My Journey into the Terrifying World of Hypermedia

This document discusses hypermedia APIs and REST. It introduces the Richardson maturity model for REST APIs, which classifies them as level 1 (RPC), level 2 (RESTful), or level 3 (hypermedia). A level 3 hypermedia API uses hyperlinks to communicate available actions and business workflows to clients. This allows client-side behavior to be driven by links, making clients act like state machines. The document provides examples comparing how a book browsing/purchasing workflow would be implemented at levels 2 and 3, demonstrating how level 3 implies business rules and updates through links.

Adding Rules on Existing Hypermedia APIs

During the past years, the data deluge that prevails in the World Wide Web has been accompanied by a number of APIs that expose business logic. In this paper, we discuss a novel approach to enrich existing API standards definitions with business rules. Taking advantage of the REST principles, we aim at enabling the creation of generic clients that can dynamically navigate through semantically enriched web affordances with the help of Hydrabased Hypermedia API descriptions, which encapsulate the finite state machine of possible actions into SWRL rules.

HTML Hypermedia APIs and Adaptive Web Design - Nordic APIs

The document discusses using HTML hypermedia APIs and adaptive web design (AWD) together to build web applications that scale across devices. HTML hypermedia APIs allow building web APIs that return HTML, enabling rich clients without native apps, while AWD makes the web work across browsers by conditionally loading content. The combination is suggested to be a perfect way to scale app development and make the web work on all browsers.

APIs and Linked Data: A match made in Heaven

Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013

This document discusses using HTML Hypermedia APIs and Adaptive Web Design (AWD) together as a way to build web applications that scale across devices. It notes that HTML Hypermedia APIs allow scaling app development, while AWD makes the web work on every browser. Combining the two approaches is described as a "perfect combo". Examples are given of how to build a mobile-first web app using these techniques, including conditionally loading scripts and stylesheets based on device characteristics.

What is API - Understanding API Simplified

Jubin Aghara

Building Successful API Programs in Higher Education

apidays LIVE London 2021 - Confessions of a Product Geek by Rosemary Missier,...

apidays

Empfohlen

Why should i care about hypermedia

Adding Rules on Existing Hypermedia APIs

HTML Hypermedia APIs and Adaptive Web Design - Nordic APIs

APIs and Linked Data: A match made in Heaven

Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013

What is API - Understanding API Simplified

Jubin Aghara

Building Successful API Programs in Higher Education

apidays LIVE London 2021 - Confessions of a Product Geek by Rosemary Missier,...

apidays

O365Con18 - How to Run a Search Project in SharePoint - Matthew McDermott

This document provides guidance on running a search project in SharePoint. It discusses identifying content types and properties to refine searches, creating managed properties, developing display templates and search verticals, and configuring query rules. The focus is on setting up an employee resume search to return results based on skills and other attributes through the use of these search customization features.

Edge

Glenn Block

This document discusses Edge, an open source module for Node.js that allows Node.js applications to leverage .NET capabilities by calling .NET libraries and services. Edge allows Node.js code to call into .NET code and .NET code to call back into Node.js code in a non-blocking way within the same process. It supports multiple .NET languages like C#, F# and Powershell. Edge enables access to Windows capabilities like the event log, registry, performance counters and more. It is extensible via additional Edge modules for SQL, Powershell, and other languages/platforms. The document provides code examples and links to the Edge GitHub repository and additional Edge modules.

REST Fest 2012: HATEOAS Your Cake and Eat It Too

Elastic Path

Featured talk by Senior Product Architect Matt Bishop: HATEOAS Your Cake and Eat It Too: Turning Complex Business Processes into an Easy-To-Use API We set out to build a HATEOAS server that had all the bells and whistles, only to find, well, not many pre-existing bells and whistles. By necessity we had to build our own HATEOAS server and figure out how to turn our complex ecommerce process into an API that required little training to succeed with. This talk will cover that journey and give some insight as to how to do it yourself.

O365Con18 - Invest in Search - Matthew McDermott

This document discusses the importance of investing in enterprise search and provides guidance on how to get started. It outlines that search is more than just technology - it requires focusing on users, content, and context. It recommends selecting key content sources, defining search requirements, and evolving search over time as an ongoing process rather than a one-time project. The document also covers best practices like involving search experts, addressing security considerations, and preparing for future trends in cognitive search.

Instant Security & Scalable User Management with Spring Boot

Stormpath

The document discusses the challenges of implementing user management and authentication in applications. It shows how traditional approaches require developers to implement many aspects of user management including the data store, user models, pages for signup and login, and integration with social providers and single sign-on. Stormpath is presented as a solution that handles these challenges by taking over user management and allowing applications to authenticate users without implementing any of these aspects themselves. The document includes a demonstration of Stormpath's capabilities.

API for Beginners

Gustavo De Vita

This document provides an overview of APIs and how they work. It begins with basic API concepts and definitions, then demonstrates how APIs are used by having programs interact with applications to access structured data without direct human interaction. It provides examples of common API uses for maps, login/authentication, payments, messaging and more. It also introduces the concept of webhooks which allow applications to "call" other services when data is available, rather than requiring the other service to periodically check via API calls. Overall it serves as a high-level introduction to APIs and webhooks for beginners.

Search Friendly Web Apps

Nikhil Kothari

This document discusses making Silverlight applications more search engine friendly by adding indexable content alongside the application. It recommends publishing meaningful content in semantically correct HTML that both users and search engines can access. This "HTML data" pattern provides initial content to populate the user interface without additional requests and keeps the site functional for non-JavaScript users. The document demonstrates this pattern using ASP.NET to add indexable HTML pages that render Silverlight applications for users but expose the underlying data and links to search engines.

