Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Programming Software

Ask Slashdot: Best API Management System? 50

An anonymous reader writes: I've landed a summer internship with a software firm that has a library of APIs available to current and potential customers. One of my team's tasks is to make recommendations on how to improve the developer portal, which not only provides a testing sandbox and documentation, but is also a source of sales leads for the company's business units. Mashery was the original choice for this task, but there are some limitations: some types of customers don't need to see all of the API in the library, and different business units have different goals for this developer platform when it comes to sales and marketing. What solutions work best to provide scaleable, customizable access?
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Best API Management System?

Comments Filter:
  • You are Doomed (Score:5, Insightful)

    by frovingslosh ( 582462 ) on Friday June 19, 2015 @03:58PM (#49948665)

    and different business units have different goals for this developer platform when it comes to sales and marketing

    When you let sales and marketing drive technical decisions, brace for failure.

    Years ago I worked for mini-computer maker Data General (a.k.a "Data Who"). One of the things that took down that company was the the engineers, architects and designers built amazing technology that was far ahead of anyone else. Then marketing would come in and say "Fantastic! Great Job! Now we just need you to remove this feature and that feature, because. as it is. this machine out preforms that bigger, older, more expensive system that we are already selling." Look where that company is now.

    • by khasim ( 1285 )

      My problem with tying it to sales and marketing is that now I will be inundated with sales calls and emails.

      And then they will sell my contact info to anyone who will pay for it.

      So I have to go through the effort of registering ANOTHER fake email address with GMail prior to filling out the form.

      Fuck, just look at how stupid Dice is making /. now. That always happens when sales and marketing interfere with technology.

    • by Kkloe ( 2751395 )
      this, but even it seems that they want a system that they can offer x apis to customers and then charge them more to use other apis they might have, and that is a sound business model if it works out for them
    • As a former DG-er myself, I can only agree. The MicroNova *could* have been part of a real breakout for DG, but the bigger iron guys shuddered at the lower price of it so it remained a red-headed stepchild, clearing the way for TI and Intel. After that, its 63077 for DG. :-)
      • If you're old enough to remember the micronova [I'm a former DG software engineer and I wrote code for it], you can probably remember the PC "turbo" switch. When IBM realized that PCs were outperforming their mid-range business systems (AS400???), they changed the BIOS to prevent boot if the PC ran too fast. Hence, the turbo switch: Run slow until BIOS is done, push turbo switch to get faster clock speed.

        That was IBM's first attempt to control [PC] turf. The second came with the micro channel architectu

  • by MartinG ( 52587 )
  • Oh fuck off.... (Score:3, Informative)

    by Lunix Nutcase ( 1092239 ) on Friday June 19, 2015 @04:02PM (#49948685)

    Was your job at Dice Holdings, Incorporated, Mr. "Anonymous" Reader?

  • Obviously (Score:5, Funny)

    by MightyMartian ( 840721 ) on Friday June 19, 2015 @04:11PM (#49948747) Journal

    Well, obviously any API management system needs a "share" button at the bottom of each screen so you can share your favorite API methods with your friends on Twitter, Facebook and Google+.

  • I've seen a few very good ways of doing this, but recently two products have grabbed my attention. Apigee.com used to have a amazing free service for exploring apis for various sites (like facebook and others that I've had to use). I can't seem to find a good link to it just now. However the product that I use at work for this is Postman (www.getpostman.com)
    • by I4ko ( 695382 )
      Axway API Gateway Portal (or whatever it is called these days, formerly Vordel) has the portal and the test sandbox built into each instance.
  • by xxxJonBoyxxx ( 565205 ) on Friday June 19, 2015 @04:44PM (#49948949)

    >> some types of customers don't need to see all of the API in the library

    Don't try to go down that road. If you start hiding functions through obscurity, they will pop out anyway (through code samples, forums, reverse engineering, pentesting, etc.) and will only lead to bad things (developers pissed at you for "crappy, incomplete documentation," customers laughing at you for "trying to hide the best stuff," salespeople people yelling at you for not exposing something you've already written but they didn't know they needed until they walked out of a customer meeting, top executives yelling at everyone when a security researcher finds a big flaw in a rarely used function call that everyone forgot about).

    Signed,
    Dude With 15 Years Experience With Web APIs
    (Who Has Had Much Of This Happen To Him Or His Company)

    • Enterprises have public and protected APIs - even if you document both you may have different provisioning flows - protected may require approvals (so someone checks that you are indeed a partner) while public may be more straight forward through a self serve signup process
  • please do my job for me. Thank you.
  • There are a few services that can help you.

    Check out APISpark [restlet.com] (made by the Restlet team). It lets you publish and manage the API on the web, supports a lot of standards, and also has tools to actually help you create clients and server implementations.

  • Sounds like you are just looking for a good documentation tool, one that allows people to test the APIs live.

    If that's what you want, then you should look at API Blueprint [apiblueprint.org], RAML [raml.org], and Swagger [swagger.io].

    • You want to project the actual APIs that you offer so you want to connect to the API management system that acts as the system of record for your APIs, otherwise you will fall out of sync
  • The Web is designed to not need APIs or dedicated documentation. You might have heard of REST - it's a set of constraints on network architecture designs, which are: client-server protocol, layered interface, caching, stateless connections, code-on-demand (e.g. Javascript), and a uniform interface (e.g. HTML). REST is defined by the principal author of HTTP, Roy T. Fielding.

    Lots of people call themselves RESTful (Amazon, Twitter) but aren't even close. A RESTful service is pretty much just like a website: Y

    • by Saanvik ( 155780 )

      Since you don't have to implement ever aspect laid out in Mr. Fielding's dissertation [uci.edu] to be RESTful, I think your second paragraph is a bit too strong.

      One thing that's probably not clear from your comment is where you talk about forms. A RESTful API doesn't provide forms, but it may support POST/PUT HTTP verbs, actions that are most often exercised by using forms.

      • All the constraints of the dissertation are required to call your HTTP service RESTful; although some of the constraints themselves are 'optional', e.g. Code-on-demand (your server doesn't have to actually use it, but your protocol must support it).

        See my second link for an analysis of why the Twitter and Amazon APIs are not RESTful. Mostly, they don't implement the uniform interface, HATEOAS in particular [wikipedia.org]. They don't provide hyperlinks, but instead you have to read their public documentation and hard-code

  • Man pages worked nice to describe the POSIX API and all its extensions. Old fashioned, not sexy, but we target developers, right?

    But I have hope it could be seen as bankable by management.

  • Back in the 80s I built a persistent OO systems with sophisticated ACL. We implemented it by finagling the message dispatch mechanism to make select methods on guarded classes error out instead of doing what they normally did. That was on Objective C so it was fairly easy to get to the dispatch table. Some equivalent of that plus a filter on what objects were returned pretty well did it.

  • At my old company, we rolled our own system using perl (or python or ruby or whatever you want) and Doxygen and autopod. This made a Javadoc-ish-looking website. Doxygen is pretty powerful in what is generated, based upon the source code decorators. So we nightly generated the HTML from our git and hg repos and threw that html docset into a templating system a web designer made for us. And we were able to make one doc set using only APIs that had certain keywords or @public=true in the comments, and then

  • If your APIm service does not open APIs it will be very hard to build a developer portal that suit your needs. We work with IBM APIm, all developer portal functions are exposed via APIs and they ship an example in Drupal that you can shred apart and see all the APIs in action

Sendmail may be safely run set-user-id to root. -- Eric Allman, "Sendmail Installation Guide"

Working...