API & Http
Eight packages that form the HTTP infrastructure layer of a Granit application.
| Package | Purpose |
|---|---|
| CORS | Default policy, ISO 27001 wildcard rejection |
| API Versioning | URL segment versioning, RFC 8594 deprecation headers |
| API Documentation | Scalar OpenAPI UI, OAuth2/PKCE, multi-version docs |
| Exception Handling | RFC 7807 Problem Details, chain of responsibility mapper |
| Idempotency | Stripe-style middleware, Redis state machine, AES-256 entries |
| Rate Limiting | SlidingWindow, FixedWindow, TokenBucket, Concurrency algorithms |
| Webhooks | HMAC-signed outbound webhooks, retry, subscription management |
| Bulkhead | Per-tenant concurrency isolation, feature-based quotas, Wolverine middleware |
Package dependencies
Section titled “Package dependencies”graph TD
CORS[Granit.Cors] --> CO[Granit.Core]
AV[Granit.ApiVersioning] --> CO
AD[Granit.ApiDocumentation] --> AV
AD --> SEC[Granit.Security]
EH[Granit.ExceptionHandling] --> CO
ID[Granit.Idempotency] --> CA[Granit.Caching]
ID --> SEC
RL[Granit.RateLimiting] --> CO
RL --> EH
RL --> FT[Granit.Features]
RL --> SEC
See also
Section titled “See also”- Architecture: HTTP Conventions — Status codes, Problem Details, DTO naming
- Security module — JWT Bearer, authorization