Alvin Ashcraft 🐿️<p>Dev Proxy v0.26 with improved mocking, plugin validation, and Docker support | by Waldek Mastykarz & Garry Trinder.</p><p><a href="https://devblogs.microsoft.com/microsoft365dev/dev-proxy-v0-26-with-improved-mocking-plugin-validation-and-docker-support/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">devblogs.microsoft.com/microso</span><span class="invisible">ft365dev/dev-proxy-v0-26-with-improved-mocking-plugin-validation-and-docker-support/</span></a></p><p><a href="https://hachyderm.io/tags/m365" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>m365</span></a> <a href="https://hachyderm.io/tags/devproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>devproxy</span></a> <a href="https://hachyderm.io/tags/apis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apis</span></a> <a href="https://hachyderm.io/tags/docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>docker</span></a> <a href="https://hachyderm.io/tags/webdev" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webdev</span></a> <a href="https://hachyderm.io/tags/graphapi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>graphapi</span></a> <a href="https://hachyderm.io/tags/msgraph" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>msgraph</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
bolha.us is one of the many independent Mastodon servers you can use to participate in the fediverse.
We're a Brazilian IT Community. We love IT/DevOps/Cloud, but we also love to talk about life, the universe, and more. | Nós somos uma comunidade de TI Brasileira, gostamos de Dev/DevOps/Cloud e mais!
Administered by:
Server stats:
253active users
bolha.us: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#apis
3 posts · 3 participants · 0 posts today
Miguel Afonso Caetano<p>"API keys are foundational elements for authentication, but relying solely on them is inherently a risky proposal.</p><p>Firstly, there’s the reality that API keys are not securely designed — they were never meant to be used as the sole form of authentication, and as such, they aren’t really built for the task. These keys can often be easily stolen, leaked, or, in some cases (especially if generated incrementally), outright guessed. An API key is suitable for tracking usage but is poor for security.</p><p>There is also the additional reality that keys in their default state lack some critical functionality. There’s not a lot of verification built-in for identity management, and what does exist offers very little in the way of granular access control.</p><p>Ultimately, solely relying on API keys is a mistake common with novice developers but frighteningly common even in advanced products.</p><p>Best Practices<br>Instead of relying heavily on API keys as a sole mechanism, combine those keys with additional approaches such as OAuth 2.0 or mTLS. Implement rigorous expiration and rotation policies to ensure that keys which are made public are only useful for a short amount of time. Consider more advanced approaches, such as IP whitelisting or device fingerprinting, to add another layer of security atop the API key process."</p><p><a href="https://nordicapis.com/9-signs-youre-doing-api-security-wrong/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nordicapis.com/9-signs-youre-d</span><span class="invisible">oing-api-security-wrong/</span></a></p><p><a href="https://tldr.nettime.org/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a> <a href="https://tldr.nettime.org/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a> <a href="https://tldr.nettime.org/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APISecurity</span></a> <a href="https://tldr.nettime.org/tags/APIDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIDesign</span></a> <a href="https://tldr.nettime.org/tags/WebSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebSecurity</span></a> <a href="https://tldr.nettime.org/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a></p>
Miguel Afonso Caetano<p>"Let me be blunt.</p><p>If your startup offers APIs and you don’t have a portal, you’re lighting developer acquisition money on fire. 💵 🧯🚒</p><p>Here’s what a good portal actually does:</p><p>Shortens time-to-value: faster POCs, faster adoption.</p><p>Reduces support tickets: devs can find what they need.</p><p>Builds trust: your API feels stable, documented, and ready.</p><p>Increases conversion: when docs show how easy it is to integrate, not just tell.</p><p>Still sending PDF onboarding packets to partners?</p><p>C’mon, boo. 🥲"</p><p><a href="https://www.quetzalliwrites.com/newsletters/developer-portals-dev-friendly-or-dev-frustrating" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">quetzalliwrites.com/newsletter</span><span class="invisible">s/developer-portals-dev-friendly-or-dev-frustrating</span></a></p><p><a href="https://tldr.nettime.org/tags/DevPortals" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevPortals</span></a> <a href="https://tldr.nettime.org/tags/DeveloperPortals" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DeveloperPortals</span></a> <a href="https://tldr.nettime.org/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a> <a href="https://tldr.nettime.org/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a> <a href="https://tldr.nettime.org/tags/APIDocumentation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIDocumentation</span></a> <a href="https://tldr.nettime.org/tags/TechnicalWriter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechnicalWriter</span></a> <a href="https://tldr.nettime.org/tags/TechnicalCommunication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechnicalCommunication</span></a></p>
