Mastouille

Miguel Afonso Caetano"Traditional approaches to rate limiting APIs won’t work effectively for AI agent consumers, so some API providers have shifted to adaptive rate limiting (ARL). For example, DeepSeek employs a more dynamic and adaptive approach to rate limiting its API compared to other LLM API providers currently.The concept of adaptive rate limiting isn’t new, but it’s evolving to address new API usage scenarios that include AI agents. Modern ARL involves a set of principles, tools, and techniques that allow systems to adjust rate limits dynamically based on context and real-time insights. It includes a combination of approaches:"<a href="https://nordicapis.com/how-ai-agents-are-changing-api-rate-limit-approaches/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://nordicapis.com/how-ai-agents-are-changing-api-rate-limit-approaches/</a><a href="https://tldr.nettime.org/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> <a href="https://tldr.nettime.org/tags/AIBots" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AIBots</a> <a href="https://tldr.nettime.org/tags/ARL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ARL</a> <a href="https://tldr.nettime.org/tags/RateLimits" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RateLimits</a> <a href="https://tldr.nettime.org/tags/AIAgents" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AIAgents</a> <a href="https://tldr.nettime.org/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIs</a> <a href="https://tldr.nettime.org/tags/APIDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIDesign</a>

Sebastian HansNew blog post: Endless possibilities (a socio-technical API pattern) - in which I describe what unchecked API growth can look like. (Another one for you, <a href="https://mastodon.social/@einarwh" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@einarwh</a>) <a href="https://sebastian-hans.de/blog/endless-possibilities/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://sebastian-hans.de/blog/endless-possibilities/</a><a href="https://hachyderm.io/tags/softwareengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#softwareengineering</a> <a href="https://hachyderm.io/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#API</a> <a href="https://hachyderm.io/tags/sociotechnical" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sociotechnical</a> <a href="https://hachyderm.io/tags/APIdesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIdesign</a>

Lukas R.You should configure <a href="https://indieweb.social/tags/HTTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HTTP</a> <a href="https://indieweb.social/tags/caching" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#caching</a> for your <a href="https://indieweb.social/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#API</a>, so you can reduce the number of requests, which increases performance and reduces resource usage. <a href="https://mastodon.green/@Philsturgeon" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Philsturgeon</a> argues that designing for cacheability should be an integral part of <a href="https://indieweb.social/tags/APIDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIDesign</a>: <a href="https://apisyouwonthate.com/blog/api-design-basics-cacheability/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://apisyouwonthate.com/blog/api-design-basics-cacheability/</a>

developer.overheid.nl🏗️ Als jullie een API bouwen, beginnen jullie dan met het definiëren van een openapi.yaml (Open API Spec, kortweg OAS) of start je direct met programmeren?Dat laatste is natuurlijk aantrekkelijk, maar niet altijd slim. Hoe je OAS-first werkt vind je in ons artikel van collega <a href="https://me.dm/@dvh" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@dvh</a>:<a href="https://developer.overheid.nl/kennisbank/apis/aan-de-slag/bouw-een-api" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://developer.overheid.nl/kennisbank/apis/aan-de-slag/bouw-een-api</a><a href="https://social.overheid.nl/tags/apidesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apidesign</a> <a href="https://social.overheid.nl/tags/oas" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#oas</a> <a href="https://social.overheid.nl/tags/openapispec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openapispec</a>

:mastodon: Mike AmundsenIf You’re Not Threat Modeling, Your API Is Already Vulnerable - DevX <a href="https://buff.ly/uqPiDEb" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://buff.ly/uqPiDEb</a>"if you care about uptime, user trust, or your job, you need to know where your API’s soft spots are. Otherwise, attackers will find them for you."<a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/apiDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiDesign</a> <a href="https://mastodon.social/tags/apiSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiSecurity</a>

:mastodon: Mike AmundsenHandy API Extension Patterns <a href="https://leanpub.com/api-extension-patterns" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://leanpub.com/api-extension-patterns</a>"Starting with a clear look at strong, weak, and "mild" typing styles, the book introduces a resilient approach using structured extensions and runtime accessors that allow APIs to grow gracefully over time."<a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/apiDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiDesign</a> <a href="https://mastodon.social/tags/signalSeries" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#signalSeries</a>

:mastodon: Mike AmundsenAPIs Over IPAs 17: Aligning API Design to Business Outcomes with James Higginbotham, LaunchAny <a href="https://buff.ly/RIMPEex" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://buff.ly/RIMPEex</a>"In this episode, Derric Gilling chats with James Higginbotham, founder of LaunchAny, about designing successful API strategies that drive business value. "<a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/moesif" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#moesif</a> <a href="https://mastodon.social/tags/apiDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiDesign</a>

