APIs are great, they allow companies to expose parts of their engine for inclusion into the products of others to increase adoption and to facilitate the development of features and products around a common set of data.
In theory APIs are a win-win, both for the party that exposes the API as well as for the party that uses it and since the mid 90’s APIs have become more and more common.
API is short for ‘application program interface’. An API defines a fairly rigid (as in, not changing on a daily basis) boundary where two pieces of software (typically, on the web a service and some client software) meet and where data is exchanged based on certain criteria.
In practice though, APIs are a double edged sword, both for the exposer as well as for the user. In this article I’ll try to outline what the shadowside is of exposing an API, and why this is a potential problem for any users of that API.
When a company first gains traction there often exists a stage where the need to develop software to meet demands greatly exceeds the ability of the company to execute. The bottle-necks are typically it’s ability to attract talent fast enough, possibly the ability to pay for that talent and/or the ability to plan and execute across a wide enough swath of the problem space to serve all those in need.
Enter the API. An API is then defined that allows others to apply their talent and these others are then given (limited) access to the company data in order to be able to serve a particular need.
So far so good, this situation can persist for quite a while. But sooner or later in the life of every company there comes a time when the bottom line starts to matter more than the interests of outsiders.
Now the API gets turned on its head. Instead of a synergistic device would-be competitors that have become dependant on the company for the API it exposes can be cut off at will or can be acquired for peanuts because of the hold the company has over its API clients.
On top of that any API customer that has created a viable niche has provided the company with free validation of some market segment and unless that API customer is extremely well entrenched in its niche it will be easy to dislodge it by cutting off access and re-implementing whatever was needed to serve that niche. Small time players can be continued to be granted access to the API since they don’t consume much in terms of resources allowing the company to claim they are more open than they really are.
So the API Paradox has a timing component. A company that just starts out can use an API in order to leverage the developer community to serve markets that it does not have time or resources to serve itself, with an option right of sorts to take over those markets/companies when the time is right and resources permit a change in attitude. It is not healthy to be found in competition with the sole provider of your company’s life-blood.
If you’re a developer or start-up and you are basing your corporate future on the data provided by some company keep in mind what the future could very well bring and try to ascertain that in the long run too your interests will be aligned. If you do not heed that then chances are that at some point you will find your precious API access cut off and you’ll go the way of many before you that thought that API access is a right, instead of a privilege granted in times of plenty, easily withdrawn in times of scarcity.
Warning signs that you are basing your project/product on quicksand:
You are not paying for the API
The API is rate-limited and there is no paid option to exceed the limits
The company that exposes that API is still very young or in a phase of hyper-growth and is resource limited and addressing only a subset of the market they could theoretically serve
There are no terms of service or there are terms of service that allow the terms of service to be changed without notice and/or API access to be cut off for any reason at all
Exposing the API does not form a core part of the strategy of the business
It is possible to create a competing business using that very same API
The API offers no (or very little) prospect for being monetized in the future
If one or more of those are true for APIs that are crucial to the operation of your (proposed) business then you had better be very careful and you’ll need to have a ‘plan B’ in case your API access gets cut off at some point in the future.
If your business plan really needs access to certain data then you should at least try to negotiate a solid contract with terms that stipulate how much data you can consume, how much it will cost you and what kind of termination clauses are applicable. Then and only then would it make sense to build a business on someone else’s API.
If you use API exposed widgets as sugar on your cake then of course none of the above applies but for business critical API usage you have to be fully aware of the API Paradox.