Issue29

3 posts
Issue29

Making fast APIs: lessons learned from 40 years of SQL

Give consumers full access over what to fetch, and don’t tie them to pre-determined data fields. Emulate SQL’s EXPLAIN method & let users know how exactly the database will execute their query.…

Issue29

You can’t protect what you can’t see

Establish visibility so that the business knows what is exposed and how, to whom, through the API. Authenticate both end-users and client applications. OAuth2 is the de facto standard.…

Issue29

5 tips for wrapping your database with a REST API

Don’t let implementation details leak into your API. Use clear resource concept names. Don’t use abbreviations or naming conventions in URLs.…