Posted on

RESTful APIs Are Good, But GraphQL APIs Are Usually Better

According to the GraphQL Foundation, GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. Like many influential technologies, GraphQL was developed by Facebook in 2012. In their own words they “needed a data-fetching API powerful enough to describe all of Facebook, yet simple enough to be easy to learn” by their developers.

For a few years, GraphQL was used internally for their mobile applications. The first GraphQL repos were open-sourced in 2015. One of the Github repos contained the GraphQL specification and another contained a GraphQL JavaScript reference implementation. 

Posted on

Demystifying HTTP Verbs: Patch, Put, and Post

If you’re still getting the hang of web development and HTTP specification, you might find yourself often confused about which verbs to use and when. 

Some developers learn that most applications on the internet are CRUD (Create, Read, Update, Delete) applications and that the HTTP verbs match to these actions 1:1. POST is a Create, GET is a Read, PATCH (or PUT) is an Update, and DELETE is a Delete.

Posted on

How to Use Discovery APIs to Your Advantage

You (and your users) can’t map and transform data if you’re missing custom objects.

Discovery APIs are critical to understanding a target application’s unique (often customized) data structure and, consequently, building effective and accurate mappings and transformations that ensure data sync. Seamless connectivity is only possible when you account for custom objects from the target application.

Posted on

Secure Your Data Service API Calls

Today, we’re going to take another look at security configurations in Backendless. In this article, we will talk about how to restrict the direct access to your data via API and only expose your custom API endpoints. This does not mean you should use some other set of “admin” APIs for data management. Instead, it is accomplished by setting up proper security settings.

Backendless provides ways to set up really granular permissions for your resources, including even row-level security in your data tables. But for this task, we’re only going to need system roles and global permissions. Thus, it won’t require you to do a lot of configurations or create additional assets, such as custom roles.

Posted on

Measure Every API Call in Your Go App in 30 Lines of Code

I recently gave a talk at GrafanaCon LA, which was heavily inspired by my blog post on . During the talk, I dove into a popular monitoring use case with Sensu, InfluxDB, and Grafana — let's call it the SIG stack. While I got to share some awesome features in Sensu that ultimately allow users to collect, store, and visualize their metrics, the conference was about Grafana, and folks wanted to see dashboards! Now, I'm a Go dev, not a data scientist, so I don't have quick access to large sample sets, and while it's super easy to spin up Sensu in production and start scraping nodes to collect fancy metrics, I wanted something more... and the attendees of GrafanaCon wanted something moar!

StatsD

Enter StatsD, the OG metric aggregator that — over the years — has become an industry standard. It's a simple and lightweight daemon that can aggregate custom performance data. StatsD client libraries are ubiquitous and available in just about every language, so you can instrument the tooling in your app's native language and send those metrics off to a StatsD server. Fortunately for you, every Sensu agent has an embedded StatsD server that listens for UDP traffic on port 8125. Since UDP is a "fire-and-forget" protocol, it minimizes performance impact and risk when implementing it in your code.