Integration Digest: March 2024
Articles
π API Contracts - an Extended Introduction
This article emphasizes the crucial role of API contracts in system integration, secure interaction, and detailing data formats and constraints. It further underscores the importance of complete documentation, systematic testing, and simplicity in delivering efficient API contracts.
π AS2 vs SFTPβWhatβs the difference?
The article contrasts AS2 and SFTP, both secure file transfer protocols, highlighting their different use cases, such as business-to-business exchanges for AS2, and secure file sharing for SFTP. The article also discusses unique features of each protocol, including non-reputable MDN receipts for AS2 and two-factor authentication via public keys for SFTP.
π Benefits of Protobufs For Internal Microservices
The article details the advantages of language-neutral Protobufs for structuring data exchange between services, focusing on their efficiency and compatibility with internal microservices, thus making them a preferred choice among developers.
π Benchmarking Grafbase vs Apollo vs Cosmo vs Mesh
This article analytically compares GraphQL gateways including Grafbase, Apollo, Cosmo, and Mesh with metrics such as CPU usage, memory consumption, and query response times. The article finds Grafbase outshining its counterparts in most benchmarks due to its efficient data caching and reduced memory allocation.
π Crafting an Excellent Developer Experience for API Versioning
This article advocates for transparent communication and technical solutions for creating a positive API versioning developer experience. The article recommends establishing a source of truth, using metadata and planning for deprecation.
π Is GraphQL Easier to Govern Than REST?
The article debates API governance complexities comparing GraphQL and REST APIs, suggesting the former to be easier to govern due to its single access point and defined schema. It also represents implementing GraphQL APIs might need thorough planning due to their potential complexity.
π Spectral OWASP API Security Ruleset
The article elaborates on the updates in the OWASP API Security Top 10 list and new rules in Spectral OWASP API Security Ruleset to ensure a thorough protection of APIs, including aspects like short-lived access tokens, admin security, and unsafe API use.
π The API platform maturity model
The article explores the functionalities of an API platform, addressing its creation challenges and introducing an evaluation model to assess an API platform's maturity, which could guide organizations in their API platform improvement efforts.
π There Are Only 6 Constraints in REST, Letβs Use Them All
In this article, the author suggests how an emerging open standard, HyperMap, could enhance REST APIs capabilities using code on demand. The argument points towards sending server code to the client side for better performance, holistic integration of REST, and streaming endpoints, and enabling pre-processing at the client side.
π Understanding The Benefits of API Observability
The article explores API observability and its benefits, distinguishing between monitoring and observability. The writer highlights that observability provides a holistic view of an API's performance, stability, and functioning.
π Using GitHub To Manage Your OpenAPIs
The author investigates the ways industry leaders like Stripe, OpenAI, Azure, Amazon Partners are using GitHub to manage their OpenAPIs. He pinpoints the advances demonstrated by Digital Ocean and discusses common characteristics of using GitHub for OpenAPI administration, aiming to standardize GitHub's OpenAPI management.
π Using oasdiff to Detect Breaking Changes in APIs
This article introduces oasdiff, a developer tool used to detect significant alterations in APIs. The tool works by comparing OpenAPI specifications, or documents that describe APIs, and can be run either as a command-line tool or a Go package.
Apache APISIX
π Secure Your API With These 16 Practices With Apache APISIX (Part 2)
This article discusses 16 different practices that can be used to improve API security with Apache APISIX. Some of the important points from this article are that encryption is necessary to protect communication channels, and error handling should be implemented to avoid leaking sensitive information.
Apache Camel
π Migrating from Red Hat Fuse to Red Hat build of Apache Camel
This article describes a solution pattern to simplify migration from Red Hat Fuse to Red Hat build of Apache Camel. The pattern includes templates and instructions to reduce the effort required.
Apache Kafka
π Best Practices for Confluent Schema Registry
The article provides detailed best practices for using the Confluent Schema Registry, ranging from understanding schema IDs, subjects, versions, and data contracts, to schema normalization, pre-registering schemas, using schema composition, and understanding compatibility levels. It delves into more complex aspects like schema migration rules, data quality rules, and the implications of schema deletion, warning against the mutation of schemas and discussing potential workarounds.
Mulesoft
π Distributed Tracing for Anypoint Monitoring
This article discusses distributed tracing for Anypoint Monitoring and its benefits. Distributed tracing helps troubleshoot complex systems by adding tracking metadata to requests as they move through the system.
π Export Anypoint Monitoring Data With Telemetry Exporter
This article describes Telemetry Exporter, a new tool that helps integrate Anypoint Platform with third-party monitoring tools for centralized monitoring and easier access to monitoring data. Telemetry Exporter is currently available for applications deployed on CloudHub 2.0.
Postman
π Document your API like a pro: Postman Collection best practices
This article provides best practices for writing documentation for Postman Collections, emphasizing the importance of clarity, conciseness, and informative content. It recommends using templates, style guides, and consistent formatting for well-organized documentation.
Releases
π Apache Camel 4.5
It highlights the core improvements in Apache Camel 4.5, focusing on added features and specifications, e.g., intermediate route hiding, user-route showcasing, and profile integration.
π Microcks 1.9.0
This version covers new features included in version 1.9.0 of Microcks, such as AsyncAPI v3 support, OpenTelemetry, and GraalVM native image. These features contribute to benefits like speedy startup times, improved observability, and event-driven architecture mocking.
Books
π API's Explained by Owen Rubel
A former Amazon employee unveils the secrets of developing API backends, delving into various security tools needed for creating a secure API backend. The book focuses mainly on PROACTOR and REACTOR patterns and is aimed at software engineers wanting to better comprehend APIs.
π APIs For Beginners: A Beginner's Guide to Mastering APIs with Python and Real-World Examples by Anthony Foster
This comprehensive guide strives to streamline the intricacies of Application Programming Interfaces (APIs) with a clear, practical approach. Using real-world examples along with Python-oriented exercises, it aims to help readers master APIs and their significance in modern software development.
π Modern API Design with gRPC: Efficient Solutions to Design Modern APIs with gRPC Using Golang for Scalable Distributed Systems by Hitesh Pattanayak
This guide presents an extensive overview of constructing scalable and efficient distributed systems using gRPC. Covering everything from basic concepts to specific security measures, supplemented by real-world examples and case studies, the book aims to foster an in-depth understanding of gRPC.
Subscribe to my newsletter
Read articles from Stanislav Deviatov directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Stanislav Deviatov
Stanislav Deviatov
I'm Solution Architect at EPAM Systems