Developer Guidelines

Use these guidelines when building and operating integrations.

Integration Standards

• Use server-side calls for all authenticated API requests.
• Include idempotency protections in downstream processing.
• Set explicit request timeouts and retry with backoff for transient failures.

Reliability

• Handle 429 and 5xx responses with exponential backoff.
• Avoid tight retry loops.
• Log request ids, status codes, and error codes for troubleshooting.

Data Quality

• Validate required fields before processing.
• Treat nullable fields defensively.
• Expect additional fields to appear over time.

Security

• Never log full API keys.
• Restrict access to integration secrets.
• Rotate credentials during team member offboarding or incident response.

Change Management

• Monitor ChangeLog for updates.
• Test against sandbox before production rollout.
• Version-lock internal mappings to avoid regressions.