Competencies: Software Engineering > API Development

API Development

Body of Knowledge

Topic	Description	Relevance	Career Tracks
REST API Design	Designing RESTful APIs following HTTP semantics, resource naming conventions, status codes, pagination patterns, and OpenAPI specification.	High	Backend, API, Architecture
API Authentication	OAuth 2.0, JWT, API keys, session tokens, bearer authentication	Critical	Backend Developer, Security Engineer
API Documentation	OpenAPI/Swagger, API portals, code samples, SDK generation	High	Backend Developer, Technical Writer
Rate Limiting	Token bucket, sliding window, quota management, API throttling	High	Backend Developer, SRE
API Versioning	URL versioning, header versioning, deprecation strategies, breaking changes	High	Backend Developer, Software Architect
GraphQL Development	Schema design, resolvers, mutations, subscriptions, DataLoader	Medium	Backend Developer, Full-Stack Developer
gRPC Development	Protocol Buffers, service definitions, streaming, code generation	Medium	Backend Developer, Systems Developer
Webhooks	Event delivery, retry logic, signature verification, idempotency	High	Backend Developer, Integration Engineer
API Security	Input validation, CORS, injection prevention, secure headers	Critical	Backend Developer, Security Engineer
API Testing	Contract testing, integration testing, mock services, API test automation	High	Backend Developer, QA Engineer

Topic

Description

Relevance

Career Tracks

REST API Design

Designing RESTful APIs following HTTP semantics, resource naming conventions, status codes, pagination patterns, and OpenAPI specification.

High

Backend, API, Architecture

API Authentication

OAuth 2.0, JWT, API keys, session tokens, bearer authentication

Critical

Backend Developer, Security Engineer

API Documentation

OpenAPI/Swagger, API portals, code samples, SDK generation

High

Backend Developer, Technical Writer

Rate Limiting

Token bucket, sliding window, quota management, API throttling

High

Backend Developer, SRE

API Versioning

URL versioning, header versioning, deprecation strategies, breaking changes

High

Backend Developer, Software Architect

GraphQL Development

Schema design, resolvers, mutations, subscriptions, DataLoader

Medium

Backend Developer, Full-Stack Developer

gRPC Development

Protocol Buffers, service definitions, streaming, code generation

Medium

Backend Developer, Systems Developer

Webhooks

Event delivery, retry logic, signature verification, idempotency

High

Backend Developer, Integration Engineer

API Security

Input validation, CORS, injection prevention, secure headers

Critical

Backend Developer, Security Engineer

API Testing

Contract testing, integration testing, mock services, API test automation

High

Backend Developer, QA Engineer

Personal Status

Topic	Level	Evidence	Active Projects	Gaps
REST API Design	Advanced	44-endpoint API with consistent resource naming, HTTP method semantics, status codes, pagination, error responses; OpenAPI documentation	domus-api	No HATEOAS, no API versioning strategy, no rate limiting implementation

Topic

Level

Evidence

Active Projects

Gaps

REST API Design

Advanced

44-endpoint API with consistent resource naming, HTTP method semantics, status codes, pagination, error responses; OpenAPI documentation

domus-api

No HATEOAS, no API versioning strategy, no rate limiting implementation