Training Agenda

API Engineering

APIs are the contracts between services — and bad API design is one of the most expensive technical debts a team can accumulate. API Engineering covers how to design, build, version, document, and operate APIs that stand the test of time: REST done right, OpenAPI as a collaboration tool, API gateways, authentication patterns, and the operational concerns that matter in production. This training is relevant for backend engineers, architects, and platform teams building internal or public APIs.

1–2 days On-site, remote, or hybrid Up to 20 participants German or English
What We Cover
Design contracts that outlast the first version
Day 1

REST Design & OpenAPI

  • REST constraints: What actually makes an API RESTful and why it matters for long-term maintainability
  • Resource modeling: Nouns vs verbs, collection vs singleton, nested resources — designing clear URL structures
  • HTTP semantics: Methods, status codes, headers — correct usage that clients can rely on
  • Versioning strategies: URI versioning, header versioning, content negotiation — trade-offs and when to choose each
  • OpenAPI 3.1: Designing APIs spec-first before writing code — OpenAPI as a team collaboration tool
  • Request and response modeling: Schemas, oneOf/anyOf, discriminators — handling polymorphic payloads
  • Error response design: RFC 9457 (Problem Details) for machine-readable errors consumers can act on
  • Pagination patterns: Cursor, offset, keyset — when each is appropriate and their trade-offs
Day 2

Security, Gateways & Operations

  • Authentication patterns: API keys, OAuth2 client credentials, JWT bearer tokens — choosing the right model
  • Authorization: Scopes, claims-based access control, resource-level permissions — fine-grained authz design
  • API Gateway patterns: Rate limiting, request transformation, circuit breaking — cross-cutting concerns in one place
  • Kong, AWS API Gateway, and Azure API Management: Configuration examples and when each makes sense
  • API versioning in practice: Deprecation strategy, sunset headers, migration support for consumers
  • Contract testing with Pact: Consumer-driven contracts between services — catching breaking changes early
  • API observability: Logging, tracing, and alerting that actually matter for API operations
  • API governance: Style guides, linting with Spectral, review processes — consistency at scale
Learning Outcomes
What your team walks away with

API designers who build contracts that last — well-modeled resources, proper HTTP semantics, secure authentication, and operational visibility.

Book the API Engineering training

Available as a standalone session or combined with Spring Boot for a complete backend API development track.

Get in touch