API

Definition

API coverage in this archive spans 12 posts from May 2016 to Jun 2022 and deals with structural tradeoffs: coupling, failure boundaries, and long-term change cost. The strongest adjacent threads are architecture, rest, and backend. Recurring title motifs include api, graphql, versioning, and rate.

What the archive argues

Most pieces recommend choosing the simplest architecture that can be operated confidently.
Early posts lean on api and graphql, while newer posts lean on api and versioning as constraints shifted.
This topic repeatedly intersects with architecture, rest, and backend, so design choices here rarely stand alone.

Execution checklist

Define failure domains and data boundaries before introducing additional services or protocols.
Start with the newest post to calibrate current constraints, then backtrack to older entries for first principles.
When boundary questions appear, cross-read architecture and rest before committing implementation details.

Common failure modes

Breaking systems into many parts without clear ownership of cross-service behavior.
Choosing architecture for trend alignment rather than workload constraints.
Applying guidance from 2016 to 2022 without revisiting assumptions as context changed.

References

Rate Limiting: The Boring Feature That Saves You at 3 AM

Jun 2022

Rate limiting algorithms, implementation tradeoffs, and practical lessons from building limiters for high-traffic APIs at a real-time messaging company.

API Versioning: Pick One and Stop Overthinking It

Mar 2022

API versioning is a maintenance commitment, not a design exercise. URL paths win for public APIs, headers for internal ones. The real discipline is not versioning -- it's avoiding breaking changes in the first place.

GraphQL Federation: I'm Still Skeptical

Oct 2021

A year after my GraphQL post, federation is the new hotness. I still think most teams don't need it.

GraphQL Federation Is Probably Not For You

Aug 2020

Most teams adopting GraphQL federation don't need it. A frank take on when it makes sense, when REST is fine, and why conference talks are a terrible basis for architecture decisions.

I Tried Every API Versioning Strategy. Here's the One I Actually Use.

Feb 2020

After dealing with versioning messes at multiple companies, I landed on URL path versioning for anything public. Here's why the alternatives didn't survive contact with reality.

Your API Is a Contract You Can't Take Back

Feb 2019

Hard-won lessons on designing HTTP APIs that survive real integrations, drawn from building fintech and mobility platforms.

API Rate Limiting: What Actually Works

Oct 2018

Algorithms, headers, and deployment patterns for rate limiting APIs -- drawn from building financial data services at the fintech startup.

GraphQL in Production Is Harder Than They Tell You

Jun 2018

After a year running GraphQL at the fintech startup, here's what the conference talks leave out.

API Versioning: What Actually Works and What Doesn't

May 2017

We tried multiple API versioning approaches at the fintech startup. URL path versioning won. Here's why, plus how to handle deprecation without burning your consumers.

GraphQL vs REST: Pick the Boring One

Feb 2017

Everyone wants to debate GraphQL vs REST like it's a religion. It's not. One reduces round trips, the other is dead simple to cache. Here's how I actually decide.

Securing APIs: Authentication and Authorization Patterns

Dec 2016

APIs expose your systems to the world. Here's how to implement authentication and authorization that protects your data without frustrating legitimate users.

API Design Principles That Stand the Test of Time

May 2016

Lessons from building the fintech startup's financial data API: the REST conventions that actually matter, the ones that don't, and why consistency beats cleverness every time.

API