The Advanced Encryption Standard (AES) is a specification for how electronic data should be encrypted that was published by the National Insitute for Standards in Technology (NIST) in the U.S. in 2001 https://www.thoughtworks.com/insights/blog/privacy/illustrated-guide-advanced-encryption-standard?utm_medium=email&utm_source=marketo&mkt_tok=MTk5LVFERS0yOTEAAAGTfWHXbMeay5dEA78XJDcrELbG96ewhrXEctQc2eHKwAZXhDiPTQAc3VfKce7JKG_WxHuTk8JSwgDCi3K26nb3Zo9UfC7qi7F7eGy_k_KMJVVombQ

https://noti.st/christosgkoros/62Hs9L/testing-openapi-definitions-for-better-and-consistent-apis Here, I present how we test APIs described with the OpenAPI standard internally at Postman. We will cover the objectives of testing, which include ensuring correct structure, completeness, consistency, uniformity, style, and documentation. Additionally, we will explore the tool used for testing, Spectral, and where testing fits in our software delivery lifecycle. Furthermore, we will discuss the challenges we faced, such as testing the tests, scaling the number of tests, and scaling the number of engineering teams involved, and how we overcame them.

A list of key finding to illustrate the impact of AIP Guidelines in the areas of API consumption and API production: API Production: Increased Requirement Fulfillment: A controlled developer experiment showed that developers using API Improvement Proposals (AIPs) and an API linter achieved a 10% higher requirement fulfillment rate compared to those without any protocols. Feedback Utility: Among developers using the linter tool alongside AIPs, 75% found it beneficial, aiding significantly in refining their API designs.

The role of API Designer can evolve from Product Design or Architecture. API Designers should understand Product, UX, DX, technical and architectural constraints. https://brunopedro.com

An idempotent POST is a concept, useful in payment API scenarios. The API provider wants to ensure that if an API call to make a payment fails during execution – such as in timeout scenarios where no discernable HTTP response is returned to the client – subsequent attempts do not result in a duplicate payment instruction submitted. Idempotency is achieved by requiring the client to submit the same instruction with an identifier that signals to the API provider that they might have seen this instruction before.

APIs are Forever When a social media post graces the internet, it leaves a permanent impression on web users thereafter — that’s to say, it remains visible and “on the record” until the end of days. A similar thing happens with AWS’ APIs, though those outcomes are more intentional. When AWS introduces an API, Vogels believes that this API must remain ever-present and largely unchanged. Once companies fundamentally change or remove a longstanding API from general availability, business customers who’ve built atop it will suffer.

Strengths of JSON Merge Patch: Easy for users to understand and implement. Naturally idempotent Well-defined semantics Robust to versioning Shortcomings of JSON Merge Patch Cumbersome to modify array values

What is an API design specification? A collection of patterns (with examples) Rules about how to apply them Tests to automate compliance

An important quality of API design is minimalism, also called #orthogonality. This is a quality shared with programming language design as well. Adding new terms or concepts complicates the design. It adds rules, exceptions, and quirks, thus making it harder to learn. An example is the famous “verb in the resource name” dilemma.

Lay out the Context An API does not live in isolation. It is part of business, involves people, and may sit next to other APIs. All these are necessary to scope and design the API. Instead of that, you could create many integration pipes. It would be difficult to understand them all in a few years. Input: Interviews, relevant api designs, business & architecture diagrams, engineering docs. Identify the nonfunctional requirements Review the security model & performance expectations.

For the last year, I have been working on what “better API design” means. How can we better design the public and our internal APIs? The term that comes to my mind to define this is maturity, thus API design maturity. What is API design maturity, then? When I searched on Google, most of the results were about the Richardson Maturity Model. Some results may refer to API-First and how an organization generally treats APIs.