API Crafting Secrets: Into Jamendo API

Tell us more about the development process of the Jamendo API
When we decided to redesign Jamendo, we quickly thought that the API should be a priority in our planning: first, because it is THE main way for Jamendo to live outside www.jamendo.com (on social networks, mobiles, etc.), and second, because the migration of existing applications (based on our previous API) will take some time.

To develop the new API, we have used the Zend framework (as for the website) but we made a sub-framework specifically for the API to make it easier to change.

The current online version is the beta version. Developers who have started to program the next version of the Android and iOS Jamendo applications have worked on the alpha release. It was very good training to fix major bugs and unappropriated methods. Now other developers around Jamendo have also begun to use the beta version. All returns should help us to consolidate our API quickly and release a final version soon.

For the developer interface & management, we have chosen 3scale, which provides a complete and easy-to-use set of tools. With the administrative interface, you manage all applications, developers accounts, statistics, plans, rate limits, proxy config, etc.
The integrated CMS allows you to create a personalized developer portal extremely quickly. It’s really time-saving.

Finally, our team has worked on the API according to the “agile” methodology for about 3 months.

What are the key components of your core API infrastructure?
Flexibility, scalability and security are probably the main keywords we tried to keep in mind during the API development.


Flexibility: Jamendo will evolve a lot in the coming years and our API must be able to follow the Jamendo evolutions without reconsidering it. So our API framework had to be really dynamic.


Scalability: our API is free to use and we want to be more and more accessible from any place at anytime, so we will encourage everybody to use it. That’s why good scalability is necessary to stay efficient.

Security: of course, the API must be secured with a strong authentication to access read & write methods. 3Scale is perfect for that because it proposes different types of authentications, and particularly the combination of a client ID and a client Secret with OAuth1/2 support.

What drove your choices in terms of technology and infrastructure?
Jamendo has already developed two APIs in the past but because we decided to redesign the entire Jamendo infrastructure, we needed a new API adapted to this new infrastructure.

The previous APIs allowed us to learn from our mistakes and this time we have chosen quite a different direction from the previous version.

It was so permissive that it was possible to use it almost like when you make a SQL query. You specified the selected fields, the joined tables, ordering, etc. It is very powerful but it generates problems because of the lack of control over the consumed resources.

On the other hand, we had no authentication system. So if an application consumed too many resources (for example, multiplying the joints), we could not easily identify this application.

Our new API is less permissive but offers more methods for retrieving the same information. The difference is that there is no longer the risk of overloads due to a bad query.

With 3scale, we also identify each developer that is using our API. Knowing who uses your API, how and for what purpose changes everything. I’m sure it will also help us to improve our API by observing which methods are heavily used and which methods are hardly used.

What proxy are you using for your API and why?
We already used NGINX for the Jamendo website, so we were happy to see that 3scale provide a very good NGINX integration. NGINX is known for its high performance, stability, rich feature set, simple configuration, and low resource consumption.

What are the specificities of your API?
With the new API, it’s now possible to access some write methods. It allows you to access features such as “like,” “dislike,” “add track to favorites,” etc. Many others will be introduced later. 
These methods are protected by the OAuth2 protocol that is supported by 3scale. With OAuth2, an application can be connected to a Jamendo user account very easily and securely for this user.

How can developers get a better taste of what your API does
Our documentation is online (http://developer.jamendo.com/v3.0).

The next step is to integrate ActiveDocs that is provided by 3scale. ActiveDocs is really cool for developers to use because it’s the easiest way to test an API in a complete GUI.

Any roadmap/evolution plan that you can share with us?
- April 11: we launch a developer contest to celebrate our new API (go to http://developer.jamendo.com for more information.)

- Implement the 3scale ActiveDocs.

- Add several write methods in our API.