:mastodon: Mike AmundsenA Heads-Up: Some Older Posts Will Be Moving Behind the Paywall <a href="https://buff.ly/kPkqfZX" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://buff.ly/kPkqfZX</a>"Hey folks — just a quick note. Over the next few weeks, I’ll be moving some older posts behind the paywall. " -- <a href="https://mastodon.social/tags/MikeAmundsen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MikeAmundsen</a><a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/apiDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiDesign</a> <a href="https://mastodon.social/tags/genAI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#genAI</a>

Phil SturgeonAPI caching can save servers some serious work, cut down on costs, and even help reduce the carbon impact of an API. However, it is often considered an optimization rather than what it truly is: an integral part of API design. <a href="https://mastodon.green/tags/ApiDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ApiDesign</a> <a href="https://mastodon.green/tags/GreenTech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GreenTech</a> <a href="https://apisyouwonthate.com/blog/api-design-basics-cacheability/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://apisyouwonthate.com/blog/api-design-basics-cacheability/</a>

LeanpubMedior PHP <a href="https://leanpub.com/b/mediorphp" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://leanpub.com/b/mediorphp</a> by Joseph Kanyo is the featured bundle of ebooks 📚 on the Leanpub homepage! <a href="https://leanpub.com" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://leanpub.com</a> <a href="https://mastodon.social/tags/Php" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Php</a> <a href="https://mastodon.social/tags/Databases" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Databases</a> <a href="https://mastodon.social/tags/Mysql" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mysql</a> <a href="https://mastodon.social/tags/ComputerProgramming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ComputerProgramming</a> <a href="https://mastodon.social/tags/Laravel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Laravel</a> <a href="https://mastodon.social/tags/Symfony" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Symfony</a> <a href="https://mastodon.social/tags/Html" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Html</a> <a href="https://mastodon.social/tags/Refactoring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Refactoring</a> <a href="https://mastodon.social/tags/Apis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Apis</a> <a href="https://mastodon.social/tags/ApiDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ApiDesign</a> <a href="https://mastodon.social/tags/books" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#books</a> <a href="https://mastodon.social/tags/ebooks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ebooks</a>

:mastodon: Mike AmundsenFour AI Superpowers: Where AI Improves Products <a href="https://buff.ly/GxlcQZu" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://buff.ly/GxlcQZu</a>"When using AI consider its four "superpowers": content creation, summarization, basic data analysis, and perspective taking."<a href="https://mastodon.social/tags/apiDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiDesign</a> <a href="https://mastodon.social/tags/genAI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#genAI</a>

Miguel Afonso Caetano"API keys are foundational elements for authentication, but relying solely on them is inherently a risky proposal.Firstly, there’s the reality that API keys are not securely designed — they were never meant to be used as the sole form of authentication, and as such, they aren’t really built for the task. These keys can often be easily stolen, leaked, or, in some cases (especially if generated incrementally), outright guessed. An API key is suitable for tracking usage but is poor for security.There is also the additional reality that keys in their default state lack some critical functionality. There’s not a lot of verification built-in for identity management, and what does exist offers very little in the way of granular access control.Ultimately, solely relying on API keys is a mistake common with novice developers but frighteningly common even in advanced products.Best Practices Instead of relying heavily on API keys as a sole mechanism, combine those keys with additional approaches such as OAuth 2.0 or mTLS. Implement rigorous expiration and rotation policies to ensure that keys which are made public are only useful for a short amount of time. Consider more advanced approaches, such as IP whitelisting or device fingerprinting, to add another layer of security atop the API key process."<a href="https://nordicapis.com/9-signs-youre-doing-api-security-wrong/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://nordicapis.com/9-signs-youre-doing-api-security-wrong/</a><a href="https://tldr.nettime.org/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#API</a> <a href="https://tldr.nettime.org/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIs</a> <a href="https://tldr.nettime.org/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APISecurity</a> <a href="https://tldr.nettime.org/tags/APIDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIDesign</a> <a href="https://tldr.nettime.org/tags/WebSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebSecurity</a> <a href="https://tldr.nettime.org/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a>

Markus EiseleSpec-First or Code-First? Choosing Your OpenAPI Strategy with Quarkus vs. Spring <a href="https://myfear.substack.com/p/spec-first-or-code-first-choosing" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://myfear.substack.com/p/spec-first-or-code-first-choosing</a> <a href="https://mastodon.online/tags/Java" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Java</a> <a href="https://mastodon.online/tags/Quarkus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Quarkus</a> <a href="https://mastodon.online/tags/APIDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIDesign</a> <a href="https://mastodon.online/tags/OpenAPI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenAPI</a>

Miguel Afonso Caetano"The accompanying diagram is intended to help you quickly decide how to document an API, but particularly a REST API. The first split is just to make sure you are looking for the right kind of API.Here is some more context to help you decide on an approach and get started."<a href="https://gist.github.com/briandominick/3ffab6be460fbde799aa34e0a42a4299" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://gist.github.com/briandominick/3ffab6be460fbde799aa34e0a42a4299</a><a href="https://tldr.nettime.org/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#API</a> <a href="https://tldr.nettime.org/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIs</a> <a href="https://tldr.nettime.org/tags/APIDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIDesign</a> <a href="https://tldr.nettime.org/tags/REST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#REST</a> <a href="https://tldr.nettime.org/tags/APIDocumentation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIDocumentation</a> <a href="https://tldr.nettime.org/tags/OpenAPI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenAPI</a> <a href="https://tldr.nettime.org/tags/DocsAsCode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DocsAsCode</a> <a href="https://tldr.nettime.org/tags/TechnicalWriting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechnicalWriting</a> <a href="https://tldr.nettime.org/tags/TechnicalCommunication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechnicalCommunication</a>

