Sam Ramji from Apigee, along with Dan Jacobson and Michael Hart from Netflix, recently gave this API strategy talk at the Web 2.0 Expo in San Francisco. It includes frameworks, best practices and lessons learned to help in thinking of your API strategy from a business model, architecture, and data perspective.
We roll out big features with lots of fanfare, but the little ones roll out as they are ready. On Mondays we'll highlight recent changes here.
I've been posting a bit on OAuth best practices recently. But I want to take a step back and talk about why OAuth is important in the first place, why it's difficult, and how to think about it for your API.
“If the minimum wasn’t good enough, it wouldn’t be the minimum.” - Keith W.
Wise words from one of my developers many years ago. When it comes to tackling PCI Compliance, it is advice well worth taking.
With leaks of sensitive customer information in the news, there’s an increased focus on compliance as more services shift to cloud computing and APIs.
If you are a merchant of any kind or deal with customer credit card information then you must be aware of PCI compliance regulations that are designed to protect consumer credit card information from exposure....
Following Part 1, here are the slides and a video for Part 2 of our series on applying universal principles of design to APIs.
Since we first wrote about OAuth 1.0 vs. 2.0 a while back, lots has been happening and lots has changed. The OAuth community has made progress and made changes, and an increasing number of API providers have deployed APIs that use OAuth 2.0. (Similarly, the number of new OAuth 1.0-enabled APIs doesn't seem to be growing.)
We've been busy helping our customers implement OAuth-based APIs, and we've also been watching the process develop. Here are some things that we've learned:
OAuth is a solution -- not technology.
In order for an API provider to support OAuth, a number of...
With the proliferation of free, cloud services it's possible to build and run interesting mobile and web projects from end-to-end for free--including an awesome web API. Included are 10 steps to building and running a web API for free.