Services
Contract-first APIs that ship and stay shipped. OpenAPI 3.1 for public REST, GraphQL Federation for multi-team frontends, gRPC + protobuf for internal service-to-service. We design the spec before a handler is written, wire OAuth 2.1 / OIDC properly, generate typed SDKs across 7+ languages, and put OpenTelemetry instrumentation on every endpoint from day one. Versioning with explicit deprecation windows (RFC 8594), gateway and WAF in front, SLOs per endpoint with burn-rate alerts. Senior backend engineers on CET with East-Coast US overlap. From 12,000 EUR/month per dedicated team; 6–8 week API design sprint from 35,000 EUR fixed.
An API is a contract you cannot take back. Once a paying customer integrates against your /v1, you own that surface for years. Most API failures are not implementation bugs — they are contract decisions made too quickly, by people who never had to maintain a v2 migration. We design contract-first: OpenAPI 3.1, GraphQL SDL or protobuf lives in a versioned spec repo, gets PR-reviewed by product, frontend, mobile and external consumers before a handler exists, and is linted by Spectral against a style guide. openapi-diff blocks breaking changes in CI. Mock servers auto-deploy per branch so consumers unblock immediately. Versioning, deprecation, auth, rate limiting and observability are designed before the first line of code, not bolted on at launch when it is too late.
OpenAPI 3.1 / GraphQL SDL / protobuf in a versioned spec repo, Spectral linting, openapi-diff breaking-change CI gate, Prism / Mockoon mock servers auto-deployed per branch, design review with frontend + mobile + external consumers.
REST + OpenAPI 3.1 for public surfaces. GraphQL with Apollo Federation 2 or Hot Chocolate for multi-team frontends. gRPC + protobuf for internal high-throughput / low-latency service-to-service. Right tool per consumer, not engineering taste.
OAuth 2.1 + OIDC, mTLS + SPIFFE for service-to-service, JWT with RS256/EdDSA. Gateway via Kong / Tyk / API Gateway / APIM / Apigee. Sliding-window or GCRA rate limiting, WAF in front, partner HMAC-signed API keys.
Auto-generated typed SDKs (TS, Python, Go, Java, C#, Swift, Kotlin, Ruby) via openapi-generator or stainless.com, published to npm / PyPI / Maven / NuGet with semver discipline and CI release pipeline.
OpenTelemetry from day one (traces, metrics, logs), trace ID in every error response, RED metrics dashboards, SLOs per endpoint with burn-rate alerts, synthetic monitoring via k6 cloud or Checkly from US-East and EU-West.
N-2 support contract, RFC 8594 Sunset/Deprecation headers, 12-month deprecation windows with email-cadence reminders, public changelog, protobuf evolution rules enforced, GraphQL @deprecated with usage telemetry from Apollo Studio or Hive.
Weeks 1–4: consumer workshops, resource model, OpenAPI 3.1 / SDL / proto draft, error envelope, pagination contract, auth design, versioning policy. Spec PR-reviewed and signed off.
Mock server live per branch, CI lint + breaking-change gates wired, gateway provisioned, OAuth/OIDC integration, observability baseline, SDK pipeline configured for 3 launch languages.
Handler implementation against the spec, Pact contract tests in CI, k6 load tests against SLO targets, SDK alpha releases to first beta integrators, weekly demo with product + design partners.
GA cutover with WAF + rate-limit policies tuned, public changelog, SDK GA across launch languages, synthetic monitoring live, on-call rota documented, post-launch SLO review at 30/60/90 days.
6–8 weeks, fixed. OpenAPI 3.1 spec, auth design, gateway choice, SDK pipeline, versioning policy, MVP reference implementation. Output is a board-ready API surface decision. From 35,000 EUR fixed.
3-person pod (TPM + 2 senior backend engineers) building and shipping the API end-to-end. Co-delivery with your team, weekly demo, monthly steering. From 12,000 EUR/month per team.
Post-launch SLO ownership, SDK release cadence, partner support escalation, quarterly contract review, 24/7 on-call for the API surface. From 6,500 EUR/month.
NDA, DPA aligned to GDPR with SCCs, IP assignment to client signed before kickoff. Spec, code and CI live in your repos from day one.
Native iOS and Android e-signature clients with a Symfony + React CRM for a cross-border law firm — KYC onboarding and a defensible evidence trail for US & EU matters.
Production social platform — App Store + Google Play, live across the US and EU — with geo Radar, encrypted messaging and a virtual economy.
Android + iOS refactor and rebuild for a German last-mile logistics operator — multi-point route planning, real-time driver tracking and in-app invoicing live in the EU.
