Follow along as we build a GraphQL API using Apollo and Neo4j Database. We’ll show how to leverage the scale of serverless for our GraphQL API and how to take advantage of 3rd party services like Auth0 for handling authentication and authorization in our GraphQL app.
Max Panas (Web Developer @Agile Actors) and Stelios Charbalis (Software Engineer @Agile Actors) present GraphQL and how it compares to traditional REST API design at GreeceJS Meetup #14 (Athens, June 15, 2016).
Getting Started with Spring for GraphQLVMware Tanzu
WaffleCorp is a major provider of breakfast products available direct to consumer or through our strategic partnerships. The current implementation of the e-commerce platform is a monolithic Spring MVC application that serves data through a collection of REST APIs.
Currently, the only provider of the REST API is our e-commerce web application. We've been tasked with opening up our APIs to our new iOS and Android apps, partner microservices, and IoT applications.
The issue we ran into is that a REST API is not a one-size-fits-all approach. We need a more flexible solution to meet the requirements of all of our client applications. This is a perfect use case for the speed and flexibility of GraphQL.
GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. GraphQL provides a complete and understandable description of the data in your API, gives clients the power to ask for exactly what they need and nothing more, makes it easier to evolve APIs over time, and enables powerful developer tools.
In this session, you’ll learn what GraphQL is and why you should consider it in your next project. You’ll learn how to use GraphQL in your Spring Boot applications by leveraging the Spring for GraphQL project. By the end of this session, you’ll understand how to stand up a GraphQL endpoint and request the data you need, and nothing more.
This presentation was part of an internal training session at Jahia to make people aware of GraphQL, and also shared the lessons learned while working with it. It is intended for audiences that have no prior knowledge of GraphQL.
GraphQL has made an excellent entree on the API scene. It is reintroducing the original concepts of RPC-style architecture with a revolutionary API consumer-oriented approach. It brought a new option to the stalled waters of RESTful APIs. But more importantly, GraphQL brought back the principal question: What is the right API architectural style for my project?
If you are building an API, this talk should give you enough of the theoretical background to make the right API-decision for your product.
In this talk, we will take a critical look at predominant API architectural style – RESTful APIs and put it in contrast to GraphQL and Hypermedia APIs. We will discuss the expected properties of distributed systems, the consequences of choosing a particular API style, and reflect these findings in the pros and cons of the popular methods.
Max Panas (Web Developer @Agile Actors) and Stelios Charbalis (Software Engineer @Agile Actors) present GraphQL and how it compares to traditional REST API design at GreeceJS Meetup #14 (Athens, June 15, 2016).
Getting Started with Spring for GraphQLVMware Tanzu
WaffleCorp is a major provider of breakfast products available direct to consumer or through our strategic partnerships. The current implementation of the e-commerce platform is a monolithic Spring MVC application that serves data through a collection of REST APIs.
Currently, the only provider of the REST API is our e-commerce web application. We've been tasked with opening up our APIs to our new iOS and Android apps, partner microservices, and IoT applications.
The issue we ran into is that a REST API is not a one-size-fits-all approach. We need a more flexible solution to meet the requirements of all of our client applications. This is a perfect use case for the speed and flexibility of GraphQL.
GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. GraphQL provides a complete and understandable description of the data in your API, gives clients the power to ask for exactly what they need and nothing more, makes it easier to evolve APIs over time, and enables powerful developer tools.
In this session, you’ll learn what GraphQL is and why you should consider it in your next project. You’ll learn how to use GraphQL in your Spring Boot applications by leveraging the Spring for GraphQL project. By the end of this session, you’ll understand how to stand up a GraphQL endpoint and request the data you need, and nothing more.
This presentation was part of an internal training session at Jahia to make people aware of GraphQL, and also shared the lessons learned while working with it. It is intended for audiences that have no prior knowledge of GraphQL.
GraphQL has made an excellent entree on the API scene. It is reintroducing the original concepts of RPC-style architecture with a revolutionary API consumer-oriented approach. It brought a new option to the stalled waters of RESTful APIs. But more importantly, GraphQL brought back the principal question: What is the right API architectural style for my project?
If you are building an API, this talk should give you enough of the theoretical background to make the right API-decision for your product.
In this talk, we will take a critical look at predominant API architectural style – RESTful APIs and put it in contrast to GraphQL and Hypermedia APIs. We will discuss the expected properties of distributed systems, the consequences of choosing a particular API style, and reflect these findings in the pros and cons of the popular methods.
Supporting slide deck for Tony Tam's presentation at I Love APIs 2015. Covers the new swagger project, Swagger Inflector, which allows an API-first definition for REST APIs.
apidays Paris 2022 - Event-Driven API Management – why REST isn't enough, Ben...apidays
apidays Paris 2022 - APIs the next 10 years: Software, Society, Sovereignty, Sustainability
December 14, 15 & 16, 2022
Event-Driven API Management – why REST isn't enough
Benjamin Gottstein, Sales Engineer at Solace
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Deep dive into the API industry with our reports:
https://www.apidays.global/industry-reports/
Subscribe to our global newsletter:
https://apidays.typeform.com/to/i1MPEW
GraphQL is a wonderful abstraction for describing and querying data. Apollo is an ambitious project to help you build apps with GraphQL. In this talk, we'll go over how all the parts—Client, Server, Dev Tools, Codegen, and more—create an end-to-end experience for building apps on top of any data.