:mastodon: Mike AmundsenWhy Every Product Manager Must Master APIs?? <a href="https://buff.ly/42BY0VD" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://buff.ly/42BY0VD</a>"I realized APIs are not just technical specs; they are full-fledged products, and designing them right is a strategic superpower."<a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/apiProducts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiProducts</a> <a href="https://mastodon.social/tags/apiDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiDesign</a>

:mastodon: Mike AmundsenThe Information Architecture Philosophy Behind RESTful Web API Patterns and Practices Cookbook <a href="https://buff.ly/97cOvn8" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://buff.ly/97cOvn8</a><a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/ALPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ALPS</a> <a href="https://mastodon.social/tags/apiDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiDesign</a>

Phil SturgeonI’m so excited that this book is back on track! Build APIs You Wont Hate 2: This Time Its SeriousRoughly 80% of the internet is roughly built APIs, held together with enough duct-tape to choke all the hamsters powering it. Let's learn how to build them properly.<a href="https://mastodon.green/tags/apidesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apidesign</a> <a href="https://mastodon.green/tags/apidevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apidevelopment</a><a href="https://leanpub.com/build-apis-you-wont-hate-2" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://leanpub.com/build-apis-you-wont-hate-2</a>

:mastodon: Mike Amundsen"Affordance Aversion" : The bias that makes devs resist declarative, dynamic API models (like ALPS) in favor of rigid schemas and static interfaces.Loss Aversion + Endowment Effect = Overvaluing predictability, fearing flexibility.Want resilient APIs? Rethink the trade-offs. <a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/APIDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIDesign</a> <a href="https://mastodon.social/tags/ALPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ALPS</a> <a href="https://mastodon.social/tags/CognitiveBias" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CognitiveBias</a>

Miguel Afonso Caetano"Getting to this point isn’t unusual. Clients clearly think they’re making the call correctly, or else they would fix the endpoint themselves. Some misspellings are difficult to catch. The enum USER_RETREIVE may not be noticed from USER_RETRIEVE, especially if picking it from a list. Misspellings happen and they’re not always caught before making it to the contract. As an aside, that’s why it’s important writers routinely check development’s changes. This applies, too, to our testing calls in Postman, where manually entering endpoints and values are more pervasive.The reason this isn’t caught is simple: We’re not expecting it.For our testing, the call is made and we get results. We may even spot check some of them. But generally, results aren’t examined that closely. For instance, how often do you so carefully examine a returned list of 50 or 100 items? You check may check that the objects are complete but not that the list conforms to the search criteria.The reason this happens is because of an intentional behavior on the server. This behavior is called Lenient Handling or Strict Handling."<a href="https://robertdelwood.medium.com/understanding-query-parameter-handling-in-rest-calls-1821e0c3fa8c" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://robertdelwood.medium.com/understanding-query-parameter-handling-in-rest-calls-1821e0c3fa8c</a><a href="https://tldr.nettime.org/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIs</a> <a href="https://tldr.nettime.org/tags/RESTAPIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RESTAPIs</a> <a href="https://tldr.nettime.org/tags/Rest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Rest</a> <a href="https://tldr.nettime.org/tags/APITesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APITesting</a> <a href="https://tldr.nettime.org/tags/APIDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIDesign</a> <a href="https://tldr.nettime.org/tags/APIDocumentation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIDocumentation</a> <a href="https://tldr.nettime.org/tags/SoftwareDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareDevelopment</a>

Tim Maguire🔍 Just wrote about API versioning strategies for your developer platform! From Semantic Versioning to different implementation approaches (URI, header-based, and query parameters), I break down the pros and cons of each method based on real-world experience.<a href="https://hachyderm.io/tags/APIDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIDesign</a> <a href="https://hachyderm.io/tags/DeveloperExperience" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DeveloperExperience</a> <a href="https://hachyderm.io/tags/SoftwareEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareEngineering</a> <a href="https://hachyderm.io/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#API</a>Read more about crafting a robust API versioning strategy that works for both your team and third-party developers: <a href="https://tmaguire.net/blog/2025/02/25/api-versioning.html?utm_source=LinkedIn&utm_medium=social&utm_campaign=blog_promotion" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://tmaguire.net/blog/2025/02/25/api-versioning.html?utm_source=LinkedIn&utm_medium=social&utm_campaign=blog_promotion</a>

Recherches récentes

Options de recherche

Administré par :

Statistiques du serveur :

#apidesign