Who’s Knocking? Identity for APIs, Web and Mobile

This document discusses identity management for APIs, web, and mobile applications. It begins with an overview of trends in cloud computing and APIs. It then discusses how traditional network security is inadequate for these new architectures and that identity has become the new perimeter. The document outlines recommendations for an API identity strategy, including implementing OAuth 2.0 for authorization instead of passwords and leveraging an identity provider to apply enterprise security policies to cloud applications and APIs. It recommends architects design for interoperability across multiple devices, users, locations, and protocols.

Beyond simple search – adding business value in the enterprise

lucenerevolution

Presented by Kathy Phillips, Enterprise Search Services Manager/VP, Wells Fargo & Co. & Tom Lutmer, eBusiness Systems Consultant, Enterprise Search Services team, Wells Fargo & Co. What is enterprise search? Is it a single search box that spans all enterprise resources or is it much more than that? Explore how enterprise search applications can move beyond simple keyword search to add unique business value. Attendees will learn about the benefits and challenges to different types of search applications such as site search, interactive search, search as business intelligence, and niche search applications. Join the discussion about the possibilities and future direction of new business applications within the enterprise.

Introduction to Artificial Intelligence on AWS

Artificial Intelligence (AI) services on the AWS cloud bring deep learning (DL) technologies like natural language understanding (NLU), automatic speech recognition (ASR), image recognition and computer vision (CV), text-to-speech (TTS), and machine learning (ML) within reach of every developer. In this session, you will be introduced to several new AI services: Amazon Lex, to build sophisticated text and voice chatbots; Amazon Rekognition, for deep learning-based image recognition; and Amazon Polly, for turning text into lifelike speech. The opportunities to apply one or more of these DL services are nearly boundless and this session will provide a number of examples and use cases to help you get started.

API Security Webinar : Security Guidelines for Providing and Consuming APIs

DevOps Indonesia

1) The document provides guidelines for securing APIs when providing and consuming services. It outlines evaluating API risks, securing ingress API connectivity, and mapping the OWASP API security risks to the ingress API development lifecycle. 2) The guidelines include five phases for ingress API connectivity: design, development, testing, implementation, and logging/monitoring. Each OWASP API security risk is mapped to elements within these phases. 3) APIs have become critical to modern applications, but many organizations' security measures have not kept up with requirements. Robust API security policies that span the entire development lifecycle are needed to securely provide and consume services.

APIs 101: What are they? What do they have to do with genealogy?

Colleen Greene

O365Con18 - Microsoft and Social, Past Present Future - Jasper Oosterveld

This document discusses Microsoft's past, present, and future with social and collaboration tools. It summarizes Microsoft's acquisition of Yammer in 2012 and the integration of Yammer with Office 365. It then outlines Microsoft's roadmap for new features and capabilities in SharePoint, Yammer, Stream, and other social and collaboration tools throughout 2018 and 2019. Key announcements and previews include improved news distribution, hub sites, audience targeting, page designs, and data residency for Yammer in Europe.

Introduction to Artificial Intelligence on AWS

This document provides an overview of artificial intelligence and machine learning services available on Amazon Web Services. It discusses how AI can power applications through services like Amazon Polly for text-to-speech, Amazon Lex for conversational interfaces, Amazon Rekognition for image and video analysis, and Amazon's deep learning platforms. It also provides examples of how customers in various industries like media, public safety, and marketing are using these AWS AI services.

Transformation through the API

This document discusses Microsoft Azure and how it can help businesses innovate through APIs. It introduces APIs and how they enable companies to grow by allowing internal developers and partners to access services. It then summarizes Microsoft Azure's API management capabilities, including publishing APIs, applying policies for operations, organizing APIs into products and groups, and providing developer tools like portals, documentation, and analytics.

Internet of Things in 2025

API 101 - Understanding APIs

The document is a transcript from an API 101 workshop that provides an introduction to APIs. In the workshop, two presenters discuss what APIs are, the business benefits of APIs, REST architecture, and tips for API design and developer success. They cover topics such as API history, how APIs enable applications and services, examples of companies that built platforms using APIs, REST principles like HTTP verbs and response formats, and best practices for marketing and supporting developers. The workshop includes presentations, examples, and opportunities for audience Q&A.

Engage 2020: Six Polite Ways to Design a RESTful API for Your Application!

Serdar Basegmez

Engage 2020 session "Six Polite Ways to Design a RESTful API for Your Application!" "With Domino v10 and v11, HCL is delivering on a vision to provide many new ways to architect our applications. One of the key technologies is creating RESTful APIs for our data and processes. APIs are very powerful in allowing us to build integrations between Domino and all other enterprise applications. Regardless of your experience, come to this session to see what options are available to you, what pitfalls you may experience and how to break down the borders between your applications and others. We will present the basic concepts and best practices, allowing you to walk away with tips and tricks on performance, scalability and security." Serdar Basegmez Developi Information Systems, London

Cognitive Services Extravaganza

Małgorzata Borzęcka

This document provides an overview of Microsoft's Cognitive Services. It describes the various services offered in areas like vision, speech, language, knowledge and search. Key services covered include Computer Vision, Face API, LUIS, Translator and Bing Search APIs. It also discusses customizable cognitive services and labs services. Pricing and endpoints for various APIs are outlined. The document encourages testing services and provides various links for learning and engaging with Microsoft's AI community.

Technical SEO Checklist for Beginners

BristolSEO

Authorization The Missing Piece of the Puzzle

XACML (eXtensible Access Control Markup Language) is an OASIS standard for defining and interpreting access control policies across multiple security domains. It provides a policy language and request/response protocol for making authorization decisions based on attributes. XACML policies can be defined in terms of attributes for subjects, resources, actions, and the environment, allowing for fine-grained and context-aware access control (ABAC). The XACML architecture separates policy enforcement from decision making and includes policy administration, information, and retrieval points.