Miguel Afonso Caetano<p>"The accompanying diagram is intended to help you quickly decide how to document an API, but particularly a REST API. The first split is just to make sure you are looking for the right kind of API.</p><p>Here is some more context to help you decide on an approach and get started."</p><p><a href="https://gist.github.com/briandominick/3ffab6be460fbde799aa34e0a42a4299" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gist.github.com/briandominick/</span><span class="invisible">3ffab6be460fbde799aa34e0a42a4299</span></a></p><p><a href="https://tldr.nettime.org/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a> <a href="https://tldr.nettime.org/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a> <a href="https://tldr.nettime.org/tags/APIDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIDesign</span></a> <a href="https://tldr.nettime.org/tags/REST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>REST</span></a> <a href="https://tldr.nettime.org/tags/APIDocumentation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIDocumentation</span></a> <a href="https://tldr.nettime.org/tags/OpenAPI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenAPI</span></a> <a href="https://tldr.nettime.org/tags/DocsAsCode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DocsAsCode</span></a> <a href="https://tldr.nettime.org/tags/TechnicalWriting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechnicalWriting</span></a> <a href="https://tldr.nettime.org/tags/TechnicalCommunication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechnicalCommunication</span></a></p>
Graylog<p><a href="https://infosec.exchange/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a> act as digital portals that allow data to travel between applications. 🕳️ However, as sensitive data moves from one application to another, each API becomes a potential access point that threat actors can exploit. 😬 </p><p>🔒 Securing APIs is critical to any company's data protection program, and knowing the OWASP API security top 10 will help! 🔟 🙌 </p><p>Read on an learn about:<br>❓ Who OWASP is<br>⚠️ The 10 most critical API security risks based on several data points<br>🔓 The OWASP top 10 API security risks</p><p><a href="https://graylog.org/post/an-introduction-to-the-owasp-api-security-top-10/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">graylog.org/post/an-introducti</span><span class="invisible">on-to-the-owasp-api-security-top-10/</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/APIsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIsecurity</span></a> <a href="https://infosec.exchange/tags/GraylogLabs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GraylogLabs</span></a></p>
DSLC Videos<p>From the <span class="h-card" translate="no"><a href="https://fosstodon.org/@DSLC" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>DSLC</span></a></span> :rstats:chives:</p><p>:rstats: "Engineering Production Grade Shiny Apps Book Club" <a href="https://youtu.be/gEaGKdVGaM4" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/gEaGKdVGaM4</span><span class="invisible"></span></a><br><a href="https://fosstodon.org/tags/RStats" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RStats</span></a></p><p>:rstats: "Web APIs with R: How can I get started with APIs? Part 2"<br><a href="https://youtu.be/WGxr4BTP75w" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/WGxr4BTP75w</span><span class="invisible"></span></a> <a href="https://fosstodon.org/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a> <a href="https://fosstodon.org/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a> <a href="https://fosstodon.org/tags/RStats" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RStats</span></a></p><p>:rstats: "Statistical Rethinking:" <a href="https://youtu.be/sW8RpF_MZtE" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/sW8RpF_MZtE</span><span class="invisible"></span></a> <a href="https://fosstodon.org/tags/RStats" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RStats</span></a></p><p>:rstats: :javascript: "JS4R: A Complete Integration" <a href="https://youtu.be/-8ZJJdXpfSw" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/-8ZJJdXpfSw</span><span class="invisible"></span></a> <a href="https://fosstodon.org/tags/RStats" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RStats</span></a><br><a href="https://fosstodon.org/tags/JavaScript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>JavaScript</span></a></p><p>Visit <a href="https://dslc.video" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">dslc.video</span><span class="invisible"></span></a> for hours of new <a href="https://fosstodon.org/tags/DataScience" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DataScience</span></a> videos every week!</p>
