This is issue 2022.10 of the API Changelog, a weekly mix of API news, commentary, and opinion. In this issue, you’ll get to know the most relevant API-related information from the week of March 7, 2022. Subscribe now, so you never miss an issue of the API Changelog.
Funding and M&A
Stilt, a financial services provider, raised $114M in a combined Debt Financing ($110M) and Series A round ($14M). Link Ventures led the investment, with participation from Petrushka Investments, Hillsven Capital, and Bragiel Brothers, among others.
Canonic published “Generating APIs for your business with Low-code/ No-code Platforms.” This article goes through the Canonic low-code tool and how it can help you integrate APIs.
Curacel announced the release of an insurance API platform. According to TechCrunch, “The API-based tool, dubbed Grow, has so far been integrated with 22 tech entities, enabling them to either bundle their main products with insurance packages or offer insurance as a standalone service.”
David Castro wrote “How to design an API.” In this guide, David walks you through the creation of a Design document of an API. According to the author, “an effective API design should be based on its overall corporate strategy and contribute to its objectives.”
Allen Helton wrote “The Importance of Proper Serverless API Design.” Allen shares his view on the influence of REST API Design and NoSQL data modeling over application behavior. The article explores a case of API Design on a serverless platform. According to the author, API Design “is all about paying for what you use, and you don’t want to unnecessarily be paying for reads that you are never going to use.”
Ifeanyi Iheagwara wrote “A Beginner’s Guide to API Governance.” This piece explains why API Governance matters and how you can get started. The author shares that the five principles of API Governance are consistency, predictability, security, interoperability, and quality. According to Ifeanyi, “The consequences of neglecting some of these principles can be disastrous.”
Jayadeba Jena wrote “An API Style Guide through the lens of API Architecture.” The author goes through an approach to building an API style guide, starting from an architecture perspective. According to Jayadeba, “you should always ensure that the domain model and the domain business logic are not leaked as-is to the interfaces.”
Medianova published “Service Mesh vs. API Gateway.” This article gives you an overview of the main differences between a Service Mesh and an API Gateway. It describes the capabilities offered by each of the two architectural styles.
Tushar Gupta wrote “Standardization & Governance of API logs.” In this article, Tushar gives an example usage scenario and explains how you can use tools like TLogger and Footprint to enable rich logging of your microservices. One interesting detail is that “the PII hiding feature takes away the pain of manually hiding sensitive information application-wise.”
Pratikraj Rajput wrote “Refined Code: Structuring REST API.” In this article, Pratikraj proposes a way to structure the code of a TypeScript REST API. The author goes through the folder structure, the HTTP methods and parameters, the status codes and responses, error handling, and using constants.
Marcin Baraniecki wrote “Translating API responses into type-safe interfaces with TypeScript.” This article gives you an overview of how to map API responses to TypeScript. The advantage is, according to Marcin, that it “lets us avoid defensive programming style ‘later’ in the code.”
QE Unit published “How To Make Continuous API Testing In Quality Engineering.” This piece explains why it’s important to have continuous API testing in QA. Additionally, the authors explain how to implement a full pipeline involving quality at different steps.
Julia Evans wrote “How to use undocumented web APIs.” In this article, Julia shows ways to discover how you can make requests to an API even if you don’t have any documentation. The author reminds you that “everyone has developer tools and the network tab, and it’s pretty easy to see which parameters you’re passing to the backend and to change them.”
Goutam Nath wrote “How to Hide API Keys Using GitHub Actions Secrets.” In this piece, Goutam explains that GitHub actions are easy to use, but you should take care of the API keys that you’re using. The author explains how you can safely store API keys using GitHub actions, so they don’t get leaked.
Takahiro Oda wrote “OWASP Top 10: API Security Basics.” In this article, Takahiro goes through the security principles of simplicity, zero trust, defense in-depth, and least privileges. The author then explains what the core of API security is and why it is critical.
Ted Spence wrote “Caching strategies for authentication.” The article explains how to maximize the performance of your API authentication without compromising security. Ted explains how caching can be used in the context of authentication and shows code examples of how you can do it.