I wrote a post the other day about Postman.io having a limited, anonymous version of their API modeling tool. I stumbled across it while I was trying to upgrade my Stoplight.io account. Shortly after I tweeted out the blog post, John Sheehan (@johnsheehan) from Runscope chimed in with some wisdom on the subject.
@kinlane we had a ‘one-click trial’ 24-hour account once, no email required. i regret the hours i wasted building it.
— John Sheehan (@johnsheehan) August 19, 2016
@kinlane was basically just used for abusive cases. only one ever converted to a real user
— John Sheehan (@johnsheehan) August 19, 2016
@kinlane hurl.it and requestb.in have the same problem. have to hamper them (captcha, cloudflare) to keep up
— John Sheehan (@johnsheehan) August 19, 2016
@kinlane if it gets any popularity, you’re screwed
— John Sheehan (@johnsheehan) August 19, 2016
@kinlane so i love this idea but i will probably never have a no-signup-required service again
— John Sheehan (@johnsheehan) August 19, 2016
@kinlane pretty sure the example from your post could be used as an open proxy (like hurl.it was before recaptcha)
— John Sheehan (@johnsheehan) August 19, 2016
Definitely, something to consider. In the current online environment, it might become quite a pain in the ass to maintain an anonymous app, as John points out. This is one reason I work to publish my API tooling as standalone JavaScript applications, which run 100% on Github. First off they run on Github infrastructure, and use Github's bandwidth. Second, this type of app is forkable, and people can choose to run them wherever they desire--on Github, or any other site they wish.
I'll keep an eye out for other anonymous apps built on top of API service providers, or individual APIs--maybe there are other successful models out there, or maybe there is also some other cautionary tales we should hear.