Integrated social solutions, the power and pitfalls of mashups

Weitere ähnliche Inhalte

Was ist angesagt?

O365Con18 - How to Run a Search Project in SharePoint - Matthew McDermott

Edge

Glenn Block

REST Fest 2012: HATEOAS Your Cake and Eat It Too

Elastic Path

O365Con18 - Invest in Search - Matthew McDermott

Instant Security & Scalable User Management with Spring Boot

Stormpath

API for Beginners

Gustavo De Vita

Search Friendly Web Apps

Nikhil Kothari

Who’s Knocking? Identity for APIs, Web and Mobile

Beyond simple search – adding business value in the enterprise

lucenerevolution

Introduction to Artificial Intelligence on AWS

API Security Webinar : Security Guidelines for Providing and Consuming APIs

DevOps Indonesia

APIs 101: What are they? What do they have to do with genealogy?

Colleen Greene

O365Con18 - Microsoft and Social, Past Present Future - Jasper Oosterveld

Introduction to Artificial Intelligence on AWS

Transformation through the API

Internet of Things in 2025

API 101 - Understanding APIs

Engage 2020: Six Polite Ways to Design a RESTful API for Your Application!

Serdar Basegmez

Cognitive Services Extravaganza

Małgorzata Borzęcka

Technical SEO Checklist for Beginners

BristolSEO

Was ist angesagt? (20)

O365Con18 - How to Run a Search Project in SharePoint - Matthew McDermott

Edge

REST Fest 2012: HATEOAS Your Cake and Eat It Too

O365Con18 - Invest in Search - Matthew McDermott

Instant Security & Scalable User Management with Spring Boot

API for Beginners

Search Friendly Web Apps

Who’s Knocking? Identity for APIs, Web and Mobile

Beyond simple search – adding business value in the enterprise

Introduction to Artificial Intelligence on AWS

API Security Webinar : Security Guidelines for Providing and Consuming APIs

APIs 101: What are they? What do they have to do with genealogy?

O365Con18 - Microsoft and Social, Past Present Future - Jasper Oosterveld

Introduction to Artificial Intelligence on AWS

Transformation through the API

Internet of Things in 2025

API 101 - Understanding APIs

Engage 2020: Six Polite Ways to Design a RESTful API for Your Application!

Cognitive Services Extravaganza

Technical SEO Checklist for Beginners

Andere mochten auch

Authorization The Missing Piece of the Puzzle

Integrated social solutions, the power and pitfalls of mashups

Sliding away from Roy Fielding's REST model (Filippos Vasilakis)

This is a session given by Filippos Vasilakis at Nordic APIs 2016 Platform Summit on October 26th, in Stockholm Sweden. Description: We will go through what a modern REST API is, see what the least features we should provide to the clients are, how we can test it super fast (because testing APIs can be very time consuming!), and how we can optimize it’s performance. The talk will not be bound to any specific API spec (JSONAPI, Serien, HAL etc) but will go though all the principles of a modern REST API. However we will challenge Roy Fieldings’s thesis on REST APIs (is it still valid? we will see!) along with current specs which are based on Roy’s thesis (like JSONAPI spec) especially when high performance part of the API design.

Legal Protection of APIs – Oracle vs. Google

This is a session given by Siri Mårtensson at Nordic APIs 2016 Platform Summit on October 26th, in Stockholm Sweden. Description: The case Oracle America Inc. vs. Google Inc. has been subject for a number of trials in the US courts and involves a number of questions regarding legal protection of APIs. One of the central issues was whether the “structure, sequence and organization” of an API was copyrightable and it was concluded by the appeals court that Oracles API was protected by copyright. However, in the latest ruling from May 26 2016, the jury found that Android did not infringe the Oracle-owned copyrights since Android’s use was protected by the exception of “fair use”. In Europe the starting point is that software and API:s are protected by copyright. However, there are also in Europe a number of exceptions to the scope of protection. Siri Mårtensson, Delphi Law firm, a lawyer and expert in IT- and Intellectual Property Law gives you an introduction to how APIs can be legally protected.

Running an API 24/365

Incorporating OAuth: How to integrate OAuth into your mobile app

The document discusses how to integrate OAuth into mobile apps for security purposes. It provides an overview of OAuth basics, including the actors (client, authorization server, resource server, resource owner), common flows, and use of JSON Web Tokens. It also discusses related standards like SCIM, SAML, and OpenID Connect, with OAuth serving as the meta-protocol for handling tokens across these different approaches. The goal is to explain how OAuth addresses old security requirements and solves new problems in a standardized way for modern app development.

Lessons Learned from Building Enterprise APIs (Gustaf Nyman)

Mónica Lizeth Muñoz Flores

This is a session given by Gustaf Nyman at Nordic APIs 2016 Platform Summit on October 25th, in Stockholm Sweden. Description: In enterprises the majority of APIs are internal and may count in hundreds. APIs are often implemented in and used from a variety of languages and platforms, and legacy system and protocols are ever-present. As APIs are increasingly part of business strategies, API management becomes an important concern of the whole organisation. Gustaf has spent more than 15 years building API infrastructure for enterprises. In this talk, he shares his thoughts on designing and implementing a long-lasting API management strategy.

Analisis semiotico de un noticiero televisivo

El documento presenta un análisis semiótico de un noticiero televisivo. Describe los elementos estructurales del noticiero como su nombre, horario, secciones, conductores, porcentaje de publicidad y notas. También analiza una sección en particular sobre espectáculos y una nota sobre el regreso de una serie de Netflix. El análisis incluye los ejes denotativo y connotativo, examinando significantes plásticos, icónicos y significados. Concluye que los noticieros no tienen tantos mensajes simbólicos como otros medios

Slovakia India Trade & Investment Promotion Group

India Advisors

The document describes the formation of the Slovakia-India Trade & Investment Promotion Group (SITIPG). Key points: - SITIPG will exclusively promote trade, commerce, investment, and collaboration between Slovakia and India. - It will provide services and support to approximately 40,000 members without fees, except for initial entrance fees. Long-term funding will come from sponsors and success fees. - SITIPG will facilitate partnerships at local levels and include stakeholders from governments, businesses, experts, and interest groups from both countries.

