API & Backend Development
I build backends and APIs that stay reliable under load — NestJS/Node services with clean boundaries, idempotent webhooks, queue-driven background work, and integrations (payments, AI, third-party) that don't break in production.
The engine room: well-structured APIs, robust integrations, and the operational details — idempotency, retries, rate limiting, observability — that decide whether a backend survives real traffic.
What's included
- REST APIs with clear contracts and typed end-to-end
- Payment & PSP integrations (Stripe, Trust Payments, Norbr, HiPay)
- Reliable webhooks (signature verification + idempotency)
- Background jobs and queues (BullMQ / Redis)
- Rate limiting, structured logging and security hardening
How I work
Clear, typed API contracts so consumers integrate fast and nothing drifts.
Idempotent handlers, retries, and queues for anything slow or external.
Logging, rate limiting and a readiness checklist before it carries real traffic.
I've built payment-analytics pipelines over Trust Payments / Norbr webhook data, integrated multiple PSPs and OpenAI APIs, and led a 120+ finding production-readiness security program.
Related work
FAQ
How do you make payment webhooks reliable?
Verify the signature, dedupe by event id, and make the handler idempotent so retries are safe — then push slow work to a queue instead of the request path.
REST or GraphQL?
REST for most SaaS backends — simpler to cache, version and reason about. GraphQL when clients genuinely need flexible, aggregated queries.