## Detailed description
In today's development ecosystem, there are tons of options for almost every part of your application development process: UI rendering, styling, server side rendering, build systems, type checking, databases, frontend data management, and more. However, there's one part of the stack that hasn't gotten as much love in the last decade, because it usually falls in the cracks between frontend and backend developers: Data fetching.
The most common way to load data in apps today is to use a REST API on the server and manage the data manually on the client. Whether you're using Redux, MobX, or something else, you're usually doing everything yourself—deciding when to load data, how to keep it fresh, updating the store after sending updates to the server, and more. But if you're trying to develop the best user experience for your app, all of that gets in the way; you shouldn't have to become a systems engineer to create a great frontend. The Apollo project is based on the belief that data loading doesn't have to be complicated; instead, you should be able to easily get the data you want, when you want it, and it should be managed for you just like React manages updating your UI.
Because data loading touches both the frontend and backend of your app, GraphQL and Apollo have to include many parts to fulfill that promise of being able to seamlessly connect your data together. First, we need client libraries not only for React and JavaScript, but also for native iOS and Android. Then, we must bring server-side support for GraphQL queries, mutations, and most recently subscriptions to every server technology and make those servers easier to write. And finally, we want not only all of the tools that people are used to with REST APIs, but many more thanks to all of the capabilities enabled by GraphQL.
In this talk, we'll go over all of the parts of a GraphQL-oriented app architecture, and how different GraphQL and Apollo technologies come together to solve all of the parts of data loading and management for React developers.
22nd Athens Big Data Meetup - 1st Talk - MLOps Workshop: The Full ML Lifecycl...Athens Big Data
Title: MLOps Workshop: The Full ML Lifecycle - How to Use ML in Production
Speakers: Spyros Cavadias (https://www.linkedin.com/in/spyros-cavadias/), Konstantinos Pittas (https://www.linkedin.com/in/konstantinos-pittas-83310270/), Thanos Gkinakos (https://www.linkedin.com/in/thanos-gkinakos-03582a128/)
Date: Saturday, December 17, 2022
Event: https://www.meetup.com/athens-big-data/events/289927468/
by Richard Threlkeld, Sr. Product Manager, AWS
Most applications are data-driven and our app is no exception to that. However, mobile development has some unique problems to be solved. In this session, we’ll introduce you to GraphQL – the latest in mobile-centric data access protocols – and show you how GraphQL can help with these problems.
With the rise of Microservice Architectures and rich mobile and web applications, APIs are more important than ever. Come learn how to tackle modern API design challenges with GraphQL, an open-source API query language used by Facebook, Amazon, Microsoft, Twitter, Virgin Trains, and more.
This Slid shows the GraphQL Fundamentals, cover below points.
* what: what is GraphQL
* who: Who builds GraphQL
* why: Why we need GraphQL
* how: How to use GraphQL
IT also cover
* Application Programming Interface (API History Image )
* Principles of REST API Design
* REST Flow / GraphQL Flow diagram
* Rest Traditional Data fetching.
* REST vs GraphQL
* Browser Tools
* GraphQL Mutation
* GraphQL Variables
* GraphQL Fragments
* Pain Points of GraphQL
SpringOne Platform 2017
Spencer Gibb, Pivotal; Sree Tummidi, Pivotal
What is an API Gateway and how can your microservices architecture benefit by using one? What are the types API Gateways? What characteristics define each type of API Gateway? Join Spencer Gibb and Sree Tummidi for a discussion and demonstration of the first next generation of API Gateway, Spring Cloud Gateway and its architecture and developer experience. Learn about route matching and filtering and how it is different than the previous Zuul 1 experience. Features of Spring Cloud Gateway include support for websockets, reactive developer experience and rate limiting, to name a few.
In this presentation, Suraj Kumar Paul of Valuebound has walked us through GraphQL. Founded by Facebook in 2012, GraphQL is a data query language that provides an alternative to REST and web service architectures.
Here he has discussed core ideas of GraphQL, limitations of RESTful APIs, operations, arguments, fragmentation, variables, mutations etc.
----------------------------------------------------------
Get Socialistic
Our website: http://valuebound.com/
LinkedIn: http://bit.ly/2eKgdux
Facebook: https://www.facebook.com/valuebound/
It is a basic presentation which can help you understand the basic concepts about Graphql and how it can be used to resolve the frontend integration of projects and help in reducing the data fetching time
This presentation also explains the core features of Graphql and why It is a great alternative for REST APIs along with the procedure with which we can integrate it into our projects
GraphQL, an open-source data query and manipulation language for APIs, is gaining popularity due to the flexibility associated with its usage. Organizations are adopting this new technology as a means of enabling rapid application development. However, the challenges and concerns associated with exposing GraphQL services for application developers are different from the traditional REST or SOAP based endpoints. This introduces a need to adopt an API management platform that specifically treats GraphQL characteristics as first-class citizens.
