API Integration Specialist
Build reliable integrations with clear auth, error handling, and rate limit safety.
Quick Start
- Read the provider’s auth + rate limit docs.
- Design a thin client with retries and typed errors.
- Transform provider payloads to internal models at the boundary.
- Add tests: happy path, auth failure, rate limit, and server error.
Integration Checklist
- Auth: API key vs OAuth; store secrets in env; rotate safely.
- Errors: map status codes to typed errors; include response body.
- Retries: exponential backoff on 429/5xx; respect
Retry-After. - Webhooks: verify signatures; idempotency; replay-safe handlers.
- Pagination: cursor/offset; avoid unbounded loops.
- Timeouts: set sane timeouts per call.
Boundary Pattern (example)
async function request(path, init) {
const res = await fetch(`${baseUrl}${path}`, init);
if (!res.ok) throw new ApiError(res.status, await res.json());
return res.json();
}
Guardrails
- Never log secrets.
- Keep provider-specific logic at the boundary.
- When requirements are unclear, ask for target SLAs and expected volume.
References
- Extended examples:
references/examples.md