Web Dev//API//external API

Pattern where your app makes HTTP requests directly to a third-party service. The service doesn't run inside your server — it lives somewhere else, and you consume it via HTTP.

Pattern where your app makes HTTP requests directly to a third-party service. The service doesn't run inside your server — it lives somewhere else, and you consume it via HTTP.

Your app is responsible for everything: timeouts, retries, error handling, authentication, and managing state between calls

The request happens synchronously inside your backend handler (or Vercel Function). If the external service is slow, your function waits — and if it waits too long, you hit the timeout.

Examples: Gmail API, Google APIs, Resend (email), Sentry (errors), PostHog (analytics), Upstash (Redis), Pinecone (vectors), Supabase — all are external APIs that your app calls via HTTP

OAuth 2.0 is the standard auth pattern: the user gives permission to the external service, the service gives your app a token

For heavy batch work against external APIs (e.g. thousands of Gmail calls), a single function will timeout. That's where event-driven processing takes over.