This slide deck will
• Give an introduction to GraphQL
• Compare GraphQL with REST
• Explore the considerations when adopting an API management platform for GraphQL
Meetup recording: https://youtu.be/wLTZhT6hc7s
Supporting slide deck for Tony Tam's presentation at I Love APIs 2015. Covers the new swagger project, Swagger Inflector, which allows an API-first definition for REST APIs.
apidays Paris 2022 - Event-Driven API Management – why REST isn't enough, Ben...apidays
apidays Paris 2022 - APIs the next 10 years: Software, Society, Sovereignty, Sustainability
December 14, 15 & 16, 2022
Event-Driven API Management – why REST isn't enough
Benjamin Gottstein, Sales Engineer at Solace
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Deep dive into the API industry with our reports:
https://www.apidays.global/industry-reports/
Subscribe to our global newsletter:
https://apidays.typeform.com/to/i1MPEW
GraphQL is a wonderful abstraction for describing and querying data. Apollo is an ambitious project to help you build apps with GraphQL. In this talk, we'll go over how all the parts—Client, Server, Dev Tools, Codegen, and more—create an end-to-end experience for building apps on top of any data.
## Detailed description
In today's development ecosystem, there are tons of options for almost every part of your application development process: UI rendering, styling, server side rendering, build systems, type checking, databases, frontend data management, and more. However, there's one part of the stack that hasn't gotten as much love in the last decade, because it usually falls in the cracks between frontend and backend developers: Data fetching.
The most common way to load data in apps today is to use a REST API on the server and manage the data manually on the client. Whether you're using Redux, MobX, or something else, you're usually doing everything yourself—deciding when to load data, how to keep it fresh, updating the store after sending updates to the server, and more. But if you're trying to develop the best user experience for your app, all of that gets in the way; you shouldn't have to become a systems engineer to create a great frontend. The Apollo project is based on the belief that data loading doesn't have to be complicated; instead, you should be able to easily get the data you want, when you want it, and it should be managed for you just like React manages updating your UI.
Because data loading touches both the frontend and backend of your app, GraphQL and Apollo have to include many parts to fulfill that promise of being able to seamlessly connect your data together. First, we need client libraries not only for React and JavaScript, but also for native iOS and Android. Then, we must bring server-side support for GraphQL queries, mutations, and most recently subscriptions to every server technology and make those servers easier to write. And finally, we want not only all of the tools that people are used to with REST APIs, but many more thanks to all of the capabilities enabled by GraphQL.
In this talk, we'll go over all of the parts of a GraphQL-oriented app architecture, and how different GraphQL and Apollo technologies come together to solve all of the parts of data loading and management for React developers.
22nd Athens Big Data Meetup - 1st Talk - MLOps Workshop: The Full ML Lifecycl...Athens Big Data
Title: MLOps Workshop: The Full ML Lifecycle - How to Use ML in Production
Speakers: Spyros Cavadias (https://www.linkedin.com/in/spyros-cavadias/), Konstantinos Pittas (https://www.linkedin.com/in/konstantinos-pittas-83310270/), Thanos Gkinakos (https://www.linkedin.com/in/thanos-gkinakos-03582a128/)
Date: Saturday, December 17, 2022
Event: https://www.meetup.com/athens-big-data/events/289927468/
by Richard Threlkeld, Sr. Product Manager, AWS
Most applications are data-driven and our app is no exception to that. However, mobile development has some unique problems to be solved. In this session, we’ll introduce you to GraphQL – the latest in mobile-centric data access protocols – and show you how GraphQL can help with these problems.
With the rise of Microservice Architectures and rich mobile and web applications, APIs are more important than ever. Come learn how to tackle modern API design challenges with GraphQL, an open-source API query language used by Facebook, Amazon, Microsoft, Twitter, Virgin Trains, and more.
This Slid shows the GraphQL Fundamentals, cover below points.
* what: what is GraphQL
* who: Who builds GraphQL
* why: Why we need GraphQL
* how: How to use GraphQL
IT also cover
* Application Programming Interface (API History Image )
* Principles of REST API Design
* REST Flow / GraphQL Flow diagram
* Rest Traditional Data fetching.
* REST vs GraphQL
* Browser Tools
* GraphQL Mutation
* GraphQL Variables
* GraphQL Fragments
* Pain Points of GraphQL
SpringOne Platform 2017
Spencer Gibb, Pivotal; Sree Tummidi, Pivotal
What is an API Gateway and how can your microservices architecture benefit by using one? What are the types API Gateways? What characteristics define each type of API Gateway? Join Spencer Gibb and Sree Tummidi for a discussion and demonstration of the first next generation of API Gateway, Spring Cloud Gateway and its architecture and developer experience. Learn about route matching and filtering and how it is different than the previous Zuul 1 experience. Features of Spring Cloud Gateway include support for websockets, reactive developer experience and rate limiting, to name a few.
In this presentation, Suraj Kumar Paul of Valuebound has walked us through GraphQL. Founded by Facebook in 2012, GraphQL is a data query language that provides an alternative to REST and web service architectures.
