How Developer APIs Can Make or Break Your Business
January 27, 2020

Jevon MacDonald
Manifold

APIs are a fundamental part of modern web application development, and it's a little hard to imagine a world without them. But the decisions that startups make about implementing and managing their APIs can have profound effects on the growth trajectory of their business, both good and bad.

Startups building tools for developers are often eager to impress their customers, exposing all manner of cool tech within their applications for those customers to consume via APIs. This is often the simplest path forward at the beginning; it's a quick and easy way to get developers using your technology, and it feels like a good foundation for the application as it matures.

But over the next five years, the way that software developers build applications is likely to change. Startups need to give themselves flexibility so that, as things change, developers have a choice of what they are going to use to access technology, and how they are going to pay for that access.

Should You Expose APIs to Developers?

As your application grows, you'll soon face a problem: what's your business model? Do you charge developers for API calls? Do you build an official client library for your tech, buttressed by enterprise support? These are questions that need to be considered at the outset.

There are many benefits to thinking critically about exposing APIs to developers. Easily accessible APIs sound great, but they're not necessarily very efficient: even simple shopping-cart applications can require developers to hit dozens of APIs to get a result. Building a client library that can achieve that result in one fell swoop creates value, and also makes your technology easier to consume.

When you take a foundational component like an API and make your users dependent on it too soon, you will struggle to change it out of fear of breaking existing customer functionality, and it will warp everything you want to build on top of it. You're going to be wrong about things, and you're going to have to react to being wrong.

Twitter is perhaps the most famous example of a company that went all-in on API access only to discover it couldn't make money if people preferred to consume Twitter outside of Twitter, using superior third-party user-interface clients to what Twitter Inc. offered at the time. It cracked down on third-party Twitter client development and acquired some talent on the client side, but this process alienated a lot of developers.

Different companies have different needs, but there's one fact of life that anyone working in enterprise technology over the last decade knows all too well: Things change, and the pace of these changes seems to be accelerating.

Take Java: Five years ago, Java was insanely relevant, and it wasn't uncommon to see development tools designed specifically for Java developers. Today, a ton of Java apps are still out there, but the language is only relevant to specific communities of developers. Others have moved on to brighter and shinier languages, and tools built specifically for Java developers can't address their needs.

Startups also tend to build their early products according to the needs of their early customers, which makes a lot of sense when you're trying to prove that your technology and your team are worthy of that revenue. However, as your company grows, newer customers might have different needs, and your product needs to be able to protect the APIs built for the early customers while adding layers that address the new use cases.

Thinking About APIs as Microservice Architectures

A better way to think about APIs might be microservice architectures. In a microservice architecture, the individual services are relatively minor cogs in the wheel; some are more important than others, but the whole concept holds that if one microservice goes down, the application stays afloat.

The value comes from being able to organize and manage those microservices, which is why startups should think carefully about whether or not to expose their APIs early in their development. Once your customers depend on your APIs, rather than your products, so do you.

All of these issues involve trade-offs, of course; exposing a lot of your APIs might kick-start interest in a particular project or company. That's why these decisions are hard.

Here are a few things to keep in mind when settling on a strategy for your APIs:

■ Include rate limiting in all your clients, even if you don't expect to be that big right away. No matter what your business involves, you'll encounter bad actors, service instability at the exact moment you start to attract users en masse, and potential infrastructure cost overruns from inartful scaling.

■ Give yourself portability in your stack. Use Kubernetes and Docker, adopt a microservices architecture, and don't use services that bind you to a particular cloud.

■ Give yourself a layer of abstraction that can adapt to changing software development norms. Make it very clear which APIs are public and which are experimental, and hold on to the experimental ones as long as possible.

■ Take responsibility right away for managing the versions of your APIs and client libraries, and make sure you keep them in sync.

If you think of your APIs as your business, you'll likely default to charging on a per-request basis, based on the cost of providing the service and some sort of markup for the investment in the technology. This is easy to do as an API-driven company, but it also makes life that much harder for your customers. Is that what you really want?

Jevon MacDonald is Co-Founder and CEO of Manifold
Share this

Industry News

April 14, 2021

SmartBear has integrated TestComplete, its UI test automation tool, with BitBar, its native mobile device cloud.

April 14, 2021

Elastic announced an expanded strategic partnership with Confluent to deliver the best integrated product experience to the Apache Kafka and Elasticsearch community.

April 14, 2021

Threat Stack announced its ability to support AWS Graviton2-based instances through the Threat Stack Cloud Security Platform.

April 13, 2021

Broadcom and Google Cloud announced a strategic collaboration to accelerate innovation and strengthen cloud services integration within the core software franchises of Broadcom.

April 13, 2021

Nylas announced the launch of Components, JavaScript UI/UX solutions that allow developers to bring productivity features to market faster without needing to design front-end elements from scratch.

April 13, 2021

Perforce Software announces its new version control desktop client — Helix Sync — enabling non-coders such as artists and designers to version digital assets, with a simple drag-and-drop UI.

April 12, 2021

ShiftLeft introduced ShiftLeft CORE, a unified code security platform.

April 12, 2021

GrammaTech announced a new version of its CodeSonar SAST (static application security testing) product that helps developers build safer and more secure code without disrupting workflows.

April 12, 2021

Panaya announced a strategic partnership with Being Guided, a Salesforce Consulting Partner, specializing in the CRM and Salesforce ecosystem, to bring Panaya's ForeSight solution to a wider audience.

April 08, 2021

Palo Alto Networks announced the second generation of Checkov, the static analysis tool for infrastructure as code (IaC).

April 08, 2021

Postman now allows any team with up to three members to collaborate in Postman with unlimited shared workspaces and unlimited shared requests at no cost.

April 08, 2021

Taos, an IBM company, has announced 24x5 managed service availability.

April 07, 2021

VMware unveiled expanded cloud workload protection capabilities to deliver security for containers and Kubernetes.

April 07, 2021

Catapult CX is launching the DevOps Institute’s (DOI) Assessment of DevOps Capabilities (ADOC).

April 07, 2021

Equinix announced that Tinkerbell, an all-in-one open source bare metal provisioning platform, has added significant new features since joining the Cloud Native Computing Foundation (CNCF) Sandbox program.