HomeAI OfferingsWeb DevelopmentClient StoriesAppsBlog Get in Touch
← Back to Blog Engineering

Serverless APIs with Netlify Functions

Last Rev Team May 10, 2023 8 min read
Serverless function architecture diagram showing API endpoints connecting to cloud services

There is a certain joy in deploying backend logic without thinking about servers. No provisioning, no patching, no 3 AM alerts because your EC2 instance ran out of memory. You write a function, push it, and it runs when someone calls it. That is the promise of serverless, and Netlify Functions deliver on it with remarkably little friction.

If you are building a Jamstack or static site and need backend capabilities... form processing, API proxying, third-party integrations, webhook handlers... Netlify Functions give you a clean way to add server-side logic without leaving the platform you are already deploying on.

What Netlify Functions Actually Are

Under the hood, Netlify Functions are AWS Lambda functions with a simplified deployment model. You write JavaScript or TypeScript files in a specific directory, Netlify detects them during build, and each file becomes an API endpoint automatically.

A function file at netlify/functions/hello.js becomes available at /.netlify/functions/hello. That is the entire deployment process. No API Gateway configuration. No IAM roles. No CloudFormation templates. Just a file in a folder.

Here is what a basic function looks like:

export default async (req, context) => {
  const name = new URL(req.url).searchParams.get('name') || 'World';
  return new Response(`Hello, ${name}!`, {
    headers: { 'content-type': 'text/plain' },
  });
};

That is a working API endpoint. Deploy it, hit the URL, and you get a response. The simplicity is the point; it lowers the barrier to adding backend logic to projects that otherwise would not have any.

Common Use Cases That Make Sense

Not every backend need justifies a serverless function, but several patterns fit naturally:

  • Form handlers: Process contact forms, validate input, send to a CRM or email service, return a response. No server needed between requests.
  • API proxying: Hide API keys from the client. Your function calls a third-party API using secret credentials stored in environment variables, and returns the result to the frontend.
  • Webhook receivers: Accept POST requests from services like Stripe, Contentful, or GitHub. Process the payload, trigger actions, return a 200.
  • Data transformations: Fetch data from multiple sources, merge and reshape it, and return a unified response to the client.
  • Auth flows: Handle OAuth callbacks, validate tokens, manage session creation.

The pattern that ties these together: short-lived, stateless operations that respond to HTTP requests. If your function runs for less than 60 seconds and does not need persistent connections, serverless is a natural fit.

Environment Variables and Secrets

One of the most practical use cases for Netlify Functions is keeping secrets off the client. API keys, database credentials, webhook signing secrets... none of these belong in frontend JavaScript where anyone can inspect them.

Netlify lets you set environment variables in the site dashboard or via the Netlify CLI. Your functions access them through process.env just like any Node.js application. The variables are injected at runtime and never exposed to the client.

This pattern... client calls your function, function uses secret credentials to call a third-party API, function returns sanitized results... is probably the most common use of Netlify Functions in production. It turns your function layer into a secure proxy without any infrastructure management.

Structuring Microservices

As your function count grows, organization matters. Dumping 30 unrelated functions into a flat directory creates maintenance headaches fast.

A pattern that works well is grouping functions by domain:

netlify/functions/
  users/
    create.js
    get.js
    update.js
  orders/
    create.js
    list.js
    webhook.js
  auth/
    login.js
    callback.js
    verify.js

Each function remains independently deployable and independently scalable. There is no shared state between them, which is a feature, not a limitation. Statelessness forces you to think clearly about data flow and makes each function easy to test in isolation.

For shared logic... database connections, validation helpers, response formatters... create a lib/ or utils/ directory that functions import from. The shared code gets bundled into each function at build time.

Error Handling and Observability

Serverless functions fail differently than traditional servers. There is no persistent process to crash and restart. Each invocation is independent, so errors are isolated... but they are also harder to spot if you are not looking.

Netlify's function logs capture console output and errors for each invocation. For production systems, complement these with structured logging that includes request IDs, timestamps, and enough context to debug issues after the fact.

Key practices for production-ready functions:

  • Always return proper HTTP status codes. A 500 with a helpful error message is infinitely better than a timeout
  • Set timeouts explicitly. Netlify Functions have a 60-second timeout. If your function might take longer, handle the timeout gracefully rather than letting it die silently
  • Validate inputs early. Check that required parameters exist before doing expensive operations
  • Use try/catch blocks around external API calls. Third-party services go down. Your function should handle that gracefully

When Serverless Is the Wrong Choice

Serverless is not a universal solution, and pretending otherwise leads to pain. There are cases where traditional servers or containers are simply better:

  • Long-running processes: If your operation takes more than 60 seconds, a serverless function will time out. Use a queue-based architecture or a dedicated worker instead.
  • WebSocket connections: Serverless functions are request/response. Persistent connections need a different architecture.
  • High-frequency, latency-sensitive operations: Cold starts add latency to the first invocation after idle periods. If every millisecond counts, a warm server is faster.
  • Complex stateful workflows: If your logic requires maintaining state across requests, you need a database or state management layer, and the overhead may negate the simplicity benefits.

The Netlify blog's serverless introduction is honest about these tradeoffs. The sweet spot is clear: short, stateless, event-driven operations that do not need to be running all the time.

From Functions to Architecture

The real power of Netlify Functions is not any individual endpoint. It is the architectural pattern they enable. You can build a fully functional backend... API layer, authentication, integrations, webhooks... without ever provisioning a server. Your frontend and backend deploy together from the same repository. Your infrastructure scales automatically.

For teams already using Netlify for static site hosting, functions are the natural next step when backend logic becomes necessary. The learning curve is minimal if you know JavaScript, the deployment story is seamless, and the cost scales with actual usage rather than provisioned capacity.

Start simple. One function that handles a form submission or proxies an API call. Get comfortable with the model. Then expand as your needs grow. The function-per-endpoint approach makes it easy to add capabilities incrementally without rearchitecting anything.

If you are building a Jamstack application and need backend capabilities, let's talk about the right serverless architecture for your project.

Sources

  1. Netlify -- "Functions Overview" (2023)
  2. Netlify -- "CLI: Get Started" (2023)
  3. Netlify -- "Function Logs" (2023)
  4. Netlify Blog -- "Introduction to Serverless Functions" (2023)