Category Archives: SOA
One Datastore per MicroService?
This article represents details on whether to use single datastore per microservice. Please feel free to comment/suggest if I missed to mention one or more important points. Also, sorry for the typos. From what I researched, the preferred architecture for microservices is polyglot persistence pattern. (http://martinfowler.com/bliki/PolyglotPersistence.html ). You could further read about this on following pages: http://martinfowler.com/articles/microservices.html#DecentralizedDataManagement http://microservices.io/patterns/data/database-per-service.html As per the best practices, each micro-service should have one database private to it. There are different ways to achieve the above objective. Some of them are listed below: Same database system for different services. In this following could be done: Different set of tables specific to microservice in the same database …
API Tips – How to Write API Documentation
This article represents tips on how to write documentation for APIs which are going to be published to developers, both internal and external. It touches upon some of the important areas/points that needed to be included in API documentation such that developers find it easy enough to work with APIs. Please feel free to comment/suggest if I missed to mention one or more important points. Also, sorry for the typos. 3 Areas to Cover while doing API Documentation Landing page which provides details such as high level information of APIs, links to APIs pages, release information, changelog details A summary page providing an overview on APIs in general, list of API …
Lessons from Evernote Usage of Apache Thrift Framework
This article throws light on underlying technology used by Evernote to meet the primary requirement of having client applications on different OS platforms connect to server application for accessing/updating the notes. What is Evernote? As per Wikipedia…Evernote is a suite of software and services designed for notetaking and archiving. A “note” can be a piece of formatted text, a full webpage or webpage excerpt, a photograph, a voice memo, or a handwritten “ink” note…. Evernote supports a number of operating system platforms (including OS X, iOS, Chrome OS, Android, Microsoft Windows, Windows Phone, BlackBerry, and webOS) and also offers online synchronisation and backup services. The diagram below illustrates …
New Initiative: API Bar
We would like to introduce our new initiative, namely API Bar, in relation with business APIs that are getting released/published day in day out as part of business strategy by companies of every size (large, medium, small). The reason we have named the initiative as API Bar is that the way APIs (making the business competitive) are coming up every day seems like APIs presented in bottles with different labels with developers trying to figure out which APIs to use and why? 🙂 As part of this initiative, we shall be doing following activities and publish our findings appropriately from time-to-time: Evaluate the APIs from technical perspective while exploring different …
Samsung Fingerprint Scanning API & Mobile Wallet Security?
This article explores the recently released Samsung fingerprint scanning API also termed as “Pass API” in light of security for mobile wallets. Pass API is released as part of the Samsung Mobile SDK 1.5 beta1 during the launch of Samsung Galaxy S5 mobile phone. One of the key feature of Samsung galaxy S5 is fingerprint reader. The application could use fingerprint reader to scan user fingerprints and verify against the users’ stored fingerprints on the device. This article presents an overview on the PASS API and, then, talks about how it could be used for mobile wallets’ security. What is Pass API? As mentioned on Samsung Developers Page for Pass API, …
Top 7 Secured Practices for Securing Your Partner APIs
If you are planning to publish partner APIs for exposing your business services or data to your partners and customers, you may want to consider following top 7 secured best practices to ensure application level security: [adsenseyu2] Access-token based Authentication: Have your partners’ applications authenticate itself (and its users) using access-tokens rather than actual passwords. This is because access-tokens may be easily time-boxed and can be enforced to be renewed at the regular time-intervals. And the theft of access token can not really compromise the actual users’ password with the parent application. In this relation, you may consider using OAuth based authentication technique. In addition to usage of access-token for …
API Economy & Rich Dad, Poor Dad
In recent times, as I have been hearing about and, reading a lot on API related articles including topics such as application programming interfaces (APIs) economy, API-First, API-driven development etc, I got extremely fascinated with this API thing. This is where I decided to put my findings around when, why and how to go for API adoption and whether it would be fruitful for business to go for APIs from strategy perspective. Interestingly enough, I found some connection between API thing, and the central theme of the book, Rich Dad, Poor Dad. This is where I thought to use key themes from the book Rich Dad, Poor Dad to present …
Tips for Designing Security for Your Public APIs
[adsenseyu2] Before we look into tips & techniques to design security for your Public APIs, lets understand what do we mean by Public APIs? Public APIs are APIs that are published to the world including developers, or partners’ developers to create their custom application by making use of APIs. These APIs can be used by another program, mobile apps or web applications (Web UI), desktop client etc. Following are some tips/techniques for designing security for your Public APIs: IP Address Restrictions: To be able to control access to APIs based on IP address from which request arrived, the IP address restrictions policy should be imposed. This is very handy when …
List of Great Videos on API Design & Development
Following are some of the videos I could gather which presents talks on API design & development. How to Design a Good API and Why it Matters?: A great video by Joshua Bloch done some 6 years back. Great one for those looking to understand what API design & development look like and how to get started? How to Design Good APIs: This video focus on some of the key aspects such as intuitiveness, documentation of API. Life of a Google API Developer: This video presents different aspect of API development.
