Menu
Create REST and GraphQL integration guides covering authentication flows, pagination strategies, rate limiting, error handling, retry logic, and SDK wrapper patterns. Produces implementation-ready reference documents with code examples.
| name | api-integration-guide |
| description | Create REST and GraphQL integration guides covering authentication flows, pagination strategies, rate limiting, error handling, retry logic, and SDK wrapper patterns. Produces implementation-ready reference documents with code examples. |
| metadata | {"displayName":"API Integration Guide","categories":["engineering"],"tags":["api","rest","graphql","integration","authentication","rate-limiting","pagination"],"worksWellWithAgents":["api-developer","integration-engineer","solutions-architect"],"worksWellWithSkills":["api-design-guide","integration-specification","technical-spec-writing"]} |
Gather the following from the user:
If the user says "integrate with X API," push back: "Which specific operations do you need? I need the endpoints, auth method, and where this runs to write a useful guide."
For each auth method, produce the exact sequence:
API Key: Document header name (Authorization: Bearer <key> or X-API-Key), storage (environment variable, never committed), and rotation procedure.
OAuth 2.0 (Authorization Code): Document the full redirect-exchange-refresh cycle: authorize URL with state param, code exchange at token endpoint, refresh_token storage (encrypted), and proactive refresh before expires_in.
OAuth 2.0 (Client Credentials): Document token endpoint call, cache duration (expires_in minus 60s buffer), and re-fetch on 401.
For every endpoint or query, document:
Operation: [Human-readable name]
Method: [GET/POST/PUT/PATCH/DELETE] or [Query/Mutation]
Path: [/resource/:id] or [GraphQL operation name]
Request:
Headers: [Required headers beyond auth]
Params: [Path, query, or body params with types and constraints]
Body example: [JSON]
Response:
Success (2xx): [Shape with field types]
Error codes: [4xx/5xx with meaning and action]
Rate limit: [Requests per window, header names for remaining/reset]
Document the pagination pattern the API uses and how to consume it:
GET /items?limit=100&offset=0. Stop when response count < limit or offset >= total_count.GET /items?limit=100&cursor=<next_cursor>. Stop when next_cursor is null.pageInfo { hasNextPage endCursor }. Stop when hasNextPage is false.For all patterns: state the maximum page size, recommend a default, and note whether the API supports parallel page fetching safely.
Document the API's rate limit response and the client-side strategy:
Rate limit signal:
HTTP 429 Too Many Requests
Headers: X-RateLimit-Remaining, X-RateLimit-Reset (Unix timestamp)
Client strategy:
1. Before each request: check remaining count from last response headers.
2. If remaining < 5: sleep until reset timestamp + 1 second jitter.
3. On 429 response: read Retry-After header. Sleep for that duration.
4. If no Retry-After: exponential backoff starting at 1s, max 60s.
5. For batch operations: use a token bucket or leaky bucket limiter.
Classify errors and define behavior for each:
| Status | Category | Retryable | Action |
|---|---|---|---|
| 400 | Client error | No | Log payload, fix request, do not retry |
| 401 | Auth expired | Once | Refresh token, retry once |
| 403 | Forbidden | No | Log, alert, check permissions |
| 404 | Not found | No | Handle as missing resource |
| 409 | Conflict | Maybe | Re-fetch resource, resolve, retry |
| 429 | Rate limited | Yes | Backoff per rate limit strategy |
| 500 | Server error | Yes | Exponential backoff, max 3 retries |
| 502/503 | Unavailable | Yes | Exponential backoff, max 5 retries |
| Timeout | Network | Yes | Retry with same backoff as 5xx |
Retry formula: delay = min(base * 2^attempt + random_jitter_ms, max_delay)
The client wrapper should encapsulate: rate limiter wait before each request, retry loop with exponential backoff, automatic token refresh on 401 (once), error classification (retryable vs terminal), and a paginate method that loops cursor-based requests until exhausted. Constructor validates base_url, credentials, timeout, and max_retries.
Before delivering the integration guide, verify:
expires_in leads to cascading 401s. Always refresh proactively.sleep(5) between retries causes thundering herd when multiple clients hit rate limits simultaneously. Use exponential backoff with random jitter.Write structured accessibility audit reports with findings mapped to WCAG criteria, severity levels, affected components, remediation steps, and a prioritized fix timeline.
Write effective prompts for AI coding tools — structure task context, specify constraints, provide examples, and iterate based on output quality. Targets developers using Claude Code, Copilot, Cursor, and similar tools.
Design RESTful and GraphQL APIs with consistent naming conventions, versioning strategy, pagination patterns, error response formats, authentication schemes, and rate limiting — producing a complete API specification.
Write Architecture Decision Records (ADRs) that capture context, options considered, decision rationale, and consequences — creating a searchable decision log for future engineers.
Design and document automation workflows for n8n, Make, Zapier, and Power Automate. Covers trigger-action chain mapping, conditional branching, error handling, retry logic, and workflow diagrams with platform-specific node references.
Design BI reports and analytics views — with metric definitions, data source mapping, filter logic, drill-down paths, and refresh schedules that enable self-service decision-making.