The Bad Actors On Both Sides Of The API Fence

I've always been a strong advocate for the API consumer, which is one of the primary motivations for me working to define best practices that API providers can follow across their operations. The majority of my negative experiences, when it comes to APIs, has been as an API consumer, not as an API provider.

As I do this API Evangelist thing longer, and longer, the bad behavior by API consumers becomes more clear to me, and I'd say rivaling much of the bad behavior by API providers that I have seen, and in some cases helping actually drive it. I do not have any bad actors in my API community, but through conversations I have had with leading API providers, I'm hearing some pretty crazy stories.

Badly behaved API consumers range from signing up for multiple accounts, rather than paying for higher levels of access, to trolling within the community, treating other developers badly, platform owners horribly, and just being a shitty API community citizen. You will never truly understand how badly API consumers can behave, until you've operated an API platform, and had a large number of consumers putting an API to use. 

While I will always keep my critical stance towards API providers, as I feel they often set the tone for a community, I am increasingly more understanding when platforms have to tighten things down, and get more critical when it comes to the public availability of API resources. In the end, I will always push for more public transparency around every aspect of API operations, but I am increasingly advising companies to have a tight grip on their API service composition, and what resources developers get access to, before they prove they are trustworthy.