Here he has discussed core ideas of GraphQL, limitations of RESTful APIs, operations, arguments, fragmentation, variables, mutations etc.
----------------------------------------------------------
Get Socialistic
Our website: http://valuebound.com/
LinkedIn: http://bit.ly/2eKgdux
Facebook: https://www.facebook.com/valuebound/
It is a basic presentation which can help you understand the basic concepts about Graphql and how it can be used to resolve the frontend integration of projects and help in reducing the data fetching time
This presentation also explains the core features of Graphql and why It is a great alternative for REST APIs along with the procedure with which we can integrate it into our projects
GraphQL, an open-source data query and manipulation language for APIs, is gaining popularity due to the flexibility associated with its usage. Organizations are adopting this new technology as a means of enabling rapid application development. However, the challenges and concerns associated with exposing GraphQL services for application developers are different from the traditional REST or SOAP based endpoints. This introduces a need to adopt an API management platform that specifically treats GraphQL characteristics as first-class citizens.
This slide deck will
• Give an introduction to GraphQL
• Compare GraphQL with REST
• Explore the considerations when adopting an API management platform for GraphQL
Meetup recording: https://youtu.be/wLTZhT6hc7s
GraphQL is an emerging query manipulation language for APIs. It is an open source runtime for querying and retrieving existing data in an optimal manner making applications more efficient. With the flexibility it offers over REST APIs, many organizations are now interested in and are adopting GraphQL applications widely.
While GraphQL focuses on what it does best, backend developers still worry about ensuring their GraphQL services are exposed in a secure, controlled, monitored, and sometimes, even in a monetized environment. This is where an API gateway is useful as the middle layer to provide a significant value to GraphQL queries, mutations, and subscriptions.
This slide deck will discuss the following:
- An introduction to GraphQL
- Why and when to use GraphQL APIs
- Exposing GraphQL service as managed APIs: The necessity of an API Manager
- Deploying a GraphQL service via WSO2 API Manager : Security, authentication, authorization, and rate-limiting
- Invoking GraphQL APIs via the integrated GraphiQL UI in Developer Portal
- GraphQL Analytics
Watch the webinar on-demand here: https://wso2.com/library/webinars/deploying-graphql-services-as-managed-apis/
GraphQL across the stack: How everything fits togetherSashko Stubailo
My talk from GraphQL Summit 2017!
In this talk, I talk about a future for GraphQL which builds on the idea that GraphQL enables lots of tools to work together seamlessly across the stack. I present this through the lens of 3 examples: Caching, performance tracing, and schema stitching.
Stay tuned for the video recording from GraphQL Summit!
BetterCode API, März 2023, Sonja Wegner (Lead Software Architect @QAware)
== Dokument bitte herunterladen, falls unscharf! Please download slides if blurred! ==
With GraphQL a modern and flexible way of providing APIs for our data is emerging.
The clients specify which data they need, the provisioning of data becomes more flexible and dynamic. Over-fetching or under-fetching are history.
But does this mean we have to rewrite all APIs to benefit? How can we retrofit a GraphQL API onto our existing API landscape?
In this talk we explore three different alternatives:
- The Developer Way: Writing a GraphQL API layer by hand
- The Cloud-native Way: Using lightweight API gateways such as Gloo or Tyk
- The Serverless Way: Using Cloud Provider native services
We will look at all three approaches conceptually and justify when and why each makes sense. Additionally, we will show in a live demo how GraphQL APIs can be added to an existing REST API.
In questa breve presentazione vedremo cosa è e cosa ci permette di fare GraphQL, e come questo nuovo approccio alle API possa essere integrato ad una GraphDB in modo efficiente
GraphQL is an emerging API standard that provides a more flexible and alternative approach for data intensive operations. It is particularly good for querying and retrieving data in optimized forms that make applications more efficient and optimal. While GraphQL focuses on what it does best, we still need to ensure that our GraphQL services are exposed in a secure, controlled, monitored, and sometimes even in a monetized environment. This is where the inclusion of an API gateway that understands GraphQL queries, mutations, and subscriptions can add significant value.
This deck explores the following:
- Introduction to GraphQL
- Exposing GraphQL services as managed APIs
- Authentication
- Authorization
- Rate limiting
- Invoking GraphQL APIs exposed via WSO2 API Manager
Watch the webinar on-demand here - https://wso2.com/library/webinars/2019/11/exposing-graphqls-as-managed-apis/
Implementing OpenAPI and GraphQL services with gRPCTim Burks
Behind every API there's code. REST and GraphQL are powerful interface abstractions but are not so great for writing code (we’re still looking for the programming language where every command is a GET, POST, PUT, or DELETE). When programmers work, they are usually making function calls, and an RPC framework like gRPC allows those functions to be written in a mixture of languages and distributed among many servers. This means that gRPC can be a great way to implement REST and GraphQL APIs at scale. We’ll share open source projects from Google that can be used to implement OpenAPI and GraphQL services with gRPC and give you hands-on experience with both.
