Posted on 07-15-2014
I was looking through federal government APIs the other day, looking for the low hanging fruit, when it came to making government APIs more discoverable using APIs.json. During my initial work, I played with three separate APIs from www.usa.gov, which I think demonstrates the importance of CORS, and how opening it up for APIs, makes them more portable and remix-able.
When it comes to the the three APIs from www.usa.gov, I do not have control over the API itself, but I wanted to create a self contained, site that showcased the government APIs, and provide interactive API documentation generated using Swagger. I made sure all three of the APIs had machine readable API definitions using Swagger, then I setup a simple HTML page, which allowed anyone to play with each of the APIs.
This worked great until I reached the third API, which was at a different domain than the previous two, and didn't have CORS enabled. If you aren't familiar with CORS, or Cross-origin resource sharing (CORS), which is a mechanism that allows many resources on a web page to be requested from another domain outside the domain the resource originated from—behavior that you may want to control on a web page, but for an API it is something you want to encourage.
CORS being enabled, is the difference between an API being portable, and remix-able, and it being locked down to its original developer portal. If an API is RESTful and has CORS enabled, any outside party (like me), can generate a machine readable API definitions for it, and compose a developer experience, that that includes the API—with or without consent of the original API provider. While this might scare the shit out of some API providers, it is the future of API driven, application architecture.
You can't expect all developers to find your API developer portal, and APIs need to be more portable, allowing for remixing by other API providers, backend as a service providers, and anyone who wants to feature the API resource in their developer portal. CORS is a simple thing that you can enable for your APIs that will make a big difference in how your API is found, and integrated into other applications and systems.
comments powered by Disqus
Winning in the API Economy
|Download as PDF|
Latest Blog Posts
- On Being An API Broker For Hackathons
- Are You A Hypermedia Pragmatist?
- Do You Know That Hypermedia Is A Better Solution For Discovery Than APIs.json?
- API Service Idea: API Via Excel From Within Corporate Email
- With Number Of APIs Continuing To Grow Account Automation Will Be Key
- History Of APIs: NOAA APIs Have Been RESTful For Over 20 Years
- Understanding More About The Web Communications Platform Respoke
- Swagger Definition Driven Sandbox And Simulation Data Templates For APIs
- Swagger API Definition Mapper
- Moving Beyond Just The PDF With A Single Page Report (SPR)