API specifications/documentation is a key element for cross-team communication. In Java tech stack, we always use Swagger to generate API specifications and use Swagger UI to visualize the specification. But there is an issue in microservices architecture when using Swagger. This post will discuss the problem in Microservices API Documentation…

Microservices architecture is a popular architectural style in the backend world. Developers love to use this architectural style to develop a large-scale system and solve complex problems. But, do you know why it is so popular? In this post, I am going to discuss…

Last time, we talked about Observability. In this post, we are going to talk about log monitoring and alerting. It is also an important component of a system. Without this, your software engineers do not know what is happening in the whole system. That said, when an error occurs, no one knows and the engineering team does not know whether the system per…

In modern software development, CI/CD pipeline is really important. It can help the team focus on actual development work and reduce manual processes. With an automatic pipeline, the development workflow is more productive and less error-prone. CI/CD stands for…

We have talked about several topics about microservices. In this post, we are going to discuss Service Discovery in a microservices architecture. This is important for a microservices architecture. Without this, your client does not know how to talk to your microservices. So, let’s jump into the topic…

Microservices architecture split the whole system into different services which allows us to scale each service independently. But, it brings some problems to the architecture as well. For example, multiple entry points. Since we split the system into multiple services, the data is distributed across different services. If a client wants to get data tha…

When creating an API platform, one of the key elements is that you need to know your client’s identity and verify their identity to see if it is a valid request from an authorized user. For API Authentication, basically, we can have two approaches: Token-based authentication (We won’t discuss this approach in this post…

In this post, I will be covering an authentication approach called Passwordless Authentication. This approach can improve user onboarding and login experience. Passwordless Authentication allows users to log in to their accounts without using a password. Instead, the users need to input an OTP every time they log in to the system. That said, the users en…

In traditional authentication, we use username-password authentication to identify user identity in a system. As technology evolves, this approach is not secure enough. There are different illegal ways to get your credentials including password leaks, password brute-force attacks, phishing, etc. To secure a user account, there is an approach called…