I believe that read APIs should return as much information as possible; while write APIs should modify as little as possible. On HipChat, we want to
There are millions of ways in which things can go wrong. But I believe all of it can be classified to just this simple thing
There are several ways to authenticate REST APIs. Which one is right for your application? Q1. Is your API meant for a single page web application?
Set appropriate timeouts whenever you connect to a database, an external API, a cache, an email client or anything that is running in a different