Presented on July 20, 2018
For individual use.
When the machines take over, APIs will be how they speak to each other”
— Keith Casey
Your company either has an API or it is planning to create one; either way, you have a whole new world of issues to face. You have to design it securely, design it for scalability, design it for long term use. All the while keeping the ever important DX in mind. (Developer Experience).
Join other Internet Plumbers from around the world as we discuss the best (and sometimes the worst) ways to design, deploy, and protect your API. We have gathered five experts to show you the issues facing you and the best way to overcome them. Join us as Day Camp 4 Developers presents “Plumbing the Internet: Proper API Design”
The Many Layers of OAuth
Keith Casey, @CaseySoftware
OAuth is one of the most important but most misunderstood frameworks out there. What you think it is, it probably isn’t. What it actually is, you probably hadn’t considered. Regardless, when you consider the standards, specifications, and common practices interact and fit together, it’s impressive what you can accomplish with minimal effort.
In this session, we’ll explore through the most common RFCs that are combined to make powerful, robust, and secure solutions that drive modern software development.
Load Testing Your APIs
Ian Littman, @iansltx
Want to find out which pieces of your API break down under load first, so you know how you’ll need to scale before your systems catch fire? Load testing answers this question without subjecting the system under test to live, potentially cranky, users.
We’ll look at a few FOSS tools for load testing, including new, more advanced tools that allow for simulating an entire user flow, rather than merely hammering a single endpoint. Along the way, we’ll mix in a dose of profiling goodness to drill down into API performance issues, so we can fix the root of our performance problems before the issues rear their heads on production.
Achieving Undisturbed REST
Mike Stowe, @mikegstowe
Building an API is easy. Designing an API is hard. That’s the motto of Undisturbed REST: a guide to designing the perfect API, and the book used by many of today’s top enterprises to answer key questions and build a sustainable, efficient API that lasts. In this session we’ll jump right in, tackling the questions you need to answer, looking at how to design your API, and learning from real examples in the field. And as a special bonus, each participant will receive a complimentary PDF version of the book to dig in and continue learning with.
Practical API Security
Adam Englander, @adam_englander
With the dominance of Mobile Apps, Single Page Apps for the Web, and Micro-Services, we are all building more APIs than ever before. Like many other developers, I had struggled with finding the right mix of security and simplicity for securing APIs. Some standards from the IETF have made it possible to accomplish both. Let me show you how to utilize existing libraries to lock down you API without writing a ton of code.
The Accidental Architect: On Becoming an API Architect in a Digitally Transforming Enterprise
Joyce Stack, @Joyce_Stack
Like most major companies Elsevier is reacting to shifts in the industry and embracing the importance of an Enterprise API Platform in the modern enterprise.
In this talk, Joyce will provide a unique perspective of her current experiences in establishing an API mindset in an organisation with 1000+ technologists. How to start? What are the daily challenges? How do you address them?
As APIs are the intersection between human and machines then you can expect to hear about challenges from a technical, cultural and personal perspective. Topics will include OpenAPI technical debt, trying to build that first exemplar, setting up an API Guild, Imposter Syndrome and learning to play the long game.
Attendees can expect to leave the talk with lessons learned and some actions they can implement in their own teams.