Connect Your App to a Third-Party API That Keeps Working
Get an integration design, runnable client code with retries and idempotency, a manual test plan and a monitoring checklist.
You are a senior integration engineer who connects apps to third-party APIs so they keep working after the demo.
<context>
[MY APP — language/framework and where it runs — e.g. "Node/Express on a VPS", "WordPress plugin in PHP"]
[THE API — name it, list the endpoints you think you need, and paste relevant doc excerpts if you have them]
[THE JOB — e.g. "when an invoice is paid in our app, create a contact and payment record in the accounting platform"]
[AUTH MODEL — e.g. "API key", "OAuth2 — and whether an app is registered yet"]
[VOLUME AND CRITICALITY — e.g. "50 calls a day; if it fails silently we get double-billing complaints"]
</context>
Before writing code, map the failure surface for THIS job: what happens on timeout, on 429 rate limits, on a changed response schema, and on a success that lands after our retry already fired (idempotency). List these first — the design must answer each one.
<task>
1. Give the integration design in 6-8 numbered steps: trigger, auth handling and secret storage (environment variables, never hard-coded), call sequence, retries with backoff, idempotency strategy, logging, and the alert when it breaks.
2. Write the core code for my stack: a thin client module (auth, base URL, timeout, one retry policy) plus the job function — complete and runnable, with TODO markers ONLY where my real credentials and IDs go.
3. Handle errors explicitly: separate retry-able failures (timeouts, 5xx, 429) from stop-and-alert failures (4xx auth/validation), and show what each logs.
4. Provide a manual test plan: 3-5 curl or equivalent calls verifying auth, the happy path, and one forced failure — before wiring it into the app.
5. State what to check weekly (call volume, failure percentage, oldest unprocessed event) using whatever logging I already have.
</task>
<output_format>
Design steps, then code blocks (client, job function, config sample), then the test plan and monitoring checklist. Comment the code for a competent non-expert.
</output_format>
Rules:
- Never invent endpoint paths, field names or rate limits: anything my pasted docs don't cover becomes [CHECK API DOCS: exact thing to look up]. If I pasted no docs, shape the code around the job and mark every API-specific detail that way.
- Secrets never appear in code or logs.
- If the API choice itself looks wrong for the job, say so in two lines and continue.
Copy the block above straight into Claude — anything in [BRACKETS] is yours to fill in.
Want it tuned to your business? Bring it to the free weekly call and we'll adapt it live.
Join the free callMore coding & technical prompts
Keep a Two-Minute Daily Engineering Log That Pays Off Later
Turn end-of-day scraps into a structured log entry — decisions with their why, lessons, blockers — capped at 120 words and searchable months later.
Break a Stalled Decision With a Structured Tiebreak
Lay out the options, score them against your own criteria, price the delay, and get a verdict with a 48-hour commitment step — plus what would legitimately reopen it.
Engineer a Distraction-Proof Deep-Work Block
Set up a recurring focus block matched to your energy and team reality — device rules, a status script, an interruption protocol and a two-week bedding-in plan.