Uruguay India Trade & Investment Promotion Group

India Advisors

The Uruguay-India Trade & Investment Promotion Group (UITIPG) will be an international organization focused exclusively on promoting trade and investment between India and Uruguay. UITIPG will provide services to its estimated 40,000 members without charge apart from initial fees. It will promote mutually beneficial commerce, industry collaboration, and people-to-people partnerships. Over time, UITIPG aims to include stakeholders from various levels of government and business in both countries to sustain itself through success fees.

Barbara_Betts_2016v2_Resume

Barbara Betts

Barbara Betts is an experienced instructional designer with expertise in creating engaging training for classroom, e-learning, and remote environments. She has superior skills with creative design tools like Adobe Creative Suite and is expert in learning management systems and content authoring tools such as Storyline and Articulate. Betts has a track record of developing innovative training solutions that improve performance and meet organizational needs on time and on budget.

150831 Ecotech Designs

Richard Sharp

The document discusses realigning the marketing technology and programs of a company. It notes that previously the company had 45 poorly coordinated websites, outdated branding and profiles, and was blacklisted from some search engines and markets. The proposed realignment includes developing a new simplified and human-focused corporate profile, brochures, and advertisements using infographics. It also involves aggregating and cleaning customer data, restoring search engine relationships, and implementing marketing automation and a digital strategy to improve external and internal customer relationships and participation in key markets.

The JSON-based Identity Protocol Suite

Twobo Technologies

The document discusses the JSON-based Identity Protocol Suite, which defines standards for JSON Web Tokens (JWTs), JSON Web Encryption (JWE), JSON Web Keys (JWK), and JSON Web Signatures (JWS). JWTs are compact tokens passed in HTTP that contain claims and can be signed or encrypted. JWE defines how to encrypt JWTs using symmetric or asymmetric encryption. JWK defines public key representations in JSON. JWS defines how to digitally sign JWTs using symmetric or asymmetric signatures. These standards are defined by the IETF and provide a common way to securely transmit identity and authorization data.

State of APIs: API trends from Nordic APIs Copenhagen & Sundsvall

Andreas Krohn

Plateforme Culture Valais - 20/02/2016 - Médias Sociaux

Yan Luong

Gestion de crise en ligne

Yan Luong

Greenpeace campaigned against Nestlé's Kit Kat bars due to their use of unsustainable palm oil sourced from rainforest destruction. Greenpeace posted parody videos showing orangutans harmed by palm oil production. This went viral and consumers pressured Nestlé on social media. Nestlé responded poorly by deleting comments and banning videos, fueling further backlash. Within 10 weeks, Nestlé agreed to stop using unsustainable palm oil, a major victory for Greenpeace's social media campaigning. Nestlé failed to effectively manage the social media crisis while Greenpeace skillfully utilized online channels to spread their message and achieve their goal.

Authorization for Internet of Things using OAuth 2.0

Hannes Tschofenig

The document discusses authorization for internet of things devices using OAuth 2.0. It outlines design patterns like backend data portability and device-to-device communication. It then describes the architecture involving clients, authorization servers, resource servers, and devices. Finally, it provides an overview of relevant standards organizations and technologies like OAuth, COSE, OpenID Connect, and FIDO that can help address IoT security challenges.

Deep-Dive: Secure API Management

Apigee | Google Cloud

Threat protection and application access controls are key security mechanisms that protect APIs when exposed to internal or external users and developers. In this technical deep-dive webcast, Apigee's security team, led by Subra Kumaraswamy, will discuss API threats and the protection mechanisms that every API and app developer must implement for safe and secure API management. This webcast will cover: - the API threat model - how to design and implement appropriate guardrails for API security using build-in policies and configuration - a demo of Apigee Edge threat protection features, including TLS encryption, XML/JSON/SQL injection attacks, and rate limiting Whether you're an IT security architect or an API or app developer, this webcast will help you understand secure API management. Download Podcast: http://bit.ly/1biiJQS Watch Video: http://youtu.be/ffs35w1RYRI

Andere mochten auch (18)

Authorization The Missing Piece of the Puzzle

Integrated social solutions, the power and pitfalls of mashups

Sliding away from Roy Fielding's REST model (Filippos Vasilakis)

Legal Protection of APIs – Oracle vs. Google

Running an API 24/365

Incorporating OAuth: How to integrate OAuth into your mobile app

Lessons Learned from Building Enterprise APIs (Gustaf Nyman)

Analisis semiotico de un noticiero televisivo

Slovakia India Trade & Investment Promotion Group

Uruguay India Trade & Investment Promotion Group

Barbara_Betts_2016v2_Resume

150831 Ecotech Designs

The JSON-based Identity Protocol Suite

State of APIs: API trends from Nordic APIs Copenhagen & Sundsvall

Plateforme Culture Valais - 20/02/2016 - Médias Sociaux

Gestion de crise en ligne

Authorization for Internet of Things using OAuth 2.0

Deep-Dive: Secure API Management

Ähnlich wie My Journey into the Terrifying World of Hypermedia

The liferay case: lessons learned evolving from RPC to Hypermedia REST APIs

Jorge Ferrer

Liferay is an open source platform started in 2000, long before the term “Web API” existed. One early characteristic of Liferay has been its great extensibility, which included providing a featureful HTTP API to access its functionalities since the very beginning. Initially this API used SOAP (as well as other less used protocols). Later a new “RESTful” option was added, leveraging HTTP+JSON and it became much more popular (even though it was at Level 0 in Richardson Maturity Model). However, both approaches lead users of the API to have a high coupling that makes the evolution of the APIs a challenging task. So we started wondering, isn’t there a better way to build APIs in 2017? This session explains our search to find a better alternative and what we learned along the way. It focuses on how we have adopted Hypermedia and Shared Vocabularies to create a new breed of APIs that we believe form the secret ingredients that solve the most important challenge we have in the API Economy: evolvability. We are now successfully applying this type of APIs in all of our products, on premise, cloud based, … even internal. We have found that once you know how and build some common foundation, all the barriers to build evolvable APIs disappear. We learned from many others along the way and want to contribute back by sharing our experience.

