Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I wonder how an example from the article like the API to post new listings to Amazon works in practice with the requirement to be designed to be open to outside developers. It seems like that’d force some sort of review process (and I’m not really sure who can review all new listings) between API call and public availability that might not be there if you eg. had a private API for approved employees.


In my experience, most APIs my teamed designed/built were not meant to ever be publicly available. That is, we never considered public availability as a design factor. So I think this rule doesn't actually apply anymore.

Then again, I don't know how public availability would change the API design really...


API design concerns for public availability (just to name a few):

  - security
  - preventing abuse
  - API Anti-Corruption Layer
    - sanitizing inputs and outputs
    - i.e. not exposing DB IDs/PKs, or pagination cursors directly
  - versioning, backward- and forward- compatibility, deprecation strategy
  - usability, DX, Documentation
  - reducing bandwidth use:
    - caching
    - eliminate over-fetching
    - efficient wire format




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: