Skip to content
API-University

API-University

APIs your consumers will love

Menu

  • Books
    • All Books
    • Book Club
    • REST
    • REST & GraphQL
    • GraphQL
    • Serverless GraphQL
    • OAuth
    • OpenID Connect
    • Swagger & OpenAPI
    • Webhooks
    • API Architecture
    • Alexa Voice Skills
  • Courses
    • All Video Courses
    • OAuth – Video Course
    • OpenID Connect – Video Course
    • RESTful API Design – Video Course
    • Digital Business with APIs – Video Course
    • Individual Workshops Classroom or Webinar
    • Practical Video Tutorials …
      • OAuth 2.0 Diagrams
      • OAuth at Facebook
      • OAuth at LinkedIn
      • OAuth at Google
      • OAuth at PayPal
  • Blog
    • API Reviews
    • API Security
    • API Design
    • API Business
    • Open Banking
  • Consulting
    • API Maturity Assessment
    • API Consulting
    • Live Workshops
    • Upskill Your Team
  • Community
    • API Swag (I ❤️ APIs)
    • Find an API Job
    • Become a Partner
  • About
    • Newsletter
    • API-University
    • Matthias
  • Hot Topics
    • API Design Overview
    • API Domain Analysis
    • Architectural and Frontend Design
      • REST
      • GraphQL
    • API Prototyping
    • API Implementation
    • API Tools
    • API Security
      • OAuth
      • OpenID Connect
    • API Publication
    • API Evolution & Versioning

Blog

The 10 most critical API security risks – Part 2: Broken User Authentication

The recently published “OWASP API security top 10” report analyzes the anti-patterns that lead to vulnerabilities and security risks in APIs. In this 10 part series, we introduce these API anti-patterns. Every API professional should know about these anti-patterns. API

Matthias Biehl 2020-01-282020-01-28 API Security, Blog Read more

The 10 most critical API security risks – Part 1: Broken Object-Level Authorization

The recently published “OWASP API security top 10” report analyzes the anti-patterns that lead to vulnerabilities and security risks in APIs. In this 10 part series, we introduce these API anti-patterns. Every API professional should know about these anti-patterns. API

Matthias Biehl 2020-01-212020-01-20 API Security Read more

New Course on OpenID Connect & JWT

Many of my 7100 students of the OAuth course have asked me to create a new course on OpenID Connect & JWT . And I completely understand why. Because as an API professional in 2020, you simply need to know

Matthias Biehl 2019-12-282020-02-27 API Security, Blog Read more

API Days Australia Melbourne 2019

Keynote: “Building Digital Ecosystems with APIs” API Days Australia Melbourne 2019 September 19th, 2019Melbourne Convention & Exhibition Centre1 Convention Centre Pl, South Wharf VIC 3006, Australia

Matthias Biehl 2019-09-202020-02-27 Blog Read more

gRPC API Style for high-performance APIs

Researching architectural styles for APIs? gRPC is an API style that follows the remote procedure pattern and allows for high-performance implementations. It follows the remote procedure pattern. If you are researching which architectural style to apply, and you start on

Matthias Biehl 2019-08-212020-03-03 API Design, Blog Read more

REST APIs with HATEOAS

The REST constraints tell us to design APIs according to HATEAOS (Hypertext as the Engine of Application State). The Richardson Maturity Model rates APIs according to the fulfillment of these constraints and assigns the highest rating (level 3) to the

Matthias Biehl 2019-08-162020-04-04 API Design, Blog, REST Read more

Richardson Maturity Model – classify REST-like APIs

Richardson Maturity Model – classify REST-like APIs

Not every service that is exposed over HTTP is compliant with the REST constraints. Sometimes one can find services, which are advertised as being RESTful, but in reality, they follow the RPC style. In fact, there may even be a

Matthias Biehl 2019-08-142020-04-04 API Design, Blog, REST Read more

The API Mandate – Install API Thinking at your Company

Jeff Bezos, Amazon founder and CEO, wrote the following memo to his employees around 2002. It got known as the “Bezos API Mandate” or “Amazon’s API Mandate”.

Matthias Biehl 2019-06-192020-09-16 API Architecture, Blog Read more

Value Proposition of Alexa for Skill Developers

If a voice platform shall be successful, it needs to offer its users a large choice of voice apps. All users shall be able to customize their Alexa experience with the particular Skills they need. The platform provider cannot possibly

Matthias Biehl 2019-05-222020-02-27 API Business, Blog Read more

Alexa Ecosystem

Alexa is not a monolithic app delivered by Amazon, but rather an ecosystem of highly specialized voice apps (or Skills) that are all available on the Alexa platform. There are clear roles for software providers, hardware providers and Amazon as

Matthias Biehl 2019-05-152020-02-27 API Business, Blog Read more
  • « Previous
  • Next »

Categories

Recent Posts

  • 5 Patterns for API Monetization | How to make money with APIs
  • Open Banking Ecosystems: How they emerge
  • What Open Insurance can learn from Open Banking
  • Open Banking vs Banking-as-a-Service: How do they differ?
  • Guide on API Versioning with a Lifecycle Approach

Tag Cloud

Alexa API API-Review API Design API Portal API Security AppSync AWS Book Design Developer Portal Ecosystem Events google Google API GraphQL Identity Journey Map LinkedIn Linkedin API Live Coding node.js OAuth OpenBanking OpenID Connect OpenInsurance OWASP Pattern REST Review Richardson Security Skill Social Login Social Login with LinkedIn Spotify Spotify API Spotify OAuth Spotify OAuth Access Token subscriptions Testing Tutorial Video Voice Webhooks

API-University Series

The API-University Book Series is a modular series of books on API-related topics. Want them all? Join the API-University Book Club and save some money.

Read more
Copyright © 2025 API-University. All rights reserved. Theme Spacious by ThemeGrill. Powered by: WordPress.