Creating Professional Applications with the LinkedIn API

Kirsten Hunter

AMS, API, RAILS and a developer, a Love Story

João Moura

A lot of people have being using Rails to develop both their internal or external API, but building a high quality API can be hard, and performance is a key point to achieve it. I'll share my stories with APIs, and tell you how Active Model Serializer, component of Rails-API, helped me. AMS have being used across thousands of applications bringing convention over configuration to JSON generation. This talk will give you a sneak peek of a new version of AMS that we have being working on, it's new cache conventions, and how it's being considered to be shipped by default in new Rails 5.

Hypermedia api (HATEOAS)

MitinPavel

The document discusses hypermedia APIs and the hypermedia design elements that make them work. It advocates for designing APIs around hypermedia by including hypermedia links within responses to drive interaction, rather than relying on out-of-band documentation. This allows APIs to be more self-descriptive and evolvable. The key elements discussed are base format, state transfer, domain style, and application flow.

Start an Angular project fast, then go faster using AWS and Back&

Backand Cohen

This document provides instructions for starting an Angular project using Backand for backend services. It discusses including Backand SDK dependencies, configuring secure API calls, signing users in, making API calls to retrieve and save data, and additional features like user registration, access control, and hosting on AWS S3. The document is intended to help developers get started building an Angular app integrated with Backand's backend services.

Rich Results and Structured Data

SMA Marketing

Lies you have been told about REST

darrelmiller71

REST – Beyond the hype The document discusses REST and common misconceptions about RESTful API design. It begins with a brief history of REST and considerations of alternatives like SOAP. It then addresses how the rise of frameworks led to prescriptive but incorrect "rules" for REST. The bulk of the document dispels common myths and "lies" told about RESTful design, focusing on proper use of URIs, resources, media types, and use of hypermedia. It emphasizes that REST is an architectural style and not a rigid set of rules.

Crafting Evolvable Api Responses

darrelmiller71

The document discusses best practices for crafting evolvable API responses. It advocates taking back control of representations by thinking of responses as messages rather than objects. This allows APIs to build payloads with just enough data to solve the problem and survive changes over time. The document explores using attribute groups, links, and established formats like HAL and JSON-LD to build representations that are minimal yet provide essential context.

Cdm mil-18 - hypermedia ap is for headless platforms and data integration

David Gómez García

David Gómez G. - Hypermedia APIs for headless platforms and Data Integration ...

Codemotion

We live in a interconnected world, were every day new devices, systems, and applications are connected to share information or interact between them. Thus, the importance of designing systems prepared to offer their services and data to a wide range of customers, that could discover, navigate and use their API in a standard and easy way to be consumed. But designing a headless platform to be used easily through their services is not straightforward. In this talk we will go over the challenges that we've found in adding headless nature to our platform and the foundations and tools that we have

SearchCon 2016 | Knowledge Graph Entities with Everett Sizemore

SearchCon

This document discusses optimizing brands in Google's Knowledge Graph. It provides information on why brands should optimize for the Knowledge Graph, how to mark up websites with JSON-LD schema to be included in the Knowledge Graph, and how to define and connect brands on open data websites to further optimize presence in the Knowledge Graph. Examples of JSON-LD schema code and specific open data websites that can be used are included.

Everett Sizemore

Jim Kreinbrink

Build a "Who's Who" App for Your Media Content (AIM409) - AWS re:Invent 2018

Video has become an increasingly successful medium for advertising, marketing, and engaging customers. However, many companies underutilize their substantial video assets because they are poorly indexed and cataloged. In this workshop, learn how to use machine learning services to gain more value from video by building a customer celebrity detection feature that can recognize mainstream celebrities and individuals from your own uploaded media files.

Chatting with HIpChat: APIs 101

colleenfry

The document provides instructions for integrating Bitbucket with HipChat using webhooks and APIs. It outlines the steps to install the Bitbucket integration in HipChat, including generating API keys and tokens. It also discusses HipChat add-ons and how they connect external services like Stripe to HipChat using APIs and the HipChat marketplace. The document contains examples of HipChat API calls to send messages to rooms and get room details.

The JSON REST API for WordPress

Taylor Lovett

What's New with Confluence Connect

Atlassian

Confluence Connect has added APIs and enhanced macros – but we didn't stop there. We've also introduced new types of add-ons: theming, workflows, and custom content. Confluence product manager Brian Swift will cover each of these, including the building blocks you'll need and examples of how to use them. He'll also show you how to integrate these types of add-ons with Confluence features to provide a great experience for users. There's never been a better time to create add-ons to satisfy more Confluence use cases! Ben Mackie, Head of Confluence Engineering, Atlassian Brian Swift, Principal Product Manager, Atlassian

B 3 line bot live coding

LINE Corporation

The document discusses new features added to the LINE Messaging API, including new message types like buttons, confirm, and carousel templates that provide richer interactive experiences. It also describes how the new API allows bots to participate in groups and receive events via webhook, expanding bot capabilities beyond one-on-one messaging. Developers are encouraged to begin coding bots that take advantage of the updated API.

