@niall_obrien you should build your web app against one set of URLs & JSON API against another

the web application URLs should be cache-happy w/ highly tuned, specific data access (SQL, etc.) for the important UIs

The JSON API should be flexible & open (GraphQL) but w/ rate-limiting, etc

@niall_obrien this also means you can have your application code running on distinct server infrastructure, and not get taken out by a bad API client

@niall_obrien You want web app end points to be extremely fast and low-chatter. A lot of context can be encoded in the URL (v a general query language) They are also prone to changing rapidly as the web app changes:

infoq.com/articles/no-mo…

This is different than your data API

@niall_obrien Your data API can be used for anything and thus has a different feel: it needs to support new and novel use cases, but remain stable for older clients that aren't going to update. Generality means security is trickier. It's a totally different mindset vs. fast-changing app URLs

@niall_obrien when you are building a web app, you should be perfectly OK throwing away a set of end points if you change your UI, and adding new, highly specific end points to get the UI "just right"

you simply can't do that with a general, public data API

@niall_obrien @threadreaderapp unroll