C++Now<p>C++Now 2025 SESSION ANNOUNCEMENT: A View for Any Occasion by Patrick Roberts</p><p><a href="https://schedule.cppnow.org/session/2025/a-view-for-any-occasion/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">schedule.cppnow.org/session/20</span><span class="invisible">25/a-view-for-any-occasion/</span></a></p><p>Register now at <a href="https://cppnow.org/registration/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">cppnow.org/registration/</span><span class="invisible"></span></a></p><p><a href="https://mastodon.social/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a> <a href="https://mastodon.social/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>programming</span></a> <a href="https://mastodon.social/tags/sfinae" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sfinae</span></a> <a href="https://mastodon.social/tags/typeerasure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>typeerasure</span></a></p>
InfoQ<p>Level up your engineering leadership! </p><p>🎧 In this <a href="https://techhub.social/tags/InfoQ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoQ</span></a> <a href="https://techhub.social/tags/podcast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>podcast</span></a>, Sagar Batchu talks about building high-performing teams, navigating the Individual Contributor-to-leader transition, and the future of APIs with AI. </p><p>Listen now: <a href="https://bit.ly/4iulVLW" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">bit.ly/4iulVLW</span><span class="invisible"></span></a> </p><p><a href="https://techhub.social/tags/EngineeringLeadership" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EngineeringLeadership</span></a> <a href="https://techhub.social/tags/Teamwork" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Teamwork</span></a> <a href="https://techhub.social/tags/SoftwareDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SoftwareDevelopment</span></a> <a href="https://techhub.social/tags/Culture" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Culture</span></a> <a href="https://techhub.social/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a> <a href="https://techhub.social/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a></p>
WetHat💦<p>A beginner-friendly guide to <a href="https://fosstodon.org/tags/REST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>REST</span></a>, <a href="https://fosstodon.org/tags/SOAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SOAP</span></a>, <a href="https://fosstodon.org/tags/GraphQL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GraphQL</span></a>, and <a href="https://fosstodon.org/tags/gRPC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gRPC</span></a>:<br>➡️ Introduces the distinct advantages of each API type and architecture.<br>➡️Has examples, such as REST’s use in e-commerce, GraphQL in social apps, and gRPC in microservices.<br>➡️Highlights emerging API trends like decentralized systems and AI-driven capabilities.</p><p><a href="https://www.freecodecamp.org/news/learn-api-fundamentals-and-architecture/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">freecodecamp.org/news/learn-ap</span><span class="invisible">i-fundamentals-and-architecture/</span></a></p><p><a href="https://fosstodon.org/tags/Programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Programming</span></a> <a href="https://fosstodon.org/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a> <a href="https://fosstodon.org/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebDevelopment</span></a> <a href="https://fosstodon.org/tags/SoftwareDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SoftwareDesign</span></a> <a href="https://fosstodon.org/tags/SoftwareArchitecture" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SoftwareArchitecture</span></a> <a href="https://fosstodon.org/tags/Microservices" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microservices</span></a></p>
Leanpub<p>Dynamic Web Scripting <a href="https://leanpub.com/b/webscripting" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">leanpub.com/b/webscripting</span><span class="invisible"></span></a> by GitforGits | Asian Publishing House is the featured bundle on the Leanpub homepage! <a href="https://leanpub.com" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">leanpub.com</span><span class="invisible"></span></a> <a href="https://mastodon.social/tags/Ruby" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ruby</span></a> <a href="https://mastodon.social/tags/RubyOnRails" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RubyOnRails</span></a> <a href="https://mastodon.social/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebDevelopment</span></a> <a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/FunctionalProgramming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FunctionalProgramming</span></a> <a href="https://mastodon.social/tags/Apis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apis</span></a> <a href="https://mastodon.social/tags/SoftwareEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SoftwareEngineering</span></a></p>
The New Stack<p>Model Context Protocol is bridging the gap between <a href="https://hachyderm.io/tags/AIAgents" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AIAgents</span></a> and <a href="https://hachyderm.io/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a>, aiming to become the universal standard for AI-driven actions. Richard MacManus explores its impact with Speakeasy.</p><p><a href="https://thenewstack.io/mcp-the-missing-link-between-ai-agents-and-apis/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thenewstack.io/mcp-the-missing</span><span class="invisible">-link-between-ai-agents-and-apis/</span></a></p>
