Integration Digest: March 2025

Articles

🔍 2025 State of Internal Developer Portals

This report details the current challenges faced by engineering teams regarding internal developer portals. It outlines issues such as tool sprawl, delays in obtaining DevOps support, and developer dissatisfaction with existing self-service tools. The findings serve as a basis to understand the increased interest in adopting internal developer portals.

🔍 API Audits and Security Testing: Best Practices

This article emphasizes the importance of conducting regular API security audits and testing. It reviews the high costs of API breaches globally and provides guidance on implementing effective audit protocols, vulnerability assessments, and the use of specialized security tools to enhance API protection.

🔍 API Design Basics: Rate Limiting

The article explains the concept of rate limiting in API design as a method to control client request volume and protect system performance. It reviews various strategies, such as token bucket and fixed window techniques, as well as standard HTTP responses like the 429 status code for managing client requests.

🔍 API Governance. Principles for Effective Enterprise API Governance

This article examines the core principles of effective API governance in an enterprise setting. It discusses the need for a federated governance model that balances domain autonomy with organizational consistency, along with insights into lifecycle management and runtime policies that contribute to a secure and cohesive API ecosystem.

🔍 Evaluating the Default Spectral API Governance Ruleset

The article evaluates Spectral’s default API governance ruleset, covering aspects such as metadata, contracts, licensing, and schema management. While it provides basic coverage, the analysis suggests that the ruleset may require further development to address more comprehensive governance needs.

🔍 From Here to There, from Where to Here

This article explores various patterns for utilizing query parameters in web APIs, focusing on their use as filters and for parameterizing operations. It discusses different interpretations of query parameters and recommends maintaining consistency in their design without revealing backend implementation details.

🔍 Hetty: Open-source HTTP toolkit for security research

Hetty is described as an open-source HTTP toolkit designed for security research purposes. It offers features such as a MITM proxy, request/response interception, and scope management. The toolkit is intended as a free alternative for penetration testers, security professionals, and bug bounty hunters and is available on GitHub.

🔍 Improving Cross-Team Collaboration with API Documentation

The article discusses how effective API documentation can serve as a collaborative tool across different teams. It outlines strategies for developing comprehensive documentation standards and utilizing collaboration tools to bridge communication gaps between technical and non-technical stakeholders.

🔍 Mark Little's WebLog: Red Hat Middleware moving to IBM

This article covers the consolidation of Red Hat Middleware with IBM's Java middleware teams. It explains the strategic rationale behind the merger while noting the concerns regarding the preservation of Red Hat’s culture and open-source approach during the transition process.

🔍 Migrating from OpenAPI 3.0 to 3.1

The article outlines the migration process from OpenAPI 3.0 to 3.1, highlighting significant breaking changes such as enhanced JSON Schema support and modifications in key properties. It discusses the risks and challenges associated with the migration, particularly for tool maintainers responsible for numerous API descriptions.

🔍 The Perfect Modern OpenAPI Workflow

This article presents a comprehensive workflow for working with OpenAPI, designed to reduce redundant tasks in API development. It details a Git-centric process divided into design, governance, and deployment phases, emphasizing the role of continuous integration in ensuring consistency between code and documentation.

🔍 The Salesforce API Journey: A Deep Dive|

The article provides a deep dive into the evolution of Salesforce’s API strategy. It reviews the transition from a product-oriented approach to a platform-centric ecosystem, highlighting historical developments, including early API implementations and subsequent advancements in API technologies.

🔍 Three Meaningful API Metrics

This article identifies three key metrics—Time to First Call, number of breaking changes, and uptime—that are critical for measuring API performance. It explains how tracking these metrics can help API providers assess performance and identify areas needing improvement through a structured framework.

Apache Camel

🔍 Camel Observability Services

This article introduces a new observability component in Apache Camel version 4.9.0. By integrating this component, users gain consolidated access to metrics, health checks, and tracing functionalities, including Prometheus-ready metrics and customizable health endpoints via application properties.

Apache Kafka

🔍 Apache Kafka® Tiered Storage in Depth: How Writes and Metadata Flow

The article provides an in-depth explanation of Apache Kafka’s Tiered Storage feature. It describes how data is managed across local (hot) and remote (cold) storage tiers, explaining the process of segment upload, metadata management, and the role of plugins in handling tasks like chunking, compression, and encryption.

🔍 How To Set The Right Apache Kafka Batch Size

This article discusses how properly configuring Apache Kafka’s batch size can improve performance and reduce cost. It reviews the tradeoffs between larger and smaller batches, explains relevant configuration parameters, and recommends testing and tuning adjustments based on current utilization.

