This is issue 2022.17 of the API Changelog, a weekly mix of API news, commentary, and opinion. In this issue, you’ll get to know the most relevant API-related information from the weeks of April 18, 2022, and April 25, 2022. Subscribe now, so you never miss an issue of the API Changelog.
Funding and M&A
Coherent, a no-code SaaS provider, raised $75M in a Series B round. Maverick Capital led the investment, with participation from Owl Rock Capital, GreatPoint Ventures, and Cathay Innovation, among others.
NovoPayment, a Banking-as-a-Service company, raised $19M in a Series A round. IDC Ventures and Fuel Venture Capital led the investment, with participation from Visa Ventures, Endeavor Catalyst, and Bossa Nova Investments.
Symmetrical.ai, a payroll tech provider, raised $18.5M in a Series A round. Target Global led the investment, with participation from Partech, Market One Capital, and Global Founders Capital, among others.
Sanjit Mohanty wrote “The Pillars of an API Product.” This article starts by exploring the notion of API Product, first mentioned in the Continuous API Management book. The author then explores the interfaces, implementations, and instances, as the three pillars of an API Product.
David Feuer and Vikas Anand published “7 trends to watch in the API economy.” This report was prepared by the Google Cloud team and describes how the authors see the API economy evolving. According to the piece, API security, microservices, and event-driven architecture, among others, are the things to watch.
Darshan Shivashankar wrote “API-first cross-collaboration: The secret of any API monetization strategy.” In this article, Darshan shares how you can use collaboration to build an effective monetization strategy. According to the author, “how you choose to enter the API economy will depend entirely on the product on offer and the model you decide for scaling and selling that product.”
Steve Rodda wrote “Design-First Approach to API Development: How to Implement and Why It Works.” In this piece, Steve draws the differences between the code-first, API-first, and Design-first approaches to API development. The author then shows the benefits of the Design-first approach and how you could implement it.
Abdallah Abedraba wrote “From Design-First to Automated Deployment with OpenAPI.” In this article, Abdallah starts by explaining what Design-first API development means. According to the author, the “Design-first approach enables you to include multiple stakeholders from your organization early in the process.” Finally, the author shows how you can apply the Design-first philosophy to your Kubernetes cluster.
Colin Wren wrote “How to Add an API to Your Neo4J Graph with @neo4j/graphql.” In this article, Colin explains how you can expose a Neo4J Graph as an API. According to the author, “The @neo4j/graphql library creates a really powerful API on top of Neo4J that makes it really easy for those with little graph database experience to build apps.”
Rita Kaufman wrote “Keeping Swagger documentation in sync with SwaggerHub API & the GitLab pipeline.” This piece shows you how you can set up a GitLab pipeline to keep your OpenAPI file synchronized with SwaggerHub.
Yang Zhou wrote “7 Uses of cURL: Testing Your APIs Conveniently.” The author shares different cases where using cURL makes sense, including setting HTTP headers and cookies, and saving responses to local files.
Lima Vadakara wrote “Learnings from a Microservices Migration journey.” In this piece, the author shares their journey of building a product catalog microservice running on Google Cloud. Lima shows how the use of Key Decision Records is useful for the team and also for the stakeholders. Additionally, the author shares the importance of understanding bounded contexts, owning API exposure, knowing your consumers, and designing for change, among other aspects.
Wojciech Matuszewski wrote “Processing large payloads with Amazon API Gateway asynchronously.” This article explains how the Amazon API Gateway limits the payload size to 10 MB and how that limit is even lower (6 MB) when you’re using AWS Lambda functions. The author then shows how you can use AWS S3 resigned URLs to temporarily store payloads that are then consumed by your Lambda function.
Jens Neuse wrote “GraphQL Subscriptions: Why we use SSE/Fetch over Websockets.” In this piece, Jens shows the difference between GraphQL subscriptions and Websockets. The author explains the challenges of each approach and recommends staying away from Websockets because they “come with a lot of problems regarding security and performance.”
Help Net Security published “41% of businesses had an API security incident last year.” This study reports the types of API security incidents that survey respondents mentioned, and shares that the most common challenges are related to “broken authentication, authorization, and accidental disclosure or breach of data.” See additional coverage on TechRadar.
Chris Odogwu wrote “8 Best API Security Practices to Safeguard Your Network.” In this article, Chris goes through a list of API Security that can be considered good practices. The list includes authentication and authorization, request validation, and rate-limiting, among others. According to the author, “implementing a proper API strategy seems overwhelming, but the process is more precise than you can imagine.”