Tags

API Design

API Design

0 lessons
2 system designs
13 community items

api-design

Community

13 items
Article

RBAC vs ABAC vs ReBAC, Explained

RBAC, ABAC, and ReBAC are different shapes for different rules, not stages of maturity. Pick by the shape of your access policy, and most real systems end up a thoughtful hybrid.

rbac
authorization
security
system-design
api-design

445

2

4.0 (9)

Apr 9, 2026

by @lucasmoreau

Question Bundle
Free

gRPC vs REST Tradeoff Quiz

A 4-question reference set comparing gRPC and REST on the dimensions that matter at interview time: latency overhead, call types, schema evolution, and observability. Pick the right tool for the workload.

Go
grpc
rest-api
api-design
quiz

473

12

4.3 (12)

Apr 8, 2026

by CodeSnatch

Article

Pagination Strategies: Offset, Cursor, and Keyset

Offset is the default that breaks under load. Keyset is what you want for most lists. Cursor is keyset wearing a public costume. Pick deliberately, not by ORM defaults.

pagination
api-design
rest-api
backend
system-design

378

5

4.2 (13)

Mar 21, 2026

by @amaragupta

Article

Rate Limiting on the Edge with a Redis Token Bucket

Token bucket as a single Redis Lua script, evaluated atomically, deployed near the edge. The implementation, the failure modes, and what I would actually ship today.

rate-limiting
token-bucket
redis
api-design
reliability

463

14

4.4 (10)

Mar 17, 2026

by @antonmorgan

Article

API Gateway vs BFF vs Reverse Proxy

Three terms, three distinct concerns, three different owners. Most teams collapse them and end up with one thing pretending to be all three.

api-gateway
reverse-proxy
microservices
system-design
api-design

448

5

Mar 17, 2026

by @marcusreddy

Article

Rate Limiting: Token Bucket vs Sliding Window

Token bucket is the right default. Sliding window log is correct but expensive. Fixed window is the algorithm I would not ship.

rate-limiting
token-bucket
sliding-window
api-design
system-design

198

2

4.2 (12)

Feb 11, 2026

by @adityadesai

Article

REST vs GraphQL vs RPC: Pick the Fit, Not the Trend

Three protocols, three call shapes. The wrong choice is fixable, indecision is not. Pick by caller, dominant call shape, and how much HTTP caching matters.

rest
graphql
grpc
api-design
system-design

1k

9

4.2 (13)

Jan 22, 2026

by @quinnsuzuki

Article

Error Handling in REST APIs: The Shape I Settled On

RFC 7807 plus a code, requestId, errors array, and documentationUrl. The eight fields earning their keep, the status codes everyone confuses, and what changed my mind across four APIs.

error-handling
rest-api
api-design
http
backend

492

10

Jan 14, 2026

by @leoeriksson

Article

Idempotency Keys: The Pattern Stripe Taught Everyone

The key itself is the trivial part. The lifecycle, the storage, the body fingerprint, and the TTL are where production teams trip.

idempotency
stripe
api-design
system-design
reliability

577

4

4.1 (12)

Dec 31, 2025

by @chloekelly

Question Bundle
Free

Express vs NestJS Middleware Quiz

Four questions comparing Express middleware to NestJS guards, interceptors, and pipes. Aimed at devs who came up on Express and keep reaching for `app.use()` when Nest already gives them a better seam.

TypeScript
framework
api-design
interview-prep

925

20

Dec 30, 2025

by @isabellarashid

Article

Webhook Design: Retries, Signatures, and Replay Protection

Sign requests. Dedupe by event id. Apply idempotently by resource id. Ack fast, process async. Tolerate out-of-order. Five concerns that turn a webhook into critical infrastructure.

webhooks
security
reliability
idempotency
api-design

1k

31

4.3 (11)

Dec 29, 2025

by @oliviadelgado

Interview Experience

Shopify Senior Engineer Loop: Take-Home Plus Architecture

A Shopify senior backend loop centered on a take-home, an architecture deep dive on what I built, and a Life Story round.

interview-prep
system-design
api-design
coding-interview
behavioral

898

14

4.3 (13)

Dec 15, 2025

by @emmadiallo

Article

API Versioning Strategies Without the Pain

Pick a versioning strategy on the day you ship the first version. URI versioning is the safe default, calendar dating is the gold standard, and your first release IS a contract.

versioning
api-design
rest-api
backend
http

509

9

Nov 21, 2025

by @khalidcooper