Posts filtered by category: apis
Have you been looking for a quick and straightforward guide to writing your first AWS Lambda function? If so, we have got you covered. This article explains everything you need to know to create your first Lambda function, and how to upload and run it in the AWS Cloud.
AWS Lambda in a Nutshell
AWS Lambda is a serverless computing platform that allows engineers to create a small function, configure the function in the AWS console, and have the code executed without the need to provision servers—paying only for the resources used during the execution. As many organizations move towards implementing serverless architectures, AWS Lambda would be the central building block they’ll use. […]
Read More →
In this article, we’re going to be examining what an API-first design strategy looks like when it comes to developing serverless applications. We’re going to talk about why this approach is essential, what are its benefits, and walk through a simple example of creating a basic OpenAPI spec using SwaggerHub, and deploying it using AWS Lambda.
Start with the End in Mind
As developers and engineers, we like to solve problems. Give us an idea of what needs to be fixed or produced, and we’ll have our IDE open and our fingers tapping out magical code before you finish speaking.
Fast innovation is a good thing. In this case, however, there is a downside: You’ll end up with an API that is “designed” and “documented” as an afterthought and made to fit the code. This approach may require additional work […]
Read More →
Keith Casey, an API Problem Solver at Okta, covers the basics of OAuth 2.0 and OpenID Connect to help you build applications that are secure, reliable, and protect your systems and data the way you expect.
In the last few years, I’ve worked with dozens of companies to understand their needs, goals, and design on how they’ll use OAuth within their systems. Throughout those projects, I’ve found good news and bad news.
The good news is the tools and supporting libraries are steadily getting better, both in terms of ongoing support and security overall. As a result, mistakes that were common just a few years ago are steadily disappearing. This is a major win because if we start with better, more secure tools, we’ll build more secure software by default.
The bad news is there are still too many easy ways to build systems that look secure and seem secure but leak user information, application data, or inadvertently encourage bad security practices in downstream applications.
Therefore, let’s talk about some of those common mistakes and how we can improve security from day one. […]
Read More →
APIs. You depend on them, but can you always trust them to work as advertised? The truth is that APIs can fail, and even when they don't fail, they can perform in ways that are less than adequate. When that happens, your application may be left hanging, or worse yet, it may crash. What kind of failures are we talking about, and what can you do about them?
First, though, consider what an API does—It provides a way for a programmer to communicate with an external application or service, and to ask that application to do something. You may or may not know what the other program does internally with your data and your request, but as long as everything works correctly, all you need to know is how to use the API. But that is not enough to ensure that APIs perform adequately.
In this article, we'll look at three common reasons why an API might fail or underperform, and how DevOps engineers can address them. [...]
Read More →
James Higginbotham, Executive API Consultant, shares his API and product release insights with a list of 10 essential steps to improve the next release of your API.
If you're interested in being a part of our next series, fill out this short form and we'll get in touch with you for our next run.
It is exciting to release something new. The thrill of seeing an idea to completion is always an exciting time for software teams. But how do you know when an API is ready to release? What if you missed something that could result in increased support emails and calls? What if you broke existing internal or 3rd-party integrations?
This article provides a 10-point checklist to help ensure your next API release is as smooth as possible.
1. Did you verify that we met stakeholder needs?
You may design the most beautiful, amazing API ever imagined. It might cause API designers to weep at its beauty. But, if it doesn't solve the problems of your stakeholders, you have failed to deliver a well-designed and useful API. [...]
Read More →
Our Featured Guest Series is back! In this post, Phil Sturgeon warns about ripple effects that can take out entire applications, through making HTTP calls to unstable systems. Learn about using timeouts, retries, and circuit breakers to avoid this happening to you!
If you're interested in contributing to the Runscope blog, go to blog.runscope.com/writing for more information.
In a system-oriented architecture, it is crucial to communicate with other systems. In an ideal world each service knows enough information to satisfy its clients, but often there are unfortunate requirements for data to be fetched on the fly. Broker patterns, proxies, etc., or even just a remote procedure being triggered synchronously, like confirming an email has been sent successfully.
All of these things take time. Frontend applications (desktop, web, iOS, Android, etc.) talk to services, and services talk to other services. This chain of calls can stack up, as service A calls service B, unaware that system is calling service C and D… So long as A, B, C and D are functioning normally, the frontend application can hope to get a response from service A within a “reasonable time”, but if B, C or D are having a bad time, it can cause a domino effect that takes out a large chunk of your architecture, and the ripple effects result in a slow experience for the end users.
Slow applications can cost you a lot of money. A Kissmetrics survey suggests that every 1s slower a page loads, 7% fewer conversions will occur. This article explains how you can make your applications remain performant when upstream dependencies are not, using timeouts and retries. [...]
Read More →