Everything we have written on API.
Quote-and-bind flows, agent and policyholder portals, and rating integrations, built by a team that treats sensitive data and compliance as engineering, not paperwork.
Practical rules for REST APIs that survive years of change: stable contracts, honest status codes, cursor pagination, and versioning you can actually maintain.
GraphQL solves real problems, but it is not a default. Here is how to tell when it earns its keep and when REST or RPC will serve you better.
How to build webhook receivers that survive retries, duplicates, and 3am incidents: verify signatures, return fast, process async, stay idempotent.
A practical look at rate limiting algorithms, where to enforce them, and how to keep limits consistent across many servers without melting your database.
