Firstly, there’s the reality that API keys are not securely designed — they were never meant to be used as the sole form of authentication, and as such, they aren’t really built for the task. These keys can often be easily stolen, leaked, or, in some cases (especially if generated incrementally), outright guessed. An API key is suitable for tracking usage but is poor for security.

There is also the additional reality that keys in their default state lack some critical functionality. There’s not a lot of verification built-in for identity management, and what does exist offers very little in the way of granular access control.

Ultimately, solely relying on API keys is a mistake common with novice developers but frighteningly common even in advanced products.

Best Practices
Instead of relying heavily on API keys as a sole mechanism, combine those keys with additional approaches such as OAuth 2.0 or mTLS. Implement rigorous expiration and rotation policies to ensure that keys which are made public are only useful for a short amount of time. Consider more advanced approaches, such as IP whitelisting or device fingerprinting, to add another layer of security atop the API key process."

https://nordicapis.com/9-signs-youre-doing-api-security-wrong/

Nordic APIs · 4d9 Signs You're Doing API Security Wrong | Nordic APIs |API security anti-patterns are common. From overreliance on API keys to a lack of rate limiting to no encryption, we explore the top ones.

#API #APIs #APISecurity

**rijo** @rijo@frankfurt.social · 4d

rijo @rijo@frankfurt.social

ICYMI: Display & Video 360 API v4 now generally available https://ppc.land/display-video-360-api-v4-now-generally-available/ #DisplayAndVideo360 #ProgrammaticAdvertising #DigitalMarketing #AdTech #APIs

**PPC Land** @ppcland@mastodon.social · 4d

PPC Land @ppcland@mastodon.social

ICYMI: Display & Video 360 API v4 now generally available: generally available
Google's programmatic advertising platform reaches major milestone with stable API release. https://ppc.land/display-video-360-api-v4-now-generally-available/ #DisplayAndVideo360 #ProgrammaticAdvertising #DigitalMarketing #AdTech #APIs

PPC Land · 5dDisplay & Video 360 API v4 now generally availablegenerally available Google's programmatic advertising platform reaches major milestone with stable API release.

**Frontend Dogma** @frontenddogma@mas.to · 4d

Frontend Dogma @frontenddogma@mas.to

My Thoughts on Asynchronous Accessibility APIs, by @jcsteh:

https://www.jantrid.net/2025/03/20/async-accessibility-apis/

www.jantrid.netMy Thoughts on Asynchronous Accessibility APIs | JantridAccessibility API queries are generally synchronous: each query blocks both the client and the server until the query completes and returns its result. This ...

#accessibility #asynchronicity #apis

**Miguel Afonso Caetano** @remixtures@tldr.nettime.org · 5d

Miguel Afonso Caetano @remixtures@tldr.nettime.org

"Let me be blunt.

If your startup offers APIs and you don’t have a portal, you’re lighting developer acquisition money on fire.

Here’s what a good portal actually does:

Shortens time-to-value: faster POCs, faster adoption.

Reduces support tickets: devs can find what they need.

Builds trust: your API feels stable, documented, and ready.

Increases conversion: when docs show how easy it is to integrate, not just tell.

Still sending PDF onboarding packets to partners?

C’mon, boo. "

https://www.quetzalliwrites.com/newsletters/developer-portals-dev-friendly-or-dev-frustrating

Quetzalli WritesQuetzalli Writes | Educational Tech Content & Ghostwriting¡Hola, Tech Writing Friends! Your API is powerful. Even your docs are pretty decent. But… where the hell is your developer portal ? If you’re shipping APIs and expecting developers to magically integrate without a centralized place to get credentials, try out endpoints, or even find updated gui

#DevPortals #DeveloperPortals #APIs

**Frontend Dogma** @frontenddogma@mas.to · 5d

Frontend Dogma @frontenddogma@mas.to

React Query API Design: Lessons Learned, by @tkdodo.eu (@bejs_@x.com):

https://www.youtube.com/watch?v=l3PxErcKeAI

YouTubeReact Query API Design: Lessons Learned - Dominik DorfmeisterBy BeJS

#videos #lessons #react

**Miguel Afonso Caetano** @remixtures@tldr.nettime.org · 6d

Miguel Afonso Caetano @remixtures@tldr.nettime.org

"The accompanying diagram is intended to help you quickly decide how to document an API, but particularly a REST API. The first split is just to make sure you are looking for the right kind of API.

