Twitter and Digg Labs (represented by Alex Payne and Michal Migurski, respectively) have some experience with API’s. You could say they are war hardened.
Their talk was a well intentioned, if a bit sanitized, version of the experiences they each had in implementing their Application Programming Interfaces. Alex was first, balancing his short talk with what worked and what did not. Here are some of the highlights;
- Let is grow organically – This makes sense for a startup that doesn’t really expect to be the next big thing, though later on in his talk he contradicted this advice in the what-not-to-do section
- Document – This ones a best practice that is both always mentioned and almost always ignored. API’s though kinda live and die on their documentation.
- Support API community – They used the Google Groups app to build up the community.
Scale from the API perspective – this is where organic doesn’t work. The deal is that if you don’t take the time to think through issues ahead of time, these issues will bite you in the ass. - Security issues – If users can think about a way to misuse your api, they will. Twitter users would get around caching schemes, rate limiting schemes and attributes in your data model will leak. Good cross domain not xml policy would help.
What mistakes they made
- Didn’t start with api.twitter.com – Now all the twitter traffic intermingles, both api and http. The separation by domain is a good thing to do up front. This will be happening soon, according to Alex
- Didn’t version API from the get-go – Here they found that growing organiclly meant that versioning wasn’t needed. Now, however, versions for depreciation is really a must have. It will be part of the domain move.
- Didn’t make life easier for flash developers – Applications need visual people to be created. This was an eye-opener. Programmers admitting that they need someone else?? The skills of the Flash Developer, traditionally mocked by the programming elite, is really an important part of API tool design. The community that captures flash programmers will have cool looking tools
- Didn’t automate to make life easier for us – Administrative view of active API customers, stats, and admin views isn’t real sexy code work. But is you go forward with your API without these views of how users are using your api, you’re going to be in the dark when tough questions start being asked of your company.
I will cover the second half of this presentation, Michal’s talk on Digg Labs, in a second post.