Low-Code Development: Leverage low and no code to streamline your workflow so that you can focus on higher priorities.
DZone Security Research: Tell us your top security strategies in 2024, influence our research, and enter for a chance to win $!
Dmitry Sotnikov is Chief Product Officer at the API Security specialist - 42Crunch - and the curator of the https://apisecurity.io newsletter and community. Prior to 42Crunch, Dmitry worked at Quest Software (now part of Dell) as Director of Cloud Solutions, then co-founded Jelastic PaaS and led Jelastic's sales, marketing, customer and partner relationships, and later built the cloud platform and business for WSO2 open-source integration company. Dmitry has been a featured speaker at multiple industry events including Microsoft TechEd, VMware VMWorld, Parallels Summit, Quest Innovate, and Technology Experts Conference (TEC). twitter: @DSotnikov
Stats
Reputation: | 4522 |
Pageviews: | 1.3M |
Articles: | 2 |
Comments: | 4 |
API Design and Management
Discover what you need to know about the state of API design and management. This report explores a wide range of topics from REST API discovery and navigation to common integration pain points and how developers are thinking about APIs.This report covers in-depth original research on developer preferences surrounding API programs and integrated systems. Additionally, experts in the field share their perspectives on effective API design as well as secure API strategies and best practices.
Comments
Apr 30, 2021 · Melissa Habit
Hi, Bukaj,
You are correct. Indeed, I can define an amazingly tight API in my contract, but not follow it in the actual implementation.
However, the big advantage of the OpenAPI standard (and other similar standards such as GraphQL, AsyncAPI, Protobuf, etc.) is that it is machine-readable. This means that you can for example:
* Use a contract-aware dynamic testing tool (I am partial here and can give 42Crunch Conformance Scan as an example) that would automatically test for any discrepancies between the contract and the implementation.
* Use a contract-aware API firewall or gateway (again, 42Crunch Protection is one such example, but increasingly other API gateways include at least some OpenAPI-based validation.)
Dmitry
Nov 24, 2014 · Amila Maharachchi
Jun 26, 2012 · Kirill Grouchnikov
Jun 26, 2012 · Kirill Grouchnikov