More Considerations When Providing An Anonymous App For Your API Service
25 Aug 2016
I wrote a post the other day about Postman.io having a limited, anonymous version of their API modeling tool. I stumbled across it while I was trying to upgrade my Stoplight.io account. Shortly after I tweeted out the blog post, John Sheehan (@johnsheehan) from Runscope chimed in with some wisdom on the subject.
@kinlane we had a ‘one-click trial’ 24-hour account once, no email required. i regret the hours i wasted building it.— John Sheehan (@johnsheehan) August 19, 2016
@kinlane was basically just used for abusive cases. only one ever converted to a real user— John Sheehan (@johnsheehan) August 19, 2016
@kinlane hurl.it and requestb.in have the same problem. have to hamper them (captcha, cloudflare) to keep up— John Sheehan (@johnsheehan) August 19, 2016
@kinlane if it gets any popularity, you’re screwed— John Sheehan (@johnsheehan) August 19, 2016
@kinlane so i love this idea but i will probably never have a no-signup-required service again— John Sheehan (@johnsheehan) August 19, 2016
@kinlane pretty sure the example from your post could be used as an open proxy (like hurl.it was before recaptcha)— John Sheehan (@johnsheehan) August 19, 2016
I'll keep an eye out for other anonymous apps built on top of API service providers, or individual APIs--maybe there are other successful models out there, or maybe there is also some other cautionary tales we should hear.