Presented at the 2019 API Specifications Conference.
https://asc2019.sched.com/event/T6u9/workshop-implementing-openapi-and-graphql-services-with-grpc-tim-burks-google
Similar to Building Fullstack Serverless GraphQL APIs In The Cloud (20)
How I Built Bill, the AI-Powered Chatbot That Reads Our Docs for Fun , by Tod...Nordic APIs
A presentation given by Todd Kerpelman, Developer Advocate at Plaid, at our 2024 Austin API Summit, March 12-13.
Session Description: Have you ever thought about building your own chatbot to help developers be more successful using your APIs? Well, we made one for Plaid’s documentation site, and in this talk, I’ll cover some of the things we learned!
This presentation will cover topics like:
– How does it work? What does it mean to “train” a bot on your docs?
– Setting appropriate expectations: Do you still need to write documentation? Do you still need a support team?
– The trade-offs around building your own vs. buying a 3rd party solution
– Some decisions around the underlying tech
– How to build a decent “conversational mode” so you can ask follow-up questions
– How you evaluate the quality of a chatbot, and some surprises we ecountered along the way
– What do you do when things go wrong?
– Security considerations
And much more! Actually, probably not that much more. That already sounds like a lot.
The Art of API Design, by David Biesack at ApitureNordic APIs
A presentation given by David Biesack, Chief API Officer at Apiture, at our 2024 Austin API Summit, March 12-13.
Session Description: API Design is truly an art. While ChatGPT can spit out seemingly detailed APIs, there is still much to be said for well-crafted, consistent APIs designed by organic intelligence, in a broader context, with the consumer and Developer Experience in mind.
A good (or dare we dream, great) Developer Experience (DX) is an important aspect of API design and the success of your API program. Attendees will grok the interplay of API design, patterns, and language constraints and limitations. See how and why artful API Design Matters to DX and "good" API outcomes, and why fluency in the myriad languages of APIs matters. Learn how choosing guiding principles can shape all your APIs for success. Learn how to stay relevant as an API designer when the API generating robots are breathing down your neck.
ABAC, ReBAC, Zanzibar, ALFA… How Should I Implement AuthZ in My APIs? by Dav...Nordic APIs
A presentation given by David Brossard, CTO at Axiomatics, at our 2024 Austin API Summit, March 12-13.
Session Description: So you've just built your cool new API and figured out the authentication part. You're even using OAuth for access delegation, scopes, and claims. So, you're good, right? Well what about fine-grained authorization? What about OWASP's #1 security threat, broken access control? How do you handle that? Maybe you need an authorization framework to help with that. But which one? Is ABAC the way to go? Policies? Graphs? In this presentation, we'll give you the tools to understand what authorization for APIs entails, what options you have, and how to successfully implement a secure authorization strategy for your APIs. We will cover approaches such as ALFA, ReBAC, and Zanzibar and illustrate with a live demo.
Crafting a Cloud Native API Platform to Accelerate Your Platform Maturity - B...Nordic APIs
A presentation given by Budhaditya Bhattacharya, Developer Advocate at Tyk, at our 2024 Austin API Summit, March 12-13.
Session Description: APIs and microservices are powering domain-driven design architectures and have become the fabric of modern cloud-native applications. However, focusing on technology isn't enough - there is a need for a synergy between people, processes, and tools.
Based on the CNCF platform maturity model, we will look to bridge the gap between an org's current and desired platform maturity level when creating cloud-native API platforms. We'll discuss:
1. The platform team model - team topologies and key roles for developing internal API platforms
2. Processes like platform discovery, jobs-to-be-done analysis, and continuous feedback loops to understand and meet developer needs
3. Applying a "platform as a product" mindset to measure and communicate platform success
4. Architecting for discoverability, security, observability and integration capabilities 5. The role of technologies like service meshes, API gateway, identity management, internal developer portals and OpenAPI specifications
The Federated Future: Pioneering Next-Gen Solutions in API Management - Marku...Nordic APIs
A presentation given by Markus Müller, CTO at APIIDA, at our 2024 Austin API Summit, March 12-13.
Session Description: In an era where digital transformation is pivotal, the management and governance of APIs have emerged as critical components in the technological infrastructure of businesses. "The Federated Future: Pioneering Next-Gen Solutions in API Management" is a forward-looking talk that delves into the evolving landscape of API governance, with a particular focus on Federated API Management as a groundbreaking approach.
Over the course of this presentation, we will explore the paradigm shift from traditional, centralized API management towards a more dynamic, federated model. This approach not only offers scalability and flexibility but also fosters innovation by enabling diverse teams to collaboratively manage APIs while adhering to consistent governance policies.
Key topics include:
- The current challenges in API governance and how federated management addresses these.
- The principles and architecture of Federated API Management, distinguishing it from traditional models.
- Real-world implications of adopting a federated approach, including case studies that illustrate its transformative impact on businesses.
- Strategies for implementing Federated API Management, focusing on best practices for seamless integration.
- The future outlook of API governance, anticipating emerging trends and technologies.
API Authorization Using an Identity Server and Gateway - Aldo Pietropaolo, SGNLNordic APIs
A presentation given by Aldo Pietropaolo, Director of Solutions Engineering at SGNL, at our 2024 Austin API Summit, March 12-13.
