API Developer Weekly #116
API Developer Weekly - June 16, 2016 - Issue #116 A hand-curated¬†weekly¬†newsletter for API developers, published with permission from LaunchAny¬†and CaseySoftware.Subscribe to their newsletter to stay updated on the latest API trends and industry news. Hot TopicsHow Bot-to-Bot Could Soon Replace¬†APIs Today when two software systems have to talk to each other, software developers need to implement an integration using APIs (application programming interfaces). This integration process is time consuming. In the bot-to-bot era, however, each software application can talk to each other system, regardless of whether they have an actual API integration in place.How API First Design Can Help Avoid Common¬†Failures The idea of design first is extremely simple, and highly cost-effective. Many companies seem to be unaware, or simply choose to take a short-cut to save on the development cycle, exchanging months of refactoring and struggles for a couple of weeks to make sure it was done right. [programmableweb.com]Use JWT The Right Way! JSON Web Token (JWT) is a useful standard becoming more prevalent because it sends information that can be verified and trusted with a digital signature. In their most basic form, JWTs allow you to sign information (referred to as claims) with a signature and can be verified at a later time with a secret signing key. The spec is also designed with more advanced features that help against man-in-the-middle and replay attacks. [stormpath.com]Stop using JWT for sessions Unfortunately, lately I've seen more and more people recommending to use JWT ( JSON Web Tokens) for managing user sessions in their web applications. This is a terrible, terrible idea, and in this post, I'll explain why. Just to prevent any confusion, I'll define a few terms first: Stateless JWT: A JWT token that contains the session data, encoded directly into the token. [cryto.net]API Versioning Methods, a Brief Reference - DZone Integration Take control of your APIs and get a free t-shirt when you complete the 3step Challenge, brought to you in partnership with 3scale. This post lists the most common methods in use to version your API. [dzone.com]Writing OpenAPI (Swagger) Specification Tutorial - Part 7 - Documentation Previous posts showed how to write a highly accurate description of an API interface contract with the OpenAPI specification. But an interface contract, no matter how brilliant, is nothing without some explanations. A fully documented OpenAPI specification file can provide some useful information and be used as a part of an API's documentation. [apihandyman.io]7 Ingredients That Make Up a Superb Developer Center What is a consistent attribute across successful API programs? They all have awesome developer portals. Good API documentation is easy to navigate and understand, but the best, shining developer center pushes onboarding and actual implementation to new levels of usability, to the point where integrating the API becomes as simple as cake - well, at least as simple as technically possible. by Bill Doerrfeld [nordicapis.com]RESTful API Design Essentials That All SOA Developers Should Know APIs are the foundation of a Digital Business, but how to amass just the right APIs in critical mass? Here are 11 bits of advice to help your company transform your IT staff's SOA experts into API superstars. Our thanks for this thoughtful list of API tips from Laura Heritage, director of API strategy at Akana. [idevnews.com]Google Sheets and Slides Earn New APIs Google hopes enterprise and education app writers will take advantage of new tools being added to its Google Docs platform. Specifically, Google Sheets and Google Slides gain new APIs that expand the toolset available to developers to create powerful features. Google also promised new enhancements to the Classroom API for school admins. [programmableweb.com]Introducing BriteVerify for SendGrid Tired of crossing your fingers that your emails don't bounce after you hit send? We don't blame you. 2.1% of all emails decay each month and many marketers only clean their lists as a result of poor campaign performance or, even worse, when a blacklist crisis strikes. by Matt McFee [sendgrid.com]Write The Docs 2016 Recap In the end of May, I attended Write the Docs (WTD) 2016 in Portland, and what a conference it was. While I didn't make it on Saturday for the hike, I think it's awesome that a conference has a group hike together. [circleci.com]Presentation: Hypermedia Web API as a Network of Data Todd Brackley discusses accessing the "network of data" through a RESTful hypermedia API, exposing it to developers, testers, analysts and clients. [infoq.com]Presentation: How to Create Genuine Value for Internal and External API Consumers Summary Steven Willmott looks at how APIs' value helps genuine success for an API program and an organization's platform initiatives as a whole, including examples and takeaways. Steven Willmott is one of the world leading technologists in the API Infrastructure field. He is co-founder and CEO of 3scale Inc. [infoq.com]Presentation: APIs, Spreadsheets & Drinking Fountains: Using Open Data in Real Life Shelby Switzer discusses success stories and failures of using the public data provided by governments, along with techniques for making such data usable. [infoq.com]API Digest #46: Who is Really Responsible for API Security? It has been 2 weeks since API Digest #45 came out. Wondering what the API community has been up since that time? Read our new portion of fresh API news and articles to learn: the difference between an API and an SDK, RESTful API design essentials, that all SOA developers should know, how to bind all your API tests together, what upcoming web API events to visit, and more. [api2cart.com]Upcoming Web¬†API¬†Events A list of upcoming Web¬†API¬†Events, maintained by¬†Matthew Reinbold The Business of APIsThe Other API Economy If you've been paying attention (and I know you have) then you've heard about "The API Economy." That's the move from more traditional, middleware-based integration to the use of APIs as both integration and business model. [f5.com]XML is toast, long live JSON XML was useful in its time, but it has been supplanted by faster, more flexible formats. by Andy Patrizio [cio.com]This Is Why No One Cares About Your Product And The Secret To Building Products People Understand If you're like me and love seeing new apps and products, you probably poke around on Product Hunt -¬†every day. Let's say you find something that sounds interesting - like a product from a new startup that is (once again) trying to re-invent email marketing. by David Cancel [medium.com]
(Un)Related TopicsWhat's this #serverless thing anyway? - A Cloud Guru Engineers who build serverless systems aren't just replacing traditional back-end servers with function-level compute services like AWS Lambda - they are leveraging a vast array of 3rd party services & cloud services to orchestrate powerful, complex systems with a small amount of glue code. by Sam Kroonenburg [read.acloud.guru]Serverless Reference Architectures with AWS Lambda Building your applications with only managed components has become very popular, and AWS Lambda plays a crucial role in that. I see a tremendous interest in examples how to build such applications, and articles such as " The Serverless Start-Up - Down With Servers!" about teletext.io are read eagerly around the globe. [allthingsdistributed.com]From the Enterprise Service Bus to Microservices - The New Stack Dealing with legacy is one of the most common areas of conversation we have around "cloud native" and Pivotal Cloud Foundry. I wrote up a basic framing for how to think of legacy applications last year as part of my cloud-native journey series, and in reviewing talks for the upcoming SpringOne Platform conference I've noticed ... by Michael Cote, Joab Jackson, Mike Melanson [thenewstack.io] Want to share something? As always, if you want to chat, share a link, or make a suggestion, feel free to drop us a quick note using Twitter (@launchany¬†and @caseysoftware) or by emailing us at:¬†email@example.com.