Ben Ramsey<p>Hey, folks! I’m looking for a Staff Software Engineer to join my team (API Core) at <a href="https://phpc.social/tags/Mailchimp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mailchimp</span></a>.</p><p>Some of the things we work on: <a href="https://phpc.social/tags/PHP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PHP</span></a>, <a href="https://phpc.social/tags/REST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>REST</span></a>, <a href="https://phpc.social/tags/OpenAPI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenAPI</span></a>, <a href="https://phpc.social/tags/OAuth2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OAuth2</span></a>, <a href="https://phpc.social/tags/APIGovernance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIGovernance</span></a>, and more.</p><p>We are stewards of our public <a href="https://phpc.social/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a>, and we collaborate with other capabilities teams to ensure APIs are developed according to our standards and processes. You would work directly with me on a daily basis.</p><p>This position is in Atlanta or New York.</p><p><a href="https://jobs.intuit.com/job/atlanta/staff-software-engineer-api-core-team/27595/76329932512" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">jobs.intuit.com/job/atlanta/st</span><span class="invisible">aff-software-engineer-api-core-team/27595/76329932512</span></a></p><p><a href="https://phpc.social/tags/GetFediHired" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GetFediHired</span></a> <a href="https://phpc.social/tags/FediHire" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FediHire</span></a></p>
Leanpub<p>Creating NPM Package <a href="https://leanpub.com/b/creating-npm-package" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">leanpub.com/b/creating-npm-pac</span><span class="invisible">kage</span></a> by CodeSweetly is the featured bundle on the Leanpub homepage! <a href="https://leanpub.com" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">leanpub.com</span><span class="invisible"></span></a> <a href="https://mastodon.social/tags/ComputerProgramming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ComputerProgramming</span></a> <a href="https://mastodon.social/tags/Apis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apis</span></a> <a href="https://mastodon.social/tags/Javascript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Javascript</span></a> <a href="https://mastodon.social/tags/React" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>React</span></a> <a href="https://mastodon.social/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> <a href="https://mastodon.social/tags/Git" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Git</span></a> <a href="https://mastodon.social/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebDevelopment</span></a> <a href="https://mastodon.social/tags/Typescript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Typescript</span></a> <a href="https://mastodon.social/tags/books" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>books</span></a> <a href="https://mastodon.social/tags/ebooks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ebooks</span></a></p>
Andreas Haller<p>In a Ruby <a href="https://ruby.social/tags/hanami" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hanami</span></a> app. Is there a place to parse/convert request bodies? I am thinking about converting incoming camelCase fields to snake_case etc.</p><p><a href="https://ruby.social/tags/ruby" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ruby</span></a> <a href="https://ruby.social/tags/hanami" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hanami</span></a> <a href="https://ruby.social/tags/apis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apis</span></a></p>
Graylog<p>Unmanaged <a href="https://infosec.exchange/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a> create <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> blindspots. 🕶️ 😧 And, as orgs build out their application ecosystems, the number of APIs integrated into IT environments expands — which can easily overwhelm security teams. ↕️ 👀 😵 </p><p>Enter... API discovery.💥 Let's take a look at:</p><p>❓ What API discover is<br>⚠️ The risks that undocumented and unmanaged APIs pose<br>❗ Why <a href="https://infosec.exchange/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a> discovery is important<br>🤖 Using automation for API discovery<br>👁️ What to look for in an API discovery tool</p><p><a href="https://graylog.org/post/why-api-discovery-is-critical-to-security/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">graylog.org/post/why-api-disco</span><span class="invisible">very-is-critical-to-security/</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/SIEM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SIEM</span></a></p>