JSON API: Não reinvente a roda

Pedro Cavalheiro

Existem diversos aspectos que devem ser priorizados ao se escrever uma API. Bom entendimento do domínio, arquitetura ideal, boa estratégia de testes, etc. Esses são alguns dos problemas reais e prioritários existentes. JSON API é uma ótima solução para evitar a perda de tempo tentando reinventar a roda durante a definição do design das respostas de sua aplicação. Nesta apresentação, alguns exemplos de uso, considerações/vantagens e dicas de como tornar a sua aplicação compatível sem (muita) dor.

Building Tomorrow's Web Services

Pat Cappelaere

This document discusses the evolution of web service APIs from REST in the 1990s to a potential future Activity Oriented Architecture (AOA). It argues that as more non-human users like intelligent agents start accessing APIs, the focus should shift from resources and hypermedia to activities that achieve user goals. The document proposes supporting auto-discovery of relevant activities, activity search, and activity templates to enable intelligent agents to perform useful tasks on behalf of users. Feedback on this vision for a future AOA is welcomed.

Looking at Content Recommendations through a Search Lens - Extended Version

Sonya Liberman

Sonya Liberman leads the Personalization team @ Outbrain's Recommendations group, developing large-scale machine learning algorithms for Outbrain's content recommendations platform serving tens of billions real-time recommendations a day. She specializes in Information Retrieval, Machine Learning, and Computational Linguistics. Before joining Outbrain, she led the Research and Algorithms @ ConvertMedia (acquired by Taboola). She holds an MSc in Computer Science and a BSc in Computer Science and Computational Biology. This invited talk was given at the Recommender Systems Workshop 2017, University of Haifa.

Ähnlich wie My Journey into the Terrifying World of Hypermedia (20)

The liferay case: lessons learned evolving from RPC to Hypermedia REST APIs

Creating Professional Applications with the LinkedIn API

AMS, API, RAILS and a developer, a Love Story

Hypermedia api (HATEOAS)

Start an Angular project fast, then go faster using AWS and Back&

Rich Results and Structured Data

Lies you have been told about REST

Crafting Evolvable Api Responses

Cdm mil-18 - hypermedia ap is for headless platforms and data integration

David Gómez G. - Hypermedia APIs for headless platforms and Data Integration ...

SearchCon 2016 | Knowledge Graph Entities with Everett Sizemore

Everett Sizemore

Build a "Who's Who" App for Your Media Content (AIM409) - AWS re:Invent 2018

Chatting with HIpChat: APIs 101

The JSON REST API for WordPress

What's New with Confluence Connect

B 3 line bot live coding

JSON API: Não reinvente a roda

Building Tomorrow's Web Services

Looking at Content Recommendations through a Search Lens - Extended Version

Mehr von Nordic APIs

How I Built Bill, the AI-Powered Chatbot That Reads Our Docs for Fun , by Tod...

A presentation given by Todd Kerpelman, Developer Advocate at Plaid, at our 2024 Austin API Summit, March 12-13. Session Description: Have you ever thought about building your own chatbot to help developers be more successful using your APIs? Well, we made one for Plaid’s documentation site, and in this talk, I’ll cover some of the things we learned! This presentation will cover topics like: – How does it work? What does it mean to “train” a bot on your docs? – Setting appropriate expectations: Do you still need to write documentation? Do you still need a support team? – The trade-offs around building your own vs. buying a 3rd party solution – Some decisions around the underlying tech – How to build a decent “conversational mode” so you can ask follow-up questions – How you evaluate the quality of a chatbot, and some surprises we ecountered along the way – What do you do when things go wrong? – Security considerations And much more! Actually, probably not that much more. That already sounds like a lot.

The Art of API Design, by David Biesack at Apiture

A presentation given by David Biesack, Chief API Officer at Apiture, at our 2024 Austin API Summit, March 12-13. Session Description: API Design is truly an art. While ChatGPT can spit out seemingly detailed APIs, there is still much to be said for well-crafted, consistent APIs designed by organic intelligence, in a broader context, with the consumer and Developer Experience in mind. A good (or dare we dream, great) Developer Experience (DX) is an important aspect of API design and the success of your API program. Attendees will grok the interplay of API design, patterns, and language constraints and limitations. See how and why artful API Design Matters to DX and "good" API outcomes, and why fluency in the myriad languages of APIs matters. Learn how choosing guiding principles can shape all your APIs for success. Learn how to stay relevant as an API designer when the API generating robots are breathing down your neck.

ABAC, ReBAC, Zanzibar, ALFA… How Should I Implement AuthZ in My APIs? by Dav...

A presentation given by David Brossard, CTO at Axiomatics, at our 2024 Austin API Summit, March 12-13. Session Description: So you've just built your cool new API and figured out the authentication part. You're even using OAuth for access delegation, scopes, and claims. So, you're good, right? Well what about fine-grained authorization? What about OWASP's #1 security threat, broken access control? How do you handle that? Maybe you need an authorization framework to help with that. But which one? Is ABAC the way to go? Policies? Graphs? In this presentation, we'll give you the tools to understand what authorization for APIs entails, what options you have, and how to successfully implement a secure authorization strategy for your APIs. We will cover approaches such as ALFA, ReBAC, and Zanzibar and illustrate with a live demo.

Crafting a Cloud Native API Platform to Accelerate Your Platform Maturity - B...