🔍 How to size Apache Kafka® clusters for Tiered Storage: Part 1–A Kafka performance model for SSDs, network, and I/O

This article examines performance modeling for Apache Kafka clusters using Tiered Storage. It uses visual diagrams and various workload scenarios to illustrate the impact of Tiered Storage on network and I/O overhead, particularly when comparing local-only storage to configurations that include remote storage.

🔍 How to size Apache Kafka® clusters for Tiered Storage: Part 2

Continuing the exploration of cluster sizing for Tiered Storage, this article compares the performance of SSDs and AWS Elastic Block Store (EBS). It analyzes network bandwidth requirements and provides calculations for the minimum number of brokers needed based on different workload scenarios.

🔍 Kafka Streams 101: Memory Management

The article explains how memory is managed within Kafka Streams applications, discussing the allocation across heap, off-heap, and page cache. It offers guidance on configuring memory limits to avoid crashes and performance bottlenecks, along with strategies for monitoring memory usage.

🔍 Kafka Streams 101: Optimizing your apps for maximum performance

This article provides a guide to optimizing Kafka Streams applications for improved performance. It examines factors such as parallelism, stateful processing, caching, and serialization overhead and offers practical techniques like optimizing topology design and lazy deserialization to achieve higher efficiency.

Azure Logic Apps

🔍 Public Preview Refresh: More Power to Data Mapper in Azure Logic Apps

This article covers the Public Preview refresh for Data Mapper in Azure Logic Apps (Standard). It details how key capabilities from the legacy experience, such as XSLT and XPath support, have been integrated into the new user interface, along with added features like Dark Mode compatibility.

🔍 Scaling mechanism in hybrid deployment model for Azure Logic Apps Standard

The article explains how Azure Logic Apps Standard manages scaling in a hybrid deployment model. It focuses on the role of KEDA in automatically adjusting resource allocation based on workload, describing the architecture, including key components like KEDA operators, scalers, and scaled objects, with practical insights on monitoring scaling behavior.

Gravitee

🔍 Kafka Gateway: How-to Leverage Virtual Topics in Gravitee Kafka Gateway to optimize Kafka costs

This article explains how Virtual Topics in Gravitee Kafka Gateway can be used to optimize Kafka costs. It describes the creation of a virtual layer that enables multiple clients to access physical topics without additional infrastructure, thereby streamlining cost management and adhering to established security and governance standards.

🔍 Unlocking Peak Performance: Gravitee’s API & Event Stream Management (AESM) and Performance Testing in Action

The article details the performance testing approach for Gravitee’s API & Event Stream Management platform using Azure Kubernetes Service. It discusses architectural optimizations, benchmark results for key API functions such as key validation and rate limiting, and how these optimizations contribute to improved throughput with minimal latency.

Kong

🔍 Introducing the New Kong Konnect Dev Portal

This article presents the new Kong Konnect Developer Portal, now available in public beta. It focuses on features designed to enhance the API discovery and developer experience, including deep customization options, an OpenAPI 3.x spec renderer, interactive documentation, and streamlined publishing flows.

Mulesoft

🔍 How to Integrate MuleSoft APIs With API Catalog

This article outlines a four-step process for integrating MuleSoft APIs with an API Catalog. The process includes activating API actions, managing permission sets, creating new agent actions, and integrating these actions within a workflow to facilitate streamlined interaction with Mule API operations.

Solace

🔍 Introducing Solace Schema Registry (Beta)

The article introduces the beta version of the Solace Schema Registry. It describes a centralized system for managing schema definitions across various formats such as Avro, JSON Schema, and Protobuf, with features that support validation, compatibility, and consistency in event-driven systems.

Releases

🚀 Apache Kafka 4.0

This release announcement describes Apache Kafka 4.0, noting its move to run entirely without ZooKeeper by default in KRaft mode. The release includes several enhancements such as improvements in consumer group protocols, early access to queue functionalities, and updated Java requirements for different components.

🚀 Kong Insomnia 11

This release announcement introduces Kong Insomnia 11, which brings notable improvements for API development. Enhancements include third-party vault integrations for secure secrets management, project-level Git synchronization for collaboration, and multi-tab support for managing multiple tasks efficiently.

Books

📚 API Management with Bruno: Postman’s Super-Alternative to Build, Test and Deploy APIs in Multi-Cloud Environment by Lyria Tharax

This book provides a practical guide for API practitioners on using Bruno as an alternative tool to manage the complete API lifecycle. It covers topics ranging from API design and testing to deployment and monitoring, along with integration strategies with platforms such as AWS, GitHub, and Jenkins.