The number of APIs has been increasing year-over-year, as they’re the infrastructure that makes the majority of modern digital architecture possible. Given that everything from AI to SaaS involves APIs at their core, it’s not the greatest shock that 78% of organizations don’t even know how many APIs they manage. A report from F5 finds ...
#api best practices
13 posts
9 Jun
28 Apr
In February 2026, nearly 3,000 Google API keys were accidentally exposed. Data breaches are always damaging, but a data breach due to an authenticated, active API key can be catastrophic. An active API key allows actors to access uploaded files, cached data, and charge LLM-usage to your account, as noted by cybersecurity researcher Joe Leon. ...
23 Apr
Since the advent of the internet, software developers have used online assistants, like search engines, to improve their time to market. In the AI era, you can think of AI agents as a new type of user agent that goes beyond the capabilities of search engines to perform concrete tasks and provide further efficiency improvements. ...
16 Apr
“Web APIs today are broken.” A bold statement made by Microsoft’s Darrel Miller during his talk at the November 2025 A2ASummit. It’s a sentiment shared by many industry leaders. The interfaces that we see as the glue holding the digital world together have become too brittle to support modern applications, especially those powered by AI. ...
31 Mar
APIs are the modern doorway for systems to share data, but this common pathway is often unlocked. As a result, over the past two years, we’ve witnessed a string of API security incidents, including headline-worthy API exploits at 23andMe, Avelo Airlines, Authy, Optus, Trello, Volkswagen, WhatsApp, and others. 42Crunch recently released its State of API ...
19 Mar
Model Context Protocol (MCP) has been absolutely everywhere since it was first released in November 2024. Sometimes referred to as the “USB-C of AI,” MCP has come forward to help tame some of AI’s most glaring issues, namely a lack of standardization around integration as well as the context to understand what it’s accessing. Given ...
18 Mar
If your application calls even one third-party API, its reliability ceiling is no longer yours to control. That is the uncomfortable truth behind the uptime numbers API Status Check has been tracking since late 2025 across more than 215 services spanning cloud infrastructure, AI, payments, developer tools, and communications. This is not a ranking exercise. ...
26 Feb
Agentic AI systems promise something beyond single-turn inference. They can provide persistence, autonomy, and the ability to plan and act across time. However, anyone who’s tried to wire real APIs into an agent quickly discovers an uncomfortable reality. Even well-trained models can become jerky, brittle, or outright wrong once network calls, retries, partial failures, and ...
19 Feb
Over the years, we’ve had the pleasure of hosting many exceptional speakers on the Nordic APIs stage. Our most memorable talks span architectural deep dives, anti-patterns, emerging trends, personal journeys, and hard-earned lessons on what it takes to build great API platforms. To the audience, these presentations often look effortless. But the truth is, there’s ...
11 Feb
Nothing frustrates a user more than a slow or non-responsive website or application. This is especially true in ecommerce, where slow-loading pages lead to high bounce rates and lower conversion rates. Often, the hidden culprit behind delays is a high-latency API. Many app developers integrate multiple third-party APIs, cumulatively adding more latency. As more APIs ...
6 Jan
Model Context Protocol (MCP) was all the rage in the tech world in 2025 and will likely stay that way throughout 2026. MCP is changing how developers bridge the gap between AI applications and local or remote data. One of these bridges is the MCP server, which exposes capabilities to AI applications through tools, resources, ...
11 Nov 2025
We often talk about API design here at Nordic APIs and best practices to follow. One of those best practices is clear and consistent naming conventions throughout the API — from endpoint resources and URIs to fields and parameters. Naming is often overlooked in API design, leading to a poor experience for consumers. Imagine the ...
3 Oct 2025
In January 2024, the Centers for Medicare and Medicaid Services updated The CMS Interoperability and Patient Access Act. The new revision outlines requirements and specifications for what information medical providers need to provide, as well as how it should be formatted to ensure API security and data compliance. This is towards the goal of improving ...