A presentation given by Budhaditya Bhattacharya, Developer Advocate at Tyk, at our 2024 Austin API Summit, March 12-13. Session Description: APIs and microservices are powering domain-driven design architectures and have become the fabric of modern cloud-native applications. However, focusing on technology isn't enough - there is a need for a synergy between people, processes, and tools. Based on the CNCF platform maturity model, we will look to bridge the gap between an org's current and desired platform maturity level when creating cloud-native API platforms. We'll discuss: 1. The platform team model - team topologies and key roles for developing internal API platforms 2. Processes like platform discovery, jobs-to-be-done analysis, and continuous feedback loops to understand and meet developer needs 3. Applying a "platform as a product" mindset to measure and communicate platform success 4. Architecting for discoverability, security, observability and integration capabilities 5. The role of technologies like service meshes, API gateway, identity management, internal developer portals and OpenAPI specifications

The Federated Future: Pioneering Next-Gen Solutions in API Management - Marku...

A presentation given by Markus Müller, CTO at APIIDA, at our 2024 Austin API Summit, March 12-13. Session Description: In an era where digital transformation is pivotal, the management and governance of APIs have emerged as critical components in the technological infrastructure of businesses. "The Federated Future: Pioneering Next-Gen Solutions in API Management" is a forward-looking talk that delves into the evolving landscape of API governance, with a particular focus on Federated API Management as a groundbreaking approach. Over the course of this presentation, we will explore the paradigm shift from traditional, centralized API management towards a more dynamic, federated model. This approach not only offers scalability and flexibility but also fosters innovation by enabling diverse teams to collaboratively manage APIs while adhering to consistent governance policies. Key topics include: - The current challenges in API governance and how federated management addresses these. - The principles and architecture of Federated API Management, distinguishing it from traditional models. - Real-world implications of adopting a federated approach, including case studies that illustrate its transformative impact on businesses. - Strategies for implementing Federated API Management, focusing on best practices for seamless integration. - The future outlook of API governance, anticipating emerging trends and technologies.

API Authorization Using an Identity Server and Gateway - Aldo Pietropaolo, SGNL

A presentation given by Aldo Pietropaolo, Director of Solutions Engineering at SGNL, at our 2024 Austin API Summit, March 12-13. Session Description: Securing APIs and ensuring you are protected from threats by implementing authentication and authorization while keeping the request context intact can be challenging. This session will show us how to leverage SGNL, Curity, and the Kong API Gateway to protect fictitious patient records. The session will be a technical session focused on the architecture and integration points for implementing continuous access management.

API Discovery from Crawl to Run - Rob Dickinson, Graylog

A presentation given by Rob Dickinson, VP of Engineering at Graylog, at our 2024 Austin API Summit, March 12-13. Session Description: Discovering the attack surface presented by your APIs is the first step to improving API security. But APIs are fundamentally dark and constantly changing, which presents serious challenges for security teams trying to assess and manage new risks. There are several reasonable ways to perform API discovery, but each has its own tradeoffs and implications about what is actually being counted. This talk covers taking an API discovery program from start to best-of-breed, and strategies for measuring and monitoring your API attack surface.

Productizing and Monetizing APIs - Derric Gilling, Moseif

A presentation given by Derric Gilling, CEO of Moseif, at our 2024 Austin API Summit, March 12-13. Session Description: The talk would target product owners looking to turn APIs into revenue centers. Specifically, how to price and package APIs, different strategies around prepaid, postpaid, and PAYG billing, and how to choose the right metric to charge, etc. Then, we’ll chat on the go-to-market to drive developer adoption.

Securely Boosting Any Product with Generative AI APIs - Ruben Sitbon, Sipios

A presentation given by Ruben Sitbon, Lead Solutions Architect at Sipios, at our 2024 Austin API Summit, March 12-13. Session Description: ChatGPT has been a tidal wave, changing forever the way people and companies perceive the value of Artificial Intelligence. Many startups have launched products with ChatGPTI at its core, innovative SaaS players have all integrated Generative AI extensions or plugins, but it is now clear that users will be expecting more and more Generative AI to boost the features of products they use on a daily basis. In this talk, I will describe how a framework relying on Generative AI in-house APIs that allows: - Easily « boosting » any product feature with Generative AI - Improving the answers through a « trainer API » that allows experts to improve the accuracy and tone of the model - Bundling security and continuous compliance in the APIs to enjoy the benefits even within risk averse large corporates.

Security of LLM APIs by Ankita Gupta, Akto.io

A presentation given by Ankita Gupta, Co-Founder and CEO, Akto.io, at our 2024 Austin API Summit, March 12-13. Session Description: In this session, I will talk about API security of LLM APIs, addressing key vulnerabilities and attack vectors. The purpose is to educate developers, API designers, architects and organizations about the potential security risks when deploying and managing LLM APIs. 1. Overview of Large Language Models (LLMs) APIs 2. Understanding LLM Vulnerabilities: - Prompt Injections - Sensitive Data Leakage - Inadequate Sandboxing - Insecure Plugin Design - Model Denial of Service - Unauthorized Code Execution - Input attacks - Poisoning attacks 3. Best practices to secure LLM APIs from data breaches I will explain all the above using real life examples.

I'm an API Hacker, Here's How to Go from Making APIs to Breaking Them - Katie...

A presentation given by Katie Paxton-Fear, API Security Educator, Traceable AI, at our 2024 Austin API Summit, March 12-13. Session Description: Have you ever wanted to be the villain or anti-hero? In this talk, we'll cover how to hack APIs, with permission, of course. First, we'll look at the tools of the trade for API hackers, some of the most common security vulnerabilities and how we test for them, and finally, I'll tell some of my API hacking stories. The aim of the session will be to learn a little API hacking and encourage people to have a go at API hacking themselves. Participants will also join me as I hack live, giving suggestions for the next steps, for an interactive and engaging session.

Unleashing the Potential of GraphQL with Streaming Data - Kishore Banala, Net...