What makes an API, a great API?
[adsenseyu2] Before I start on this blog, lets take a look at the quote, “Being complex is easy, being simple is hard”. Do you agree? Well, I have experienced it and agree in totality. This is what it takes in creating a simple-to-understand-and-use API, a complex task. 🙂 Whenever I start writing about API, I do clarify what am I meaning for API? Most of the programmers would think if API is not same as interfaces to the classes that they write. Well, I would say that yes, they are same. However, we usually do not pay attention to write, what is called as “Great API”, as we write the …
A Great API should act as a Building Block!
[adsenseyu2] Following are characteristics of a great API: Building Blocks: APIs consisting of one or more methods should act like building blocks that could be assembled in more than one unique ways to create newer applications or apps. This could thus lead to innovation where developers can take up these APIs and create some creative and unique applications serving different functionality and creating substantial value for the end users. For example, look at facebook apps or salesforce apps. Developers worldwide have created several innovative applications by using facebook APIs. Distinct & Stateless: APIs should be distinct in terms of its service offerings and stateless in nature. Thus, invocation of an …
APIs is the Way to Go, You bet!
[adsenseyu2] Not sure if you are aware or not, but the world is waking up to keywords such as API-First, API-Driven Development (ADD) etc. And, this is creating confusion in application developers mind when they hear counter argument against their expression that they have always been doing API driven development where they use to write proper interfaces to their implementations. What is different from then to now? And, what do they need to do differently? But the more important thing to ask is what has led to everyone talking about API driven development? Following are some of the reasons (also, key technology trends of 2014) why APIs has been getting …
Bonita REST API & Application Architecture
[adsenseyu2] I have been working on BonitaSoft REST API in order to meet following customers’ requirements: The customer has multiple line of business (LOB) applications. The customer has decided to make a strategic move to offer solutions to their existing and new customers rather than one or more products from their multiple LOBs which can be accessed by a web application dashboard. These solution span across multiple LOB applications and is envisioned to leverage functionality offered by these applications using service API. In this regard, one key fundamental architectural component that got introduced is workflow tool, BonitaSoft. The workflow tool is used to execute one or more workflows which forms …
Are Days Counted for MVC-based Web Applications?
Today, if I am tasked to lay down the architecture for web application, I would no longer be blindly choosing MVC based architecture. Additionally, if this is a migration project from legacy to web application, I would no longer be blindly going for MVC based architecture and choose related MVC frameworks. Not sure if you would agree with me or not. But please read the following and share your thoughts. I would be happy to hear from you. Why am I getting paranoid regarding MVC for web applications? Following are criteria for my considerations for deciding on whether I would select MVC architecture for delivering business functionality on the web: …
I found it very helpful. However the differences are not too understandable for me