breaking news (which certainly could happen) the REST API notes will pick up again in September.

But before we break for the beaches and BBQ parties, let's cover the latest roundup of stories.


There's a new paper, written by Jonathan Schabowsky, on "Event-Driven Microservices". It is available for free (with email address). It attempts to address some of the most common challenges in making that architecture work, including:

  • The Service Decomposition Paradox & the fallacies of distributed computing
  • The Integration Conundrum & the challenges of enabling data flow between microservices in distributed systems,
  • Point-to-point Microservice Orchestration and tightly coupled systems that hamper agility and scalability

I'll always appreciate a strongly worded technical opinion, even I'm not sure I agree with its certainty, than a mealy mouthed platitude. In particular, I enjoyed this quote:

"Similar to the mistakes that astronomers made before Copernicus, many architects and technologists are obsessed with the idea that data is the center of the computing universe."

Jonathan's point is that the request-response model of http-based microservices, combined with the "no database-backdoors" access rule, creates a monolith of a different sort. It is one of stove-piped "application enclaves" requiring complexity in orchestration to accomplish common tasks. To me, that speaks of an severe misses during service decomposition. However, it is an interesting thought experiment to question whether an architectural approach is merely the past rotated 90 degrees, and dressed in consultant livery.


Speaking of microservices, Johannes Bräuer and Jürgen Etzlstorfer have written a detailed, multi-part series on breaking down monoliths into microservices. All too often, after finishing a 'how-to do service decomposition' piece, I feel like this:

A three panel joke, where the first step is gathering supplies, the second is identifying actors, and the third is the Netflix "DeathStar" service mapping.

Yes, the series is long and divided into multiple parts; that's the point. It's a fantastic case with how to think about the approach that doesn't shy away from details. I highly, highly recommend it.


Finally, I was impressed with the 3rd part of Michael Bolton's series, "Exploratory Testing on an API?". There's no shortage of pieces on how to design an API. But I don't think I highlight enough work about how to test an API. The systematic process for approaching an API, documenting the inconsistencies, and discovering unconsidered dependencies was eye opening for me. It is certainly something I'd want to review with my test group.



Hey, lookee that! After shuffling stuff around, is back up, now with HTTPS! It may seem silly to use a certificate on something as simple as a list of global API events. However, as Troy Hunt brilliantly illustrates, every site should be secure by default.

Do you have an event that should be included? Drop me a line; let's talk.

Also, if you'd like to show your support for this, and other, community efforts, check out my Patreon page.

Thank you for reading. Enjoy the rest of summer and I'll catch back up with you in September. Till next time, Matthew

@libel_vox and

Subscribe to Net API Notes

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.