A presentation given by Kishore Banala, Senior Software Engineer, Netflix, at our 2024 Austin API Summit, March 12-13. Session Description: Extend the advantages of GraphQL beyond the UI layer by creating data streams that seamlessly transfer data from Federated GraphQL to your preferred destination. This presentation explores the myriad use cases that can be unleashed, such as Search, Analytics etc., sparing you from the complexity of extensive ETL jobs. Join us for an in-depth exploration of the advantages that arise from seamlessly connecting GraphQL with data streams, opening new dimensions of efficiency and capability.

Reigniting the API Description Wars with TypeSpec and the Next Generation of...

A presentation given by Gareth Jones, API Architect at Microsoft, at our 2024 Austin API Summit, March 12-13. Session Description: Didn't the API description wars end in 2017 when we all agreed that OAS was the way forward? Yes, and yet how satisfied with your API descriptions are you? Are they thousands of lines of hard to read yaml or JSON? When someone makes a change, is it easy to review for correctness and completeness? Do visual tools make this easier? Do they support change management? I'll make the case that the next generation of more abstract DSLs for defining APIs such as Smithy from Amazon and TypeSpec, open sourced by Microsoft, move us back to a more intentional approach to design and give us the opportunity to highlight the business characteristics that matter most at design-time.

Establish, Grow, and Mature Your API Platform - James Higginbotham, LaunchAny

A presentation given by James Higginbotham, Executive API Consultant, LaunchAny, at our 2024 Austin API Summit, March 12-13. Session Description: Building and growing an API platform takes more than building and organizing your APIs. It requires understanding the needs of your ecosystem, establishing lightweight processes that drive discoverability, providing the resources for self-service enablement, and delivering a federated API coach program to scale your efforts. This talk will explore the practices and patterns implemented by global organizations that will help your API ecosystem shift from a functional program to a transformational API platform.

Inclusive, Accessible Tech: Bias-Free Language in Code and Configurations - A...

A presentation given by Adrienne Moherek, Developer Experience Technical Leader, Cisco, at our 2024 Austin API Summit, March 12-13. Session Description: Heard of suss? You can suss out more information or you can find someone’s information to be suss. “Suss” shows the flexibility of language. It’s an ongoing process to change how we use certain words. It’s important to choose words carefully to convey the correct meaning and avoid harmful subtext or exclusion. Let’s explore some of the tools and triage methods that it takes from an engineering viewpoint to make bias-free choices. How can you ensure that biased words do not sneak into code, UI, docs, configurations, or our everyday language? First, let’s walk through how to take an inventory of assets from code to config files to API specifications to standards. Next, by placing those findings into categories, prioritize the work to substitute with inclusive alternatives. Let’s examine some examples using both API and code assets. Next is a demonstration of how to automate analyzing your source code or documentation with a linter, looking for patterns based on rules that are fed into the tool. What’s in the future for these efforts? Inclusive language should expand beyond English and North America efforts. To do so, let’s organize the work with automation tooling, as engineers do.

Going Platinum: How to Make a Hit API by Bill Doerrfeld, Nordic APIs

A presentation given by Bill Doerrfeld, Editor in Chief of Nordic APIs, at our 2024 Austin API Summit, March 12-13. Session Description: As it turns out, making a hit API is a lot like making a hit music album. You have to find a niche, you need good naming, and you need quality content. Also, on the production side, design, style, experience, and collaboration all matter a lot. At the end of the day, both are products, requiring the right management tools, marketing know-how, and infrastructure to scale. In this SXSW-inspired opening keynote, I'll look into the parallels between the two endeavors, providing a fun and informative look into specific things API providers should be considering on their journey toward becoming API platform rockstars.

Getting Better at Risk Management Using Event Driven Mesh Architecture - Ragh...

A presentation given by Raghavan Sadagopan, Sr. Director from CapitalOne & Lakshmi Narayana, Sr. Lead Software Engineer from CapitalOne, at our 2024 Austin API Summit, March 12-13. Session Description: Managing Risk is critical to the success of an organization. Managing Risks starts with identifying potential Risks which in the digital world are signals emanating from varying source systems. Identifying potential risks real-time enables organizations to mitigate / better prepare for potential exposures. The session will share our point of view on implementing an API centric event mesh architecture that routes events in real-time through a scalable and resilient cloud-native service on AWS.

GenAI: Producing and Consuming APIs by Paul Dumas, Gartner

A presentation given by Paul Dumas, Senior Director Analyst at Gartner, at our 2024 Austin API Summit, March 12-13. Session Description: GenAI will be, well, generating APIs. We are entering the era where software creates software. It will develop APIs faster than humans are capable of. Humans cannot compete with this compute power. How do we marshal this power, govern what it produces, and leverage it to support our business objectives and strategies? We will become more dependent on the capabilities we have as humans that elude machines. This talk provides insight to software leaders about the challenges of leading and managing this new software development power. The key lies in skills that are unique to humans: foresight, intuition, and agility.

The SAS developer portal –developer.sas.com 2.0: How we built it by Joe Furb...

A presentation given by Joe Furbee, Developer Advocate and Developers Communities Manager at SAS Institute, at our 2024 Austin API Summit, March 12-13. Session Description: Sure, we could have hired someone to (re)create our developer portal, developer.sas.com. However, we wanted the freedom to build our portal from the ground up. But, it takes more than an API architect and a developer advocate to create a modern, interactive developer experience. This session provides an overview of the steps we took to relaunch the SAS AI and analytics platform developer portal. Who was involved? How did we accomplish what we wanted to build? We’ll explore the stakeholders involved, the importance of open-source technologies, and why focusing on the developer’s perspective matters. This is not a marketing pitch to promote SAS services. Instead, it’s a detailed look at the process we followed to deploy our new developer portal.

How Netflix Uses Data Abstraction to Operate Services at Scale - Vidhya Arvin...