Here is some more context to help you decide on an approach and get started."

https://gist.github.com/briandominick/3ffab6be460fbde799aa34e0a42a4299

GistAPI Documentation Decision MatrixAPI Documentation Decision Matrix. GitHub Gist: instantly share code, notes, and snippets.

#API #APIs #APIDesign

**Imkerei.lorenz** @Imkerei.lorenz@pixelfed.social · Mar 27

**DSLC Videos** @DSLCvids@fosstodon.org · Mar 26

Mar 26

DSLC Videos @DSLCvids@fosstodon.org

From the @DSLC chives:

"Engineering Production Grade Shiny Apps Book Club" https://youtu.be/gEaGKdVGaM4
#RStats

"Web APIs with R: How can I get started with APIs? Part 2"
https://youtu.be/WGxr4BTP75w #API #APIs #RStats

"Statistical Rethinking:" https://youtu.be/sW8RpF_MZtE #RStats

"JS4R: A Complete Integration" https://youtu.be/-8ZJJdXpfSw #RStats
#JavaScript

Visit https://dslc.video for hours of new #DataScience videos every week!

youtu.be- YouTubeEnjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

**C++Now** @cppnow@mastodon.social · Mar 25 *

Mar 25 *

C++Now @cppnow@mastodon.social

C++Now 2025 SESSION ANNOUNCEMENT: A View for Any Occasion by Patrick Roberts

https://schedule.cppnow.org/session/2025/a-view-for-any-occasion/

schedule.cppnow.orgA View for Any Occasion – C++Now Schedule

#APIs #programming #sfinae

**Stefan Stranger** @sstranger@techhub.social · Mar 23

Mar 23

Stefan Stranger @sstranger@techhub.social

Instead of searching online for interesting #APIs I find myself searchefor interesting Model Context Protocol (MCP) servers

https://github.com/modelcontextprotocol/servers

Model Context Protocol Servers. Contribute to modelcontextprotocol/servers development by creating an account on GitHub.

GitHubGitHub - modelcontextprotocol/servers: Model Context Protocol ServersModel Context Protocol Servers. Contribute to modelcontextprotocol/servers development by creating an account on GitHub.

#AI #LLMs

**Imkerei.lorenz** @Imkerei.lorenz@pixelfed.social · Mar 23

Mar 23

Imkerei.lorenz @Imkerei.lorenz@pixelfed.social

Die neue #Bienenbeute für das künftige #Bienenvolk von #siriusfacility ist angekommen und zusammengebaut. Sobald das Wetter es zulässt wird die #bienenbeute noch mit Farbe schön gemacht ...
#PROJEKT2028 – Ich bin dabei!
PROJEKT 2028 ist die größte digitale Bienenschutzinitiative in Österreich und
Deutschland. Bis 2028 steigern wir gemeinsam die Bienenpopulation um 10 Prozent.
@hektarnektar gewinnt Unternehmen dafür, die lokale Imkerei zu unterstützen und
erfahrenen Imker*innen ein Bienenvolk zur Pflege zu überlassen.
Mich unterstützt „@„@siriusfacility* Vielen Dank! @hektarnektar,
@siriusfacility
#projekt2028 #hektarnektar #bienenschutz #jedebienezählt
#imker #imkerei #beelover #bienen #zadant #honig #frühtracht #sommertracht #schöneshobby #regional #wissenwohereskommt
#streuobstwiese
#maintalerstreuobstwiesenhonig #apis #abeja #apetm703 #maintal #carnica

#carnica

**InfoQ** @infoq@techhub.social · Mar 23

Mar 23

InfoQ @infoq@techhub.social

Level up your engineering leadership!

In this #InfoQ #podcast, Sagar Batchu talks about building high-performing teams, navigating the Individual Contributor-to-leader transition, and the future of APIs with AI.

Listen now: https://bit.ly/4iulVLW

#EngineeringLeadership #Teamwork #SoftwareDevelopment

Recent searches

Search options

Administered by:

Server stats:

#apis