REST API Notes for 2018/09/11
Hello, hello, hullo! I hope you were able to take some time off in August! As for myself, some book project work had to take a backseat while I moved the family into our new house.
And now, in the blink of an eye, we're knee-deep in API conference season. As I write this, API World is happening, API Strat and RESTfest are coming up, and API City is around the corner. As always, for events like these (and more!) check out webapi.events.
Before I start covering those, however, let's highlight what happened last month.
NOTES
APIS BEFORE REST
Chelsea Troy published a worthwhile history of distributed system design, entitled "API Design, Part 1: Before there was REST. Chelsea's introduction had me fist-pumping:
"I want folks to inform their opinions with context on the history of API design. We seem to be in this weird continuous loop of folks pontificating based on whatever has come out in the last two years. And because those opinions are missing a lot of history, they also make a lot of assumptions that prove inaccurate. "
The piece is educational and entertaining in an approachable way. As the latest crop of conference buzzword bingo gets underway, having a firm grasp of the fundamentals goes a long way toward identifying what is new and novel, verses what is re-branded pap.
WORKING WITH GRAPHQL
There have been numerous think pieces on GraphQL pros and cons. But many have been at a theoretical, abstract level. Matthew Weier O'Phinney, took a different tact. He's posted an impressive deep-dive on what it is actually like to use GitHub GraphQL API.
For those considering a GraphQL implementation, I think the post is enlightening. For those weighing whether to consume GraphQL or REST based versions of a provider's service, the piece may also save you some toil and trouble. Finally, I hope it inspires others to share their firsthand experiences and "light the way" for those that follow.
MORE ON SERVICE MESHES
Speaking of lighting the way, Daniel Bryant has posted his recent presentation, "Introduction to Service Meshes. Looking at meshes in the abstract, particularly for microservices, it can be easy to loose site of the forest for the trees. What I like about Daniel's deck is how it provides a background of how we got here. That context is important to understand the benefits and justify investments. Without that understanding, new tech initiatives fall into cargo-culting.
APIS AND SECURITY
Ericka Chickowski has a piece that discusses how APIs are an increasing attack vector for cybercriminals. She highlights a number of trends, all of which indicate the greater need for secure API practice.
If you're developing microservices and wondering where to start securing things, I'd recommend the free API Academy book, "Securing Microservice APIs". This also seems like a big enough topic to dedicate a specific "best of" link roundup in a future email.
MILESTONES
- What is your HTTP status code on an API error? Hopefully something different than those in the HTTP Headers FTW comic.
- [Roy T. Fielding gets sassy on Twitter, to hilarious effect](https://twitter.com/fielding/status/1037390997926248449].
- I previously mentioned the impact of Google Maps API price increases. The initial results are in, and it isn't pretty. In some cases, costs increased 12x. In others, a monthly spend of $50-$70 ballooned to over $10,000.
- Genetics company 23andMe shuttered its public API. The announcement gave developers only two weeks notice. But even if the notice had been longer, is there an alternative?
- While 23andMe joins a long list of companies restricting their public API offerings over the summer, Sonos has expanded its developer program. Available APIs include things like volume pass through and user playlists.
WRAPPING UP
Do you have an event that should be listed on webapi.events? Getting it include is as simple as shooting me an email: hello@matthewreinbold.com.
Also, if you'd like to show your support for this, and other, community efforts, check out my Patreon page. A big THANK YOU to the folks who have supported me thus far. In August, I shared a prototype of a game-based teaching tool for folks in charge of burgeoning API ecosystems. As I get back into a groove, I hope to be sharing more there.
Till next time, Matthew