Brankas Raised $20 Million, API Integration, Asynchronous APIs

This is issue 2022.01 of the API Changelog, a weekly mix of API news, commentary, and opinion. In this issue, you’ll get to know the most relevant API-related information from the week of January 3, 2022. Subscribe now, so you never miss an issue of the API Changelog.

Funding and M&A

BlockSpaces, a blockchain integration platform, raised $5.75M in a Seed round. Leadout Capital led the investment, with participation from GTMFund, Brighter Capital, and BlockFund Ventures, among others.

Brankas, a fintech startup, raised $20M in a Series B round. Insignia Ventures Partners led the investment, with participation from Beenext, Integra Partners, and Visa, among others.

Pico, a fintech provider, announced the acquisition of Redline, a trading solutions company. The acquisition adds Redline’s ultra-low latency trading APIs to Pico’s product portfolio.

Announcements

Hasura, a GraphQL platform, announced that they launched a new Data Hub, bidirectional REST API connectors, and support for Google Cloud.

HERE, a location data and technology platform, and Migros, a Swiss retailer, announced the launch of CO2 Insights. The solution “was developed by Swiss retailer Migros and its strategic partner Empa, a research institute for materials science and technology within the ETH (Swiss Federal Institute of Technology in Zürich), relying on HERE location data and services.”

Salsify, a commerce experience management platform, launched an integration with the Amazon Selling Partner API. The new integration helps retailers achieve faster publishing times on Amazon while receiving real-time feedback about data requirements.

Elipsa, an AI platform, launched its API sandbox. With the sandbox, “users will be able to access a series of Elipsa’s APIs for free to build and test predictive solutions.”

ClearBlade, an IoT edge computing platform, announced the availability of Butterfly, the latest release of their universal IoT platform. New features include API and message throttling, and Edge Sync APIs, allowing enterprises to control the flow of data to and from devices.

Fintech

The Payers ran an interview with Marcilio Oliveira from Sensedia to explore how APIs are a big part of Open Banking. According to the interview, “third parties that encounter unresponsive interfaces or difficult coupling processes will have to overcome connection barriers. APIs allow a smooth transition with easy onboarding, reducing development cycles.”

According to The Payers, the Financial services of the Moscow Exchange and Sravni.ru have announced they will take part in pilot projects of the Russia FinTech Association (RFA) to create services using open APIs. The hope is that they will be able to increase the speed and quality of integration with third parties.

Sahil Verma wrote “The Future of Payment & Gateway Processing.” The article explores how biometric authentication, mobile payments, NFC, AI, the blockchain, and other technologies are shaping the future of payments.

API-first

Rashida Haji wrote “API Specifications & Architecture.” In this piece, Rashida explains what APIs are and describes several design styles according to their type. Rashida shares a matrix that can be used to grade API design styles according to factors such as efficiency, tooling, and security.

Shashank Singh wrote “API-First Approach for API Design.” Shashank starts by describing what API-first is and then navigates through its benefits. According to the author, “treating APIs as first-class citizens avoids a lot of back and forth discussion post-development, which might result in delays and costs.”

Yedukrishnan R published “What is API-led Connectivity?” In this article, Yedukrishnan explains the concept of API-led connectivity and how it promotes the reuse of APIs.

Management

John Kelleher wrote “Software integration? What does that even mean?” John unpacks the concept of integration into what new functions it provides to the integrated software. According to the author, you should think first about use cases and how that can be accomplished through an integration.

Govind Malviya published “Are You Thinking of Token Management for Your API Product? Think about JWT!” In the article, Govind goes through the advantages of using JWT. “JWT is not inherently secure, but the use of JWT can ensure the authenticity of the message so long as the signature is verified and the integrity of the payload can be guaranteed.” JWT is often used for information exchange, and authentication, according to the author.

Chris Tozzi wrote “Open vs. closed APIs: 4 crucial factors you should examine.” Chris explains what the differences between open and closed APIs are and how they can affect security, usability, versioning, and error handling.

Pronovix published “The Developer Portal MVP.” In this article, the author goes through the essential components of a developer portal MVP. According to the author, “an MVP for providing documentation in a developer portal should provide developer users the way to find the essential answers to what the portal is about, how they can get started coding, where to find the code and look for help if they get stuck.”

Roman Wagner wrote “Tooling Overview for API Testing (SAST, DAST, IAST, Fuzzing).” In this piece, Roman describes the different API testing techniques and what tools are available. The author recommends that you use “multiple testing methods that complement each other.”

Practice

Michael McManus published “Using the U.S. Census Bureau API with Python.” The article is a step-by-step guide to using the U.S. Census API and uses concrete examples of the type of data you can obtain.

Eric Newcomer wrote “How to Use the AsyncAPI Standard for Real-Time APIs.” In this piece, Eric explains the differences between a typical API and a real-time API and shows how you use the AsyncAPI standard.

Siddhant Varma published “API vs. Webhooks: How to Know When to Use Each.” Siddhant by describing how APIs and webhooks are different and then shows you when to use each solution. According to the author, “Webhooks are an attempt to optimize your workflow where an API might add some unneeded complexity. However, they’re not here to replace APIs in any way whatsoever.”

Security

Salt Security found a “serious GraphQL security hole.” The company found a GraphQL authorization vulnerability in a Fintech platform.

Cloudflare published “What is the OWASP API Security Top 10?” The article lists the OWASP API Security top 10 and explains each item in detail. The author highlights that “there is some crossover between the OWASP Top 10 list and the OWASP API security top 10 list. Developers should take both lists into account.”