Session Description: Securing APIs and ensuring you are protected from threats by implementing authentication and authorization while keeping the request context intact can be challenging. This session will show us how to leverage SGNL, Curity, and the Kong API Gateway to protect fictitious patient records. The session will be a technical session focused on the architecture and integration points for implementing continuous access management.
API Discovery from Crawl to Run - Rob Dickinson, GraylogNordic APIs
A presentation given by Rob Dickinson, VP of Engineering at Graylog, at our 2024 Austin API Summit, March 12-13.
Session Description: Discovering the attack surface presented by your APIs is the first step to improving API security. But APIs are fundamentally dark and constantly changing, which presents serious challenges for security teams trying to assess and manage new risks. There are several reasonable ways to perform API discovery, but each has its own tradeoffs and implications about what is actually being counted. This talk covers taking an API discovery program from start to best-of-breed, and strategies for measuring and monitoring your API attack surface.
Productizing and Monetizing APIs - Derric Gilling, MoseifNordic APIs
A presentation given by Derric Gilling, CEO of Moseif, at our 2024 Austin API Summit, March 12-13.
Session Description: The talk would target product owners looking to turn APIs into revenue centers. Specifically, how to price and package APIs, different strategies around prepaid, postpaid, and PAYG billing, and how to choose the right metric to charge, etc. Then, we’ll chat on the go-to-market to drive developer adoption.
Securely Boosting Any Product with Generative AI APIs - Ruben Sitbon, SipiosNordic APIs
A presentation given by Ruben Sitbon, Lead Solutions Architect at Sipios, at our 2024 Austin API Summit, March 12-13.
Session Description: ChatGPT has been a tidal wave, changing forever the way people and companies perceive the value of Artificial Intelligence. Many startups have launched products with ChatGPTI at its core, innovative SaaS players have all integrated Generative AI extensions or plugins, but it is now clear that users will be expecting more and more Generative AI to boost the features of products they use on a daily basis.
In this talk, I will describe how a framework relying on Generative AI in-house APIs that allows:
- Easily « boosting » any product feature with Generative AI
- Improving the answers through a « trainer API » that allows experts to improve the accuracy and tone of the model
- Bundling security and continuous compliance in the APIs to enjoy the benefits even within risk averse large corporates.
Security of LLM APIs by Ankita Gupta, Akto.ioNordic APIs
A presentation given by Ankita Gupta, Co-Founder and CEO, Akto.io, at our 2024 Austin API Summit, March 12-13.
Session Description: In this session, I will talk about API security of LLM APIs, addressing key vulnerabilities and attack vectors. The purpose is to educate developers, API designers, architects and organizations about the potential security risks when deploying and managing LLM APIs.
1. Overview of Large Language Models (LLMs) APIs
2. Understanding LLM Vulnerabilities:
- Prompt Injections
- Sensitive Data Leakage
- Inadequate Sandboxing
- Insecure Plugin Design
- Model Denial of Service
- Unauthorized Code Execution
- Input attacks
- Poisoning attacks
3. Best practices to secure LLM APIs from data breaches
I will explain all the above using real life examples.
I'm an API Hacker, Here's How to Go from Making APIs to Breaking Them - Katie...Nordic APIs
A presentation given by Katie Paxton-Fear, API Security Educator, Traceable AI, at our 2024 Austin API Summit, March 12-13.
Session Description: Have you ever wanted to be the villain or anti-hero? In this talk, we'll cover how to hack APIs, with permission, of course. First, we'll look at the tools of the trade for API hackers, some of the most common security vulnerabilities and how we test for them, and finally, I'll tell some of my API hacking stories. The aim of the session will be to learn a little API hacking and encourage people to have a go at API hacking themselves. Participants will also join me as I hack live, giving suggestions for the next steps, for an interactive and engaging session.
Unleashing the Potential of GraphQL with Streaming Data - Kishore Banala, Net...Nordic APIs
A presentation given by Kishore Banala, Senior Software Engineer, Netflix, at our 2024 Austin API Summit, March 12-13.
Session Description: Extend the advantages of GraphQL beyond the UI layer by creating data streams that seamlessly transfer data from Federated GraphQL to your preferred destination. This presentation explores the myriad use cases that can be unleashed, such as Search, Analytics etc., sparing you from the complexity of extensive ETL jobs. Join us for an in-depth exploration of the advantages that arise from seamlessly connecting GraphQL with data streams, opening new dimensions of efficiency and capability.
Reigniting the API Description Wars with TypeSpec and the Next Generation of...Nordic APIs
A presentation given by Gareth Jones, API Architect at Microsoft, at our 2024 Austin API Summit, March 12-13.
Session Description: Didn't the API description wars end in 2017 when we all agreed that OAS was the way forward?
Yes, and yet how satisfied with your API descriptions are you? Are they thousands of lines of hard to read yaml or JSON? When someone makes a change, is it easy to review for correctness and completeness? Do visual tools make this easier? Do they support change management?