Miguel Afonso Caetano<p>"Getting to this point isn’t unusual. Clients clearly think they’re making the call correctly, or else they would fix the endpoint themselves. Some misspellings are difficult to catch. The enum USER_RETREIVE may not be noticed from USER_RETRIEVE, especially if picking it from a list. Misspellings happen and they’re not always caught before making it to the contract. As an aside, that’s why it’s important writers routinely check development’s changes. This applies, too, to our testing calls in Postman, where manually entering endpoints and values are more pervasive.</p><p>The reason this isn’t caught is simple: We’re not expecting it.</p><p>For our testing, the call is made and we get results. We may even spot check some of them. But generally, results aren’t examined that closely. For instance, how often do you so carefully examine a returned list of 50 or 100 items? You check may check that the objects are complete but not that the list conforms to the search criteria.</p><p>The reason this happens is because of an intentional behavior on the server. This behavior is called Lenient Handling or Strict Handling."</p><p><a href="https://robertdelwood.medium.com/understanding-query-parameter-handling-in-rest-calls-1821e0c3fa8c" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">robertdelwood.medium.com/under</span><span class="invisible">standing-query-parameter-handling-in-rest-calls-1821e0c3fa8c</span></a></p><p><a href="https://tldr.nettime.org/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a> <a href="https://tldr.nettime.org/tags/RESTAPIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RESTAPIs</span></a> <a href="https://tldr.nettime.org/tags/Rest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rest</span></a> <a href="https://tldr.nettime.org/tags/APITesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APITesting</span></a> <a href="https://tldr.nettime.org/tags/APIDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIDesign</span></a> <a href="https://tldr.nettime.org/tags/APIDocumentation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIDocumentation</span></a> <a href="https://tldr.nettime.org/tags/SoftwareDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SoftwareDevelopment</span></a></p>
Maik<p>- Estabilización de Event Replay en SSR: </p><p>Se robustece el mecanismo de replay de eventos en Server-Side Rendering, buscando un comportamiento más predecible y consistente. 🔄 <a href="https://mastodon.social/tags/SSR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSR</span></a></p><p>- Nuevas APIs: `resource` y `rxResource`:</p><p>Se incorporan nuevas APIs para la gestión de recursos y operaciones HTTP reactivas, integrándose con el modelo de Signals. 🧰 <a href="https://mastodon.social/tags/Signals" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signals</span></a> <a href="https://mastodon.social/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a></p><p>Adios Rxjs??</p>
Miguel Afonso Caetano<p>“A README acts as the front door to an API, offering consumers brief and sufficient information to get started. A full documentation is a place where consumers go to when they need to find information about any detail of the API. Having one doesn't mean you shouldn't have the other. But, having a README is, in my opinion, the very minimum you can do if you're serious about your API. And, at the very minimum, there are three elements I'd consider.”</p><p><a href="https://tldr.nettime.org/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a> <a href="https://tldr.nettime.org/tags/APIDocumentation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIDocumentation</span></a> <a href="https://tldr.nettime.org/tags/Markdown" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Markdown</span></a> <a href="https://tldr.nettime.org/tags/TechnicalWriting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechnicalWriting</span></a> <a href="https://tldr.nettime.org/tags/Git" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Git</span></a> <a href="https://tldr.nettime.org/tags/DocsAsCode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DocsAsCode</span></a> </p><p><a href="https://apichangelog.substack.com/p/three-elements-of-a-good-api-readme" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">apichangelog.substack.com/p/th</span><span class="invisible">ree-elements-of-a-good-api-readme</span></a></p>
Katie Paxton-Fear (InsiderPhD)<p>So what does make APIs special and different? <a href="https://infosec.exchange/tags/apisecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apisecurity</span></a> <a href="https://infosec.exchange/tags/apihacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apihacking</span></a> <a href="https://infosec.exchange/tags/apis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apis</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a></p><p>1) Interconnectedness, even if you're sure you don't have APIs, I bet your suppliers do<br>2) Large attack surfaces that are poorly documented, they balloon into hundreds of endpoints quickly</p>
Katie Paxton-Fear (InsiderPhD)<p>The biggest mistake I see in API security will probably surprise you... Whether in offensive security or defending APIs, most teams make one fundamental mistake that leaves their APIs vulnerable, they forget that APIs are web applications. <br> <a href="https://infosec.exchange/tags/apisecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apisecurity</span></a> <a href="https://infosec.exchange/tags/apihacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apihacking</span></a> <a href="https://infosec.exchange/tags/apis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apis</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload