web-api
web-api
Purpose
This skill enables OpenClaw to design and implement web APIs using REST, GraphQL, and tRPC, focusing on OpenAPI 3.1 specifications, JWT/OAuth2 authentication, rate limiting, and pagination. Use it to generate secure, scalable API blueprints and code snippets for web applications.
When to Use
Apply this skill when building backend services that require API endpoints, such as creating a user authentication system or fetching paginated data. Use it for projects involving RESTful architectures, GraphQL queries, or tRPC procedures, especially if you need to enforce rate limits or handle authentication.
Key Capabilities
- Design REST APIs with OpenAPI 3.1: Generate schemas using
openapi-generatorCLI with flags like--input spec.yaml --generator spring. - Implement GraphQL APIs: Define schemas with types and resolvers, e.g., using Apollo Server config:
const typeDefs = gqlquery { users };. - Handle tRPC procedures: Create typed endpoints, e.g.,
export const appRouter = router({ hello: publicProcedure.query(() => 'world') });. - Authentication: Enforce JWT or OAuth2 via middleware; set env var
$WEB_API_JWT_SECRETfor token signing. - Rate limiting: Apply limits using libraries like
express-rate-limitwith options{ windowMs: 15*60*1000, max: 100 }. - Pagination: Implement cursor-based or offset pagination in queries, e.g.,
query { users(first: 10, after: "cursor") }.
Usage Patterns
To design a REST API, invoke this skill with: openclaw run web-api --design rest --spec openapi.yaml. For GraphQL, use: openclaw run web-api --type graphql --schema schema.graphql. Always include auth by setting $WEB_API_OAUTH_CLIENT_ID and $WEB_API_OAUTH_CLIENT_SECRET. For tRPC, specify: openclaw run web-api --type trpc --router path/to/router.ts. Include rate limiting by adding --rate-limit 100:15m. Example 1: To create a paginated user endpoint, run openclaw run web-api --design rest --endpoint /users --paginate offset:10 then integrate the generated code. Example 2: For a secured GraphQL query, use openclaw run web-api --type graphql --auth jwt --query "query { protectedData }", which outputs a resolver with JWT validation.
More from alphaonedev/openclaw-graph
playwright-scraper
Playwright web scraping: dynamic content, auth flows, pagination, data extraction, screenshots
1.4Kgcp-iam
Manages identity and access control for Google Cloud resources using IAM policies and roles.
370humanize-ai-text
AI text humanization: reduce AI-detection patterns, natural phrasing, tone adjustment
262macos-automation
AppleScript, JXA, Shortcuts, Automator, osascript, System Events, accessibility API
173tavily-web-search
Tavily: web search optimized for AI agents, answer synthesis, domain filtering, depth control
155clawflows
OpenClaw workflow automation: multi-step task chains, conditional logic, triggers, schedule
102