safe sex with third-party apis
TRANSCRIPT
Lorinda BrandonDirector of Solutions Strategy
at SmartBear
@LindyBrandon
APIs are not a new phenomenon.
The API (r)Evolution
This team built
Web
applicatio
ns usin
g APIs
in 1995
Back then, APIs were just a construct. It was just how we
built software.
But now, it’s an entire industry!
The power of APIs now lies in external and global
opportunities.
The true power of APIs
External APIs extend our virtual reach through partners
Often for free!
Public APIs turn our local development teams
into global development teams.
In other words – free, public APIs…
Turn this…
…into this!
Free APIs = Free Love
It’s all about sharing and re-use
But you have to be smart about who you’re sharing with.
Here comes the“Safe Sex”
part
Twitter API
YouTube
DocuSign
FacebookConne
ct
Code responsibly!
Your app is your responsibility, even the parts you didn’t code!
It’s great to innovate.
It’s great to cooperate.
It’s great to collaborate.
But while you’re having fun, you
have to be careful!
Because it’s your app on the line!
No one wants to be that guy.
So, what can you do to protect yourself and others?
There are 8,652 APIs listed on ProgrammableWeb
Including…
• 173 Travel• 182 Music• 320 Mapping
Research Know Your Choices
Defend Define Your Thresholds
• Response times
• Critical functionality needs a Plan B
• Code defensively
Test Make Sure It Works
• Include third party APIs in your test plans
as if it’s your own code
• Add to regression tests
Monitor Find Out First
• Your users are probably on Twitter too
• Be the first to report
• Ensure performance
So what did we learn today?
We all need to start using protection when we’re in the sack with
third-party APIs.
For us, that protection is SoapUI, which allows you to functionally test and
security test your APIs, then use those tests to monitor them as well
That way, there are no surprises.
Thank you!
#APIStrat
(And be safe)