I'll make the case that the next generation of more abstract DSLs for defining APIs such as Smithy from Amazon and TypeSpec, open sourced by Microsoft, move us back to a more intentional approach to design and give us the opportunity to highlight the business characteristics that matter most at design-time.
Establish, Grow, and Mature Your API Platform - James Higginbotham, LaunchAnyNordic APIs
A presentation given by James Higginbotham, Executive API Consultant, LaunchAny, at our 2024 Austin API Summit, March 12-13.
Session Description: Building and growing an API platform takes more than building and organizing your APIs. It requires understanding the needs of your ecosystem, establishing lightweight processes that drive discoverability, providing the resources for self-service enablement, and delivering a federated API coach program to scale your efforts. This talk will explore the practices and patterns implemented by global organizations that will help your API ecosystem shift from a functional program to a transformational API platform.
Inclusive, Accessible Tech: Bias-Free Language in Code and Configurations - A...Nordic APIs
A presentation given by Adrienne Moherek, Developer Experience Technical Leader, Cisco, at our 2024 Austin API Summit, March 12-13.
Session Description: Heard of suss? You can suss out more information or you can find someone’s information to be suss. “Suss” shows the flexibility of language. It’s an ongoing process to change how we use certain words. It’s important to choose words carefully to convey the correct meaning and avoid harmful subtext or exclusion. Let’s explore some of the tools and triage methods that it takes from an engineering viewpoint to make bias-free choices. How can you ensure that biased words do not sneak into code, UI, docs, configurations, or our everyday language? First, let’s walk through how to take an inventory of assets from code to config files to API specifications to standards. Next, by placing those findings into categories, prioritize the work to substitute with inclusive alternatives. Let’s examine some examples using both API and code assets. Next is a demonstration of how to automate analyzing your source code or documentation with a linter, looking for patterns based on rules that are fed into the tool. What’s in the future for these efforts? Inclusive language should expand beyond English and North America efforts. To do so, let’s organize the work with automation tooling, as engineers do.
Going Platinum: How to Make a Hit API by Bill Doerrfeld, Nordic APIsNordic APIs
A presentation given by Bill Doerrfeld, Editor in Chief of Nordic APIs, at our 2024 Austin API Summit, March 12-13.
Session Description: As it turns out, making a hit API is a lot like making a hit music album. You have to find a niche, you need good naming, and you need quality content. Also, on the production side, design, style, experience, and collaboration all matter a lot. At the end of the day, both are products, requiring the right management tools, marketing know-how, and infrastructure to scale. In this SXSW-inspired opening keynote, I'll look into the parallels between the two endeavors, providing a fun and informative look into specific things API providers should be considering on their journey toward becoming API platform rockstars.
Getting Better at Risk Management Using Event Driven Mesh Architecture - Ragh...Nordic APIs
A presentation given by Raghavan Sadagopan, Sr. Director from CapitalOne & Lakshmi Narayana, Sr. Lead Software Engineer from CapitalOne, at our 2024 Austin API Summit, March 12-13.
Session Description: Managing Risk is critical to the success of an organization. Managing Risks starts with identifying potential Risks which in the digital world are signals emanating from varying source systems. Identifying potential risks real-time enables organizations to mitigate / better prepare for potential exposures. The session will share our point of view on implementing an API centric event mesh architecture that routes events in real-time through a scalable and resilient cloud-native service on AWS.
GenAI: Producing and Consuming APIs by Paul Dumas, GartnerNordic APIs
A presentation given by Paul Dumas, Senior Director Analyst at Gartner, at our 2024 Austin API Summit, March 12-13.
Session Description:
GenAI will be, well, generating APIs. We are entering the era where software creates software. It will develop APIs faster than humans are capable of. Humans cannot compete with this compute power. How do we marshal this power, govern what it produces, and leverage it to support our business objectives and strategies? We will become more dependent on the capabilities we have as humans that elude machines. This talk provides insight to software leaders about the challenges of leading and managing this new software development power. The key lies in skills that are unique to humans: foresight, intuition, and agility.
The SAS developer portal –developer.sas.com 2.0: How we built it by Joe Furb...Nordic APIs
A presentation given by Joe Furbee, Developer Advocate and Developers Communities Manager at SAS Institute, at our 2024 Austin API Summit, March 12-13.
Session Description: Sure, we could have hired someone to (re)create our developer portal, developer.sas.com. However, we wanted the freedom to build our portal from the ground up. But, it takes more than an API architect and a developer advocate to create a modern, interactive developer experience. This session provides an overview of the steps we took to relaunch the SAS AI and analytics platform developer portal. Who was involved? How did we accomplish what we wanted to build? We’ll explore the stakeholders involved, the importance of open-source technologies, and why focusing on the developer’s perspective matters. This is not a marketing pitch to promote SAS services. Instead, it’s a detailed look at the process we followed to deploy our new developer portal.
How Netflix Uses Data Abstraction to Operate Services at Scale - Vidhya Arvin...Nordic APIs
A presentation given by Vidhya Arvind, Staff Software Engineer, Netflix, at our 2024 Austin API Summit, March 12-13.
