Designing a passively safe API
Summary
The article advocates designing passively safe APIs to fail gracefully and avoid duplicate work or unrecoverable state. It uses an actionable POST /shipments example to illustrate failure modes and the need for patterns like idempotency keys and the outbox/inbox. It then details a path from monolith to microservices with asynchronous processing and robust retry semantics.