Observations on API and Mashup Management

API and Mashup Blog

Latest News

    Archives

    Tags

    5 questions amazon analytics announcement API API best practices Apigee API management API news API Tips Apple case study consumer debug Design developer news developers example facebook facebook api feature features HipChat howto latency mashup monitoring new APIs OAuth performance proxy response time Skype API ssl talks This Week in APIs twitter Twitter API UI video

    Subscribe to This Blog

    sonoa Learn more about the company behind Apigee

    OAuthpocalypse? Have No Fear, ApiGeeks!

    The Twitter API is one of the most popular APIs on our platform and with Twitter shutting off basic auth and moving to OAuth tomorrow, we wanted to reassure you that Apigee is ready for the OAuthpocalypse with full support for APIs which use OAuth.

    Here's how to do it, using the Twitter API as an example:

    1. Do the OAuth dance with the canonical API endpoint (e.g. api.twitter.com).

    2. Once you have a user's token, use it to sign requests' base strings, which you would also build using the canonical endpoint from step 1.

    3. Then send those signed requests to your Apigee URL, such as twitter.myusername.apigee.com.

    In this way traffic can flow to and from Twitter via your Apigee API using OAuth.

    Let us know if you run into any questions or issues- visit our support site or ping us on Twitter at www.twitter.com/apigee. Good luck with the big switch!

    Hooks, Sockets and Firehoses: Streaming API Technologies Getting Us to REALLY Real-Time

    If you rely on Twitter to see what your friends are having for lunch, waiting 24 seconds to get an update is fine. If you're a stock trader who could have lost a few thousand dollars or more while reading this post, 24 seconds is a very long time to learn that your favorite company just got acquired.

    Real-time runs on APIs as much as it runs inside a web browser. This means that the "real-time web" isn't always "real-time"- a web service API is typically a request-response technology, requiring that the client makes a request of the server, waits for a response, and then processes it. This can add critical seconds or milliseconds.
    Earlier this month I attended the ReadWriteWeb Real-Time Summit in New York City. In an "unconference" session on streaming API technologies, we discussed 3 technologies bringing us closer to REALLY real time: 
    HTTP streaming- This technique uses the HTTP protocol, but instead of responding to a request with a single piece of data, the server responds with many small pieces of data that are published as soon as they are available. It's as if you're using HTTP to retrieve a very, very, large file -- the server just keeps pushing out data, one piece at a time. Twitter uses this technique in its Streaming API.
    Since HTTP Streaming doesn't work quite the same way that most HTTP-based services work, the program that reads the stream has to be written to process the incoming data, handle reconnects, and so on. It's also difficult to use in a web browser without doing some JavaScript trickery; HTTP Streaming is mainly suitable for server-to-server communication. 
     
    WebHooks is a real-time tech with a simple concept: whenever something happens on server A, it makes an HTTP POST to server B and sends it the update directly. Like HTTP Streaming, it only works for server-to-server communications, but unlike HTTP Streaming the barrier to entry is very low for the programmer - anyone who can write a program or script that can process an HTTP POST can consume a WebHook. Unlike HTTP Streaming, however, a WebHook uses one HTTP request for each event, which means that with today's servers a WebHook is going to top out at several thousand events per second, whereas HTTP Streaming can theoretically process many more events.

    WebSocketsunlike HTTP streaming and WebHooks, is designed for real-time streaming to the client- useful for creating real-time apps that run in the browser. WebSockets allows a client and server to use the HTTP protocol for some initial interchange, and then agree to communicate bidirectionally. The result is just like a TCP socket -- the client and server can send whatever data they'd like, in any order, in either direction, for as long as they want. WebSockets also supports JavaScript, ensuring you can easily build a high-fidelity, near-real-time application in a web browser using Internet-standard protocols. WebSockets is part of the HTML 5 family of standards, already implemented in Google Chrome and Apple Safari, and will eventually come to all the browsers. It was good to see Kaazing, who is leading the development of WebSockets, hanging out at the RRW Real Time Summit. 

    With some existing technology out there and some new stuff on the way, the stage is set to build a real-time web that's a bit closer to real-time.

     

    This Week in APIs- June 7-11, 2010

    Check out the top news in APIs this week!

    S3 Import/Export API- Amazon Web Services added an Import/Export API for its Simple Storage Service (S3), an infrastructure service for storing data. The new API makes it easier to move large amounts of data in and out of Amazon- a great move for data portability.

    Twitter API Meetup- Twitter held a meetup in its San Francisco offices this week to talk about the Twitter API, showcase some cool apps and celebrate Apple's WWDC. Twitter's Taylor Singletary presented on XAuth, a new authentication method for APIs. Twitter will no longer allow support for basic authentication at the end of the month so Twitter devs, it's time to brush up on the new method! The meetup made it very clear that the XAuth standard was developed to be used across the API community and promises to make authentication safer and easier, so keep an eye out for adoption.

    APIs in the world of PaaS- Over at CloudAve, Krishnan Subramanian has a post and some love for Apigee on why APIs are the oxygen of Platform as a Service offerings- check out the article for some stark examples of how APIs can mean the difference between success and failure.

    New APIs! A number of companies debuted new APIs- here are a few we thought were especially cool:

    • HubSpot, which launched a Lead API to connect HubSpot's lead capture tools to other CRM software. Excellent example of how APIs can be used to connect tools and unleash new functionality. 
    • The New York Times introduced a Most Popular API to track the most viewed and shared content- fodder for mashups here! 
    • Microsoft introduced its Trial API that allows developers to include free trial versions of their apps in the Phone 7 App Market- more signs that the mobile API world is maturing. 
    • As always, ProgrammableWeb's Newest APIs list is a great way to keep on the top of the all the new delicious APIs out there. 

    Anything important we missed this week in APIs? Shoot me an email at .(JavaScript must be enabled to view this email address).

    Scaling Twitter Applications Without Blinking

    Twitter has attracted not just a large quantity of users, but a huge number of developers.  The core utility of having a short messaging service that is both open and connected to an expanding social graph continues to find new uses every day as developers invent new applications that use the Twitter API.

    We recognized this early on as we built Twitter-specific capabilities into Apigee (the console and Twitter analytics) and launched it at Chirp on April 14th. We are truly grateful to all our new developers for their adoption and the insights they've offered us about growing the service.

    The next logical step is to bring our service to where the developers are, rather than making them come to us.  Today we’re announcing our partnership with Heroku, with Apigee available as a Heroku Add-on.

    We want to help Ruby developers scale up their Twitter apps to meet demand.  Heroku makes it easy to scale up a Ruby application and Apigee makes it easy to scale up access to the Twitter API.  Without these kinds of services, developers usually go through a painful rearchitecture process as their application becomes more popular and demand for their computing resources increases beyond their planned limits.

    From what we’ve heard we think that this will be a very helpful combination, letting successful Twitter applications rise to meet demand gracefully.

    You can try the add-on yourself at Heroku and check out this short video by Marsh on how to use it:

    Sam Ramji discusses Apigee’s new Twitter API Tools with Robert Scoble.

    Robert Scoble of Rackspace caught up with Sam Ramji to discuss the latest release of Apigee and all the new Twitter centric features. Check out the full interview below!

    •  1 2 >