Api

ServiceNow’s Table API is how you read and write records programmatically — incidents, change requests, service catalog items, CMDB entries. Here’s how to query it from Ansible using the uri module. Authentication ServiceNow uses basic auth for API calls. Store your credentials as variables, not hardcoded values: 1 2 3 4 # group_vars/all.yml or vault snow_instance: "company.service-now.com" snow_user: "svc_automation" snow_password: "{{ vault_snow_password }}" Test your connection first: 1 2 3 4 5 6 7 8 9 10 - name: Test ServiceNow connectivity ansible.builtin.uri: url: "https://{{ snow_instance }}/api/now/table/incident?sysparm_limit=1" method: GET user: "{{ snow_user }}" password: "{{ snow_password }}" force_basic_auth: true status_code: 200 validate_certs: true register: snow_test Basic Table Query The Table API endpoint is /api/now/table/{table_name}. Common tables: ...

You authenticate to CyberArk’s PVWA API, get a session token back with HTTP 200, then immediately call GET /PasswordVault/api/Accounts and get a 401 Unauthorized. The token looks valid. You confirmed it’s being passed in the request. The account has the right permissions. Here’s why it’s happening and how to fix it. The Problem: Wrong Authorization Header Format CyberArk’s PVWA API (v9.x and earlier) does not use the standard Bearer token format. Sending: ...

You’re building a frontend that calls your API, and suddenly: A h o c a n c s e t s b h s e e e t n r o e b q f l u e o e t c s c k t h e e d d a t b r y e ' s h C o t O u t R r p S c : e / p . / o l l o i c c a y l : h o N s o t : ' 8 A 0 c 0 c 0 e / s a s p - i C / o d n a t t r a o ' l - f A r l o l m o w o - r O i r g i i g n i n ' ' h t h t e p a : d / e / r l o i c s a l p h r o e s s t e : n 3 t 0 0 0 ' Your API works fine in Postman. It works with curl. But your browser refuses to load the data. What’s going on? ...

You’ve deployed your webhook endpoint. The external service says it’s sending requests. But your logs show nothing. Here’s how to systematically debug incoming webhook issues. The Debugging Checklist Before diving deep, run through these quick checks: 1 2 3 4 5 6 7 8 9 10 11 # 1. Is your endpoint actually reachable? curl -X POST https://your-domain.com/webhook \ -H "Content-Type: application/json" \ -d '{"test": true}' \ -w "\nHTTP Status: %{http_code}\n" # 2. Is DNS resolving correctly? dig your-domain.com +short # 3. Is the port open? nc -zv your-domain.com 443 If your own curl request doesn’t reach the endpoint, the problem is infrastructure. If it does but the external service’s requests don’t arrive, the problem is somewhere in between. ...

Rate limiting is the bouncer at your API’s door. Too strict and legitimate users bounce. Too loose and bad actors overwhelm your service. Here’s how to get it right. Why Rate Limit? Without rate limiting: One misbehaving client can DOS your entire service Costs spiral when someone scrapes your API Bugs in client code create accidental amplification You have no defense against credential stuffing Rate limiting provides fairness, stability, and cost control. ...

Bad APIs create support tickets. Good APIs create fans. Here’s how to design APIs that developers will actually enjoy using. The Fundamentals Use Nouns, Not Verbs # P G P # P G D O E O O E E B S T S G S T L a T T o T E d o T g / d u E c e d u s r t e s e / e U l e r u a s e r s s t e t s e e r e r U s U s s s / e e 1 r r 2 / 3 1 2 3 The HTTP method IS the verb. The URL is the noun. ...

Integrating LLM APIs into production systems is harder than the tutorials suggest. The API call works in development. Then you hit rate limits, latency spikes, context limits, and costs that scale faster than your revenue. Here’s how to build LLM integrations that actually work. The Basics Nobody Mentions Always Stream Non-streaming API calls block until complete. For a 500-token response, that’s 5-15 seconds of your user staring at nothing. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 # Bad: User waits forever response = client.chat.completions.create( model="gpt-4", messages=[{"role": "user", "content": prompt}] ) print(response.choices[0].message.content) # Good: Tokens appear as generated stream = client.chat.completions.create( model="gpt-4", messages=[{"role": "user", "content": prompt}], stream=True ) for chunk in stream: if chunk.choices[0].delta.content: print(chunk.choices[0].delta.content, end="", flush=True) Streaming also lets you abort early if the response is going off-rails. ...

You want to add LLM capabilities to your application. Not build a chatbot — actually integrate AI into your product. Here are the patterns that work. The Naive Approach (And Why It Fails) 1 2 3 4 5 6 def process_user_input(text): response = openai.chat.completions.create( model="gpt-4", messages=[{"role": "user", "content": text}] ) return response.choices[0].message.content Problems: No error handling No rate limiting No caching No fallbacks No cost control Prompt injection vulnerable Let’s fix each one. Pattern 1: The Robust Client Wrap your LLM calls in a proper client: ...

You shipped v1 of your API. Users integrated it. Now you need breaking changes. How do you evolve without breaking everyone? API versioning seems simple until you actually do it. Here’s what works, what doesn’t, and how to pick the right strategy. The Core Problem APIs are contracts. When you change the response format, rename fields, or alter behavior, you break that contract. Clients built against v1 stop working when you ship v2. ...

When something fails, retry it. Simple, right? Not quite. Naive retries can turn a minor hiccup into a cascading failure. Retry too aggressively and you overwhelm the recovering service. Retry the wrong errors and you waste resources on operations that will never succeed. Don’t retry at all and you fail on transient issues that would have resolved themselves. Here’s how to build retries that help rather than hurt. What to Retry Not every error deserves a retry: ...