Part of our attachmentAV offering is an API, powered by Amazon API Gateway (REST APIs), allowing developers to integrate virus and malware scanning into their applications. To increase discoverability and simplify integration we decided to build software develpment kits (SDKs) for popular programming languages.
Learn from my journey of finding the best way to generate SDKs for JavaScript, Java, Python, and TypeScript for a REST API.
Built-in function: Generate SDKs for REST APIs
First, I tried the built-in functionality Generate SDKs for REST APIs in API Gateway.
Generating the SDK was simple and fast. However, the result was mediocre. From a developer point of view, using the SDK did not provide significant convience compared to sending plain HTTP request. I was missing an layer of abstraction to simplifiy API usage.
Smithy: Interface Definition Language (IDL)
Second, I looked into Smithy, an Interface Defintion Language developed by AWS to generate their SDKs. Who, if not AWS, must know how to generate SDKs for APIs.
The concept of an extensible, typesafe, protocol agnostic IDL in combination with tools to build client SDKs for various programming languages resonated with me. I found the layer of abstraction, that I was missing while generating SDKs with Amazon API Gateway.
The following snippet shows the model, that I used to build clients for the attachmentAV API.
$version: "2.0" |
However, I ran into two problems with Smithy. On the one hand, Smithy is clearly focused on generating SDKs for AWS services and therefore makes assumptions about endpoint URLs, authentication mechanisms, and more by default. Using Smithy outside these defaults was tricky for me. On the other hand, most client generators are not production-ready yet and are marked as developer preview. That led to generated code that was not compiling or did not work as intended.
OpenAPI Generator: Generate from OpenAPI documents
Third, after getting advice from Sebastian, Anton, Luciano on LinkedIn I looked into the popular OpenAPI Generator project.
As we use an OpenAPI document to deploy the API Gateway on AWS, giving OpenAPI Generator a try was pretty simple. All I needed to do was to hand over the OpenAPI document to the generator.
But, the result was not very promising. The usability of the generated SDK was pretty bad.
The following idea brought the turnaround: define a seperate OpenAPI document with the aim of generating an SDK that is easy to use. I removed some resources and methods, modified the resource definitions, and more.
The following snippet shows the OpenAPI document optimized to generate SDKs.
openapi: 3.0.0 |
I’m pleased with the results (see attachmentav-sdk-js, attachmentav-sdk-java, attachmentav-sdk-python, and attachmentav-sdk-ts).
The following snippet shows how to scan a file for viruses and malware.
import { AttachmentAVApi, Configuration } from '@widdix/attachmentav-sdk-ts'; |
Looking for a way to scan files for viruses, trojans and other kinds of malware. Try the Virus and Malware Scan API by attachmentAV!
Summary
Building SDKs for an API increases discoverability and simplifies integration. Implementing and maintaining SDKs by writing code manually is a huge effort. For us, using the OpenAPI Generator with an optimized OpenAPI document brought the best results.
- Master Customer Service with MB-230 Certification: Your 2025 Success Blueprint
- Master the 1z0-908 Certification in 2025: Unlock Advanced MySQL Skills for Your IT Career
- Master the MB-500 Exam: Your 2025 Guide to Empowering Your Dynamics 365 Career and Unlocking Advanced Functionalities
- Master the NSE5_FAZ-7.0 Certification: Your Definitive 2025 Guide to Advancing Your Network Security Career
- Unlock Advanced Network Security Skills: Your Ultimate 2025 Guide to NSE7_EFW-6.4 Certification Success