GDPR-aligned · ISO 27001 ready · SOC 2 Type II in progress · HIPAA-capable · CCPA-acknowledged
Spec is reviewed and signed off before the first handler. CI breaks the build on any backward-incompatible change. Mock servers per branch. Result: zero "we shipped a breaking change by accident" incidents in client production.
Frankfurt / Ireland / Paris regions by default for EU consumer data, GDPR-aligned DPA with SCCs, Schrems II-aligned data flows, audit logs encrypted with customer-managed keys and replicated only inside EU.
SDKs are generated from the same spec the server validates against, so docs and runtime cannot drift. We ship in 7+ languages with one CI release pipeline, semver discipline, and a changelog the customer can actually read.
For fintech / healthtech APIs we ship against PSD2 / Open Banking, HL7 FHIR R5, ISO 20022 and other domain contracts — with sample integrations and conformance test suites included in the spec repo.
Decision is driven by consumer profile, not engineering taste. Public-facing APIs and third-party integrations go REST with OpenAPI 3.1 — it is the universal contract, every SDK generator supports it, every API gateway speaks it, every customer can curl it. GraphQL when you have a multi-team frontend (web + iOS + Android) hitting a deep object graph and the under/over-fetching problem is real, federated via Apollo Federation 2 or Hot Chocolate when multiple teams own different subgraphs. gRPC for internal service-to-service where latency budgets are tight (<10ms p99) and both sides are yours — protobuf gives you typed contracts, streaming, and connection multiplexing. We never use GraphQL for service-to-service and we never use gRPC for public APIs.
OpenAPI 3.1 (or proto file, or GraphQL SDL) lives in a versioned spec repo separate from the implementation. PR review on the spec happens before a line of handler code is written — product, frontend, mobile, and at least one external consumer (if applicable) sign off on the contract. Spectral lints the spec against your style guide (camelCase vs snake_case, error envelope shape, pagination contract, etc.). Spec changes flow through openapi-diff with a breaking-change CI gate — a PR that breaks the contract requires an explicit version bump label. Mock servers (Prism for REST, Mockoon, mock subgraphs for GraphQL) are auto-deployed per branch so frontend teams unblock immediately.
REST: URI-path versioning (/v1, /v2) for public APIs (clearest for third parties), header-based for internal where consumers are controlled. We commit to N-2 support: when v3 ships, v1 enters a 12-month deprecation window with Sunset and Deprecation headers (RFC 8594), 90-day, 30-day and 7-day reminder emails to API key owners, and a public changelog. GraphQL: field-level @deprecated directives with reason and migration hint, usage telemetry from Apollo Studio or Hive to confirm zero traffic before removal. gRPC: protobuf evolution rules strictly enforced (never renumber fields, never reuse field numbers, additive changes only without a major version bump).
OAuth 2.1 + OIDC for user-facing auth (Auth0, WorkOS, Clerk, or your own Keycloak/Ory Hydra when self-hosting is required). mTLS + SPIFFE/SPIRE for service-to-service. API keys with HMAC signing for partner integrations, JWT with RS256 or EdDSA (never HS256 with shared secret in 2026, and never RSA below 2048 bits). Gateway choice depends on stack: Kong or Tyk for self-hosted, AWS API Gateway / Azure APIM / Apigee for cloud-managed, Cloudflare Workers + Hyperdrive for edge-first. Rate limiting at the gateway (sliding window or GCRA, never naïve fixed-window), with per-key, per-IP, and global ceilings. WAF in front always.
OpenTelemetry from day one — traces, metrics and logs with consistent semantic conventions, exported to your backend (Datadog, Honeycomb, Grafana Tempo + Mimir + Loki, or Elastic). Every request has a trace ID surfaced in error responses so support can pull the full trace in one click. SLOs defined per endpoint (latency p95/p99, error rate, availability), error budgets tracked in Grafana, burn-rate alerts paging on-call before SLO is breached. RED metrics dashboards (Rate, Errors, Duration) auto-generated from OpenAPI spec. Synthetic monitoring via k6 cloud or Checkly hitting critical paths every minute from US-East and EU-West.
Dedicated API team starts at 12,000 EUR/month per pod (TPM + 2 senior backend engineers). For greenfield public APIs, a 6–8 week design sprint at 35,000 EUR fixed produces the OpenAPI 3.1 spec, auth design, gateway choice, SDK generation pipeline, versioning policy and an MVP reference implementation. SDK generation for additional languages (TS, Python, Go, Java, C#, Swift, Kotlin) is included via openapi-generator or stainless.com. Long-term operation retainer with on-call available from 6,500 EUR/month.