Session Description: At Netflix, Data abstraction plays a pivotal role in hosting 100s of use cases that scale, they are widely adopted and depended on by mission-critical systems. In this talk, I show how to design reliable APIs and layout data for Key-Value services for petabyte-scale datasets. Key-value service uses a control plane and data plane to abstract the data, uses some novel techniques to reliably store and safely scale the service to 100s of instances.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
6. Graph Database
● Database management system
(DBMS)
● Property Graph data model
● Cypher query language
● Graph analytics
● Data visualization
● Developer tool for building
applications
What is Neo4j?
neo4j.com/
19. 1) GraphQL is an API query language, not a database query
language.
2) Limited expressivity (no projections, no aggregations, etc).
3) While GraphQL exposes your application data as a graph, it’s
not (just) for graph databases
19
What is GraphQL?
20. ● Overfetching
○ Less data over the wire
● Underfetching
○ Single round trip
● GraphQL Specification
● “Graphs All The Way Down”
○ Relationships vs Resources
○ Unify disparate systems (microservices)
● Simplify data fetching
○ Component based data interactions
20
GraphQL Advantages
21. ● Some well understood practices from
REST don’t apply
○ HTTP status codes
○ Errors
○ Caching
● Exposing arbitrary complexity to client
○ Performance considerations
● n+1 query problem
● Query costing / rate limiting
21
GraphQL Challenges
47. ● GraphQL First Development
○ GraphQL schema drives the database datamodel
● Generate Cypher from GraphQL
○ Single query / single round trip to database
● Generate GraphQL CRUD API from type definitions
● Auto-generated resolvers (no boilerplate!)
● Extend GraphQL functionality with Cypher
○ @cypher schema directive
47
Goals for Neo4j-GraphQL Integration
64. The GRAND stack
● A new paradigm for building APIs
● Schema definition
● Query language for APIs
● Community of tools
graphql.org/
65. The GRAND stack
● JavaScript library for building user interfaces
○ Web, mobile (React Native), VR
● Component based
○ Reusable
○ Composable
reactjs.org/
66. The GRAND stack
● Frontend framework
integrations
● Caching
● Code generation
● Schema creation
● Mocking
● Schema stitching
● Engine
Client-side tooling Server-side tooling
● “A set of tools designed to leverage GraphQL and work together to create a
great workflow”
www.apollodata.com/
67. The GRAND stack
● Native graph database
● Flexible and intuitive property graph data model
● Cypher query language
○ Express complex traversals
● Client drivers in many languages
neo4j.com/
82. Lots of options…
● Authorization In Resolvers
● Business Logic / Data Access Layer
● Wrapping Resolvers
● Schema Directives
82
Authorization In GraphQL
83. Pros:
● Easy to implement
● Fast prototyping
Cons:
● No single source of truth
● Duplicated logic
83
Authorization In Resolver
84. Pros:
● Flexible request
processing
● Single implementation
Cons:
● How to handle generated
resolvers (GraphQL
engines)?
84
Auth In Business Logic / Data Access Layer
https://graphql.org/learn/authorization/
85. Pros:
● Permissions defined
together, single source for
auth rules
Cons:
● Permissions must match
resolvers
● Difficult to work with
generated resolvers
Wrapping Resolvers - GraphQL Shield
https://github.com/maticzav/graphql-shield
86. Pros:
● Declarative way to define
permissions by annotating
type definitions
● Works with generated
resolvers
GraphQL Schema Directives For Auth
Cons:
● Spreads auth rules across
the GraphQL schema
87. ● Identifier preceded by “@”, with optional arguments
● A way of extending a GraphQL schema by annotationing type
definitions.
● Custom logic defined on server
What’s a Schema Directive?
https://www.apollographql.com/docs/graphql-tools/schema-directives.html
88. How To Implement Custom Directives
https://www.apollographql.com/docs/graphql-tools/schema-directives.html#Implementing-schema-directives
89. ● Don’t need to implement our
own auth directives
● Works with JWTs
● Implements:
@isAuthenticated
@hasRole
@hasScope
● Included in neo4j-graphql.js
graphql-auth-directives npm module
https://www.npmjs.com/package/graphql-auth-directives
90. ● Can be used on Types or Fields
● User must be authenticated to access the resource
○ Request contains a valid signed JWT
@isAuthenticated
https://www.npmjs.com/package/graphql-auth-directives
91. ● Can be used on Types or Fields
● Request must contain a valid signed JWT and roles claim must
include specified role
@hasRole
https://www.npmjs.com/package/graphql-auth-directives
92. ● Can be used on Query or Mutation fields
● Request must contain a valid signed JWT and scopes claim must
include specified claim for that operation
@hasScope
https://www.npmjs.com/package/graphql-auth-directives
103. ● isAuthenticated, hasRole, hasScope are generic, can be used
with any GraphQL implementation
● What could a neo4j-graphql.js specific @auth directive do?
○ Auditing data access (createdAt, createdBy)
○ Fine grained data access (owner)
○ More complex permissions specified by the graph?
@auth directive
Let us know what you think: https://github.com/neo4j-graphql/neo4j-graphql-js/issues