DZone
Integration Zone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
  • Refcardz
  • Trend Reports
  • Webinars
  • Zones
  • |
    • Agile
    • AI
    • Big Data
    • Cloud
    • Database
    • DevOps
    • Integration
    • IoT
    • Java
    • Microservices
    • Open Source
    • Performance
    • Security
    • Web Dev
DZone > Integration Zone > More Considerations When Providing An Anonymous App For Your API Service

More Considerations When Providing An Anonymous App For Your API Service

When providing anonymous access to your API, you have to be careful that you don't get overwhelmed in its usage, especially by nefarious or automated services.

Kin Lane user avatar by
Kin Lane
·
Aug. 29, 16 · Integration Zone · Opinion
Like (5)
Save
Tweet
2.41K Views

Join the DZone community and get the full member experience.

Join For Free

I wrote a post the other day about Postman.io having a limited, anonymous version of their API modeling tool. I stumbled across it while I was trying to upgrade my Stoplight.io account. Shortly after I tweeted out the blog post, John Sheehan (@johnsheehan) from Runscope chimed in with some wisdom on the subject.

@kinlane we had a ‘one-click trial’ 24-hour account once, no email required. i regret the hours i wasted building it.

— John Sheehan (@johnsheehan) August 19, 2016

@kinlane was basically just used for abusive cases. only one ever converted to a real user

— John Sheehan (@johnsheehan) August 19, 2016

@kinlane hurl.it and requestb.in have the same problem. have to hamper them (captcha, cloudflare) to keep up

— John Sheehan (@johnsheehan) August 19, 2016

@kinlane if it gets any popularity, you’re screwed

— John Sheehan (@johnsheehan) August 19, 2016

@kinlane so i love this idea but i will probably never have a no-signup-required service again

— John Sheehan (@johnsheehan) August 19, 2016

@kinlane pretty sure the example from your post could be used as an open proxy (like hurl.it was before recaptcha)

— John Sheehan (@johnsheehan) August 19, 2016

Definitely, something to consider. In the current online environment, it might become quite a pain in the ass to maintain an anonymous app, as John points out. This is one reason I work to publish my API tooling as standalone JavaScript applications, which run 100% on Github. First off they run on Github infrastructure, and use Github's bandwidth. Second, this type of app is forkable, and people can choose to run them wherever they desire — on GitHub, or any other site they wish.

I'll keep an eye out for other anonymous apps built on top of API service providers, or individual APIs — maybe there are other successful models out there, or maybe there is also some other cautionary tales we should hear.

API app

Published at DZone with permission of Kin Lane, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • Diving Deep into Smart Contracts
  • Developing a Cloud Adoption Strategy
  • 10 Best Infrastructure-as-Code Tools for Automating Deployments in 2022
  • Agile Micromanagement — Seriously?

Comments

Integration Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • MVB Program
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends:

DZone.com is powered by 

AnswerHub logo