Runscope API Testing and Monitoring    Learn More →

This Fortnight in APIs, Release V

By Ashley Waxman on .

This post is the fifth in a series that collects news stories from the previous two weeks and is curated lovingly by the Runscope Developer Relations team. The topics span APIs, microservices, developer tools, best practices, funny observations and more.

For when you want advice from DX-perts:

Developer Experience, or DX, continues to be a buzz term, but what does it really mean outside of a pretty portal and a sleek onboarding process? In this InfoQ article, three longtime developers in the API space with a penchant for DX provide their insights on the meaning of DX and how to implement it in your business. Jeremiah Lee Cohick of Fitbit identifies four key concerns for API excellence, including functionality and reliability. Amit Jotwani of Ionic Security provides 10 steps toward a great API experience that include interactive documentation and clear and simple language. Finally, Ronnie Mitra of API Academy proposes four key goals for DX. With advice from this group, your DX will be 200 OK.

For when your API is more than just a pretty face:

Dropbox just announced the Dropbox API v2, a REST API that comes with several well-maintained SDKs, clearer docs, new sample apps and, most importantly, new API methods. New access control API methods allow programmatic access to sharing folders, managing folder policies and membership. The search API method now supports full-text search on the content of your files, not just the filenames (for Dropbox for Business accounts). Dropbox also introduced unique File IDs so that even when a file is moved from here to there, and there again, you can pinpoint that file using the ID instead of a full path. These new features of the Dropbox API are impressive and require significant dedication to the structure and functionality of the API beyond what you see on the front-end. It’s important to remember that developer experience lies in the entire API flow, which requires committed investment that, when done correctly, can benefit both the company and developers in the long run.

For when you wonder, if you do all this work on the backend but nobody sees it, did it really happen?

Another example of a company dedicating time and resources to building a seamless API experience, Clearbit takes great care to deploy point-in-time API versioning to its mission-critical API. Knowing that numerous companies rely on its business intelligence API 24/7, Clearbit uses API monitoring with regression testing to ensure that each new version doesn’t break the last, and more importantly, that customers never notice. When APIs become more than a supporting character for a business and take a starring role, ensuring that those APIs don’t break when you make changes may not be a practice seen by your customers, but it will be appreciated.

For when you need to organize your toolbox:

As we’ve noted in some of the more complex, but seamlessly deployed, APIs like Dropbox and Clearbit, building a good REST API requires care and planning from the start. Micha Mazaheri from Paw compiled a list of helpful tools for each stage of the API development process, from debugging to defining to monitoring, and more. This article explains which dev tools you should use depending on your preferences and comfort level with different technologies and platforms.

For when there has to be an easier way to make friends:

If you’re like most developers, you’re always on the hunt for the best APIs you can integrate with so you don’t have to build out things like payment processing and geolocation yourself. While those integrations might be relatively easy to connect from a technical perspective, there are a lot of moving parts to consider for scaling, strategy and business. Fortunately, this post from the Tdd Apps Blog goes through every stage of building an integration, from selecting an API, to understanding the third-party’s business goals, to managing the dynamic nature of an API you don’t control. This post comes with lots of handy diagrams to help you out, plus a few pictures of yummy sandwiches, so make sure to read this before your lunch meeting with your third-party API provider.

For when you find another gateway to OAuth: 

If you provide APIs, you’ve probably been keeping your eye on Amazon’s API Gateway, the company’s API management service, which we reviewed when it launched. For authorization, API Gateway uses IAMs and Cognito, but those may not be your cup of tea. If you’ve been looking for a way to implement API Gateway with something more mainstream, like OAuth, this article is for you. Authlete walks you through how to configure API Gateway and AWS Lambda to work with an external OAuth service. The example features the use of Authlete’s OAuth service, but whether you use that or not, it should give you a good idea of how apply the same mechanics to your own OAuth provider.

For when you need to transition from writing code to legalese:

Ever since the advent of the internet and software, the law has been racing to catch up as businesses become more global and technology takes over old ways of consuming information. There’s currently a major case between Google and Oracle over an allegedly copied API, which gives rise to the API community awaiting a decision that could impact how they build and develop APIs. This TechCrunch article explains the case, as well as how to decode the legal jargon involved so you can better understand how the outcome may affect you. From copyrights and patents to the history of how software is protected by the law, this article serves as a great primer if you’ve never been on the legal side of things.

For when you can’t go a fortnight without talking about microservices:

In our last post, we talked about some of the latest updates from HAproxy, which we use at Runscope for high performance load balancing. This article adds more to the story by taking you through how HAproxy specifically can be used with microservices, and a brief overview of microservices architecture and load balancing. If you’re looking for help with routing and creating access lists, this article provides a sample config that can help.

Notice something we missed? Put your favorite stories of the past fortnight in the comments below, or email us your feedback!

Categories: apis, api ecosystem, this fortnight in apis

Everything is going to be 200 OK®