Updated 1 July 2021 | Anastasia Kholod

We are back with the traditional fortnight API Digest, and on this issue, you are going to see a wrap-up of the following articles:

  • What comes after SaaS?
  • Web API security: a story of authentication, God’s Eye View, and corporate espionage;
  • The troubles with APIs: security, discovery, bulk loading;
  • Building APIs with Ruby on Rails and GraphQL;
  • API Development: design-first or code-first?
  • 15 topics to help folks see the business potential of APIs;
  • How APIs can break up your company’s ball of mud;

SaaS is dying (?!), - boldly states Noah Jessop in his article “What comes after SaaS?” He writes about two severe problems this new way of doing business has: Stacking and Switching costs. SaaS’s own success is its own enemy — the cost and the time to build novel things has fallen significantly. Thus as a software company hits real scale, it’s left in a no man’s land — not large enough to stack, not worthless (or weak enough) to die — but too much competition — from the low end, the high end, from customers cobbling together a series of other tools — to prevent any real growth.

Michael Barrett has long suspected that we have been ignoring — or at least oversimplifying — the problem of web API security. In the article Web API Security: A story of authentication, God’s Eye View, and corporate espionage, he wanted to remind people that when they offer an API to the Internet at large doesn’t mean that every one of the calls to their API is doing what they fondly believe it is. Yes, you need to ensure that API callers are authenticated, and yes, you need to ensure that you have levels of access controls. But, you also have to ensure that abuse of the APIs can’t happen.

APIs are requisite in getting access to the various services and functions that are being built into countless commercial and enterprise applications. Sounds great, but APIs are not so easy to work with how it might look like. In his article,  Joe McKendrick writes about the troubles with APIs: security, discovery, bulk loading.

REST APIs has long become the main standard to exchange data between application server and clients. Designing APIs for mobile and web applications has become a very common problem today. One of the biggest issues encountered when developing an API is the structure and granularity of the data the backend is giving back to the client. Léonard Hetsch shows how to build APIs with Ruby on Rails and GraphQL, taking a simple movies database API as an example.

API Development: Design-First or Code-First? This important question Keshav Vasudevan raises in his article. There he explains positives and negatives of these two approaches and provides questions that should guide your decision making when it comes to choosing the right methodology to your API development.

One of Kin Lane’s clients asked him for fifteen bullet points of what he’d say to help convince folks at his company that APIs are the future, and have potentially viable business models. So, here they are, 15 topics to help folks see the business potential of APIs by Kin Lane.

Last month on the Collision Conference stage Ross Mason spoke with Steve Rosenbush, editor of The Wall Street Journal’s CIO Journal, about the importance of the API economy and how APIs can break up your company’s ball of mud. Hit the link to watch the whole video or read a short recap of their conversation.

For more API news and insights, read API developer weekly #163 and #164 by Keith Casey and James Higginbotham.

See you in a fortnight! In the meanwhile, send us article suggestions and ideas. Either way, we are happy to hear from you. 🙂

P.S. In case you’d be interested in trying API2Cart, you can create an account and see how the API works on live stores.