When I was growing up, I loved playing the classic 1993 game DOOM. This is why recently, as part of a talk I gave at APIs and IPAs, I decided to do a demo of how I embedded a RESTful API into DOOM, allowing the game to be queried and controlled using HTTP and JSON.
I wrote the entire API specification for the project in RAML––a RESTful API Modeling Language based on YAML that allows you to create standardized,
Cybersecurity solution provider Trend Micro has issued a report that highlights how chat platform APIs can and are being used by cybercriminals to achieve their nefarious objectives.
Because of the degree to which Webhook APIs are involved (an API attack vector not previously discussed on ProgrammableWeb), the warnings and incidents should serve as a wake-up call to API providers and developers when it comes to the sorts of best practices and ongoing vigilance it takes to fully secure their customers and systems.Provided that the incentives are worth it,
In my role at MuleSoft, I advise federal agencies and commercial businesses in connecting their applications, data, and devices. Those conversations center around building modern Application Programming Interfaces (APIs) to create new capabilities. A modern API is one that enables systems to exchange information securely using broadly adopted standards like REST and JSON.
These days there are APIs for nearly everything, like an API for your thermostat. I can change the temperature in my house from my phone or my smartwatch using an application that interacts with my thermostat’s API.
An API fragment is a portion of an API specification, which is why understanding it starts at the API specification level. An API spec consists of a plan of how your API should look structurally – like a blueprint of a house.
The API spec documents what an API does and the expected call and response you can expect from it. It’s a key part of API development because it can help you isolate design flaws or problems before you write a line of code.
The size of the API economy is at an all-time high, with ProgrammableWeb reporting that there are over 17,000 APIs available on the web. The increasing demand for APIs has created a need to apply key API best practices.
But before you jump into creating APIs, in order to follow API best practices you need to ask yourself some questions. Why are you building an API? How should you mock your API?
API-led connectivity is a methodical way to connect data to applications through reusable and purposeful APIs. These APIs are developed to play a specific role – unlocking data from systems, composing data into processes, or delivering an experience.
When the entire organization adopts what is known as API-led connectivity, everyone in the business is empowered to access their best capabilities in delivering applications and projects through discovery,
Is it possible to have your cake and eat it too? In the world of API specs, we believe the answer is yes. We have been strong supporters of RAML, the RESTful API Modeling Language, since its inception, and we are if anything even more excited and committed about the value it brings to the API ecosystem.
This is part 3 of my API security blog series. I will be showing an example scenario of how Anypoint platform can be a vital component of a secure API-led architecture and the capabilities to securing the API.
The vast majority of RESTful APIs follow a simple “request-response” message exchange pattern, but that pattern is often too limiting and is not sufficient to achieving robust and reliable application performance. We frequently get questions from customers asking: ‘How I design asynchronous APIs?’ and ‘How I design an API that allows for the concurrent modification of the same API resource without bringing the resource into inconsistent state?’. In this blog post, we present two approaches answering these questions using standard HTTP headers and status codes.
This post is part 2 of 3 for my ultimate guide to API security best practices series. In this post, I will be discussing confidentiality, integrity, and availability of data. In essence, methods of how we can keep data private, protect it from being compromised while making it accessible anytime.
MuleSoft provides the most widely used integration platform for connecting any application, data source or API, whether in the cloud or on-premises. With Anypoint Platform®, MuleSoft delivers a complete integration experience built on proven open source technology, eliminating the pain and cost of point-to-point integration. Anypoint Platform includes CloudHub™ iPaaS, Mule ESB™, and a unified solution for API management™, design and publishing.