// Topic

API

Definition

API coverage in this archive spans 12 posts from May 2016 to Jun 2022 and deals with structural tradeoffs: coupling, failure boundaries, and long-term change cost. The strongest adjacent threads are architecture, rest, and backend. Recurring title motifs include api, graphql, versioning, and rate.

What the archive argues

Most pieces recommend choosing the simplest architecture that can be operated confidently.
Early posts lean on api and graphql, while newer posts lean on api and versioning as constraints shifted.
This topic repeatedly intersects with architecture, rest, and backend, so design choices here rarely stand alone.

Execution checklist

Define failure domains and data boundaries before introducing additional services or protocols.
Start with the newest post to calibrate current constraints, then backtrack to older entries for first principles.
When boundary questions appear, cross-read architecture and rest before committing implementation details.

Common failure modes

Breaking systems into many parts without clear ownership of cross-service behavior.
Choosing architecture for trend alignment rather than workload constraints.
Applying guidance from 2016 to 2022 without revisiting assumptions as context changed.

Suggested reading path

Start here (current state): Rate Limiting: The Boring Feature That Saves You at 3 AM
Then read (operating middle): API Rate Limiting: What Actually Works
Finish with (foundational context): API Design Principles That Stand the Test of Time

References

12 posts

Rate Limiting: The Boring Feature That Saves You at 3 AM June 27, 2022 · 4 min Rate limiting algorithms, implementation tradeoffs, and practical lessons from building limiters for high-traffic APIs at a real-time messaging company. rate-limiting api backend

API Versioning: Pick One and Stop Overthinking It March 7, 2022 · 4 min API versioning is a maintenance commitment, not a design exercise. URL paths win for public APIs, headers for internal ones. The real discipline is not versioning -- it's avoiding breaking changes in the first place. api versioning rest

GraphQL Federation: I'm Still Skeptical October 4, 2021 · 3 min A year after my GraphQL post, federation is the new hotness. I still think most teams don't need it. graphql federation api

GraphQL Federation Is Probably Not For You August 17, 2020 · 4 min Most teams adopting GraphQL federation don't need it. A frank take on when it makes sense, when REST is fine, and why conference talks are a terrible basis for architecture decisions. graphql federation api

I Tried Every API Versioning Strategy. Here's the One I Actually Use. February 3, 2020 · 5 min After dealing with versioning messes at multiple companies, I landed on URL path versioning for anything public. Here's why the alternatives didn't survive contact with reality. api versioning rest

Your API Is a Contract You Can't Take Back February 25, 2019 · 4 min Hard-won lessons on designing HTTP APIs that survive real integrations, drawn from building fintech and mobility platforms. api design rest

API Rate Limiting: What Actually Works October 15, 2018 · 7 min Algorithms, headers, and deployment patterns for rate limiting APIs -- drawn from building financial data services at the fintech startup. api rate-limiting backend

GraphQL in Production Is Harder Than They Tell You June 11, 2018 · 4 min After a year running GraphQL at the fintech startup, here's what the conference talks leave out. graphql api backend

API Versioning: What Actually Works and What Doesn't May 29, 2017 · 4 min We tried multiple API versioning approaches at the fintech startup. URL path versioning won. Here's why, plus how to handle deprecation without burning your consumers. api versioning rest

GraphQL vs REST: Pick the Boring One February 6, 2017 · 4 min Everyone wants to debate GraphQL vs REST like it's a religion. It's not. One reduces round trips, the other is dead simple to cache. Here's how I actually decide. graphql rest api

Securing APIs: Authentication and Authorization Patterns December 19, 2016 · 6 min APIs expose your systems to the world. Here's how to implement authentication and authorization that protects your data without frustrating legitimate users. security api authentication

API Design Principles That Stand the Test of Time May 9, 2016 · 5 min Lessons from building the fintech startup's financial data API: the REST conventions that actually matter, the ones that don't, and why consistency beats cleverness every time. api rest design