We closed up the API Strategy & Practice Conference (#APIstrat) last friday with a panel called APIs, Platforms and Ecosystem, where I moderated a healthy discussion with Tyler Stalder (@tylerstalder) of Singly, Seth Blank (@AntiFreeze) of YourTrove, Asif Rahman (@asifrahman) of Newscred, Orian Marx (@orian) of App.net, Travis Wallis (@traviswallis) of PeopleBrowsr around the very broad spectrum of APIs, platforms and the concept of ecosystems.
One of the questions I asked the group was, which of the three OAuth Legs is the most important?
To provide a quick primer for the portion of my audience that aren’t OAuth geeks:
OAuth is an open standard for authorization that provides a method for clients to access server resources on behalf of a resource owner
Ok, what does that mean? Think Twitter. Twitter is server. You are the owner of your tweet resources. When you authenticate anywhere using your Twitter ID, that website or app uses OAuth to get access to your tweets, via the Twitter platform. If you login to your Twitter account, click on settings and select apps from the left menu--these are apps and sites that have requested OAuth access your Twitter resources.
OAuth is a relationship between you, your platform provider and various sites and apps that want to access your data via the API. Sometimes these apps and your platform provider are one and the same, but the beauty of OAuth is that anyone can request access from you--access that you can revoke when you choose.
Back to the panel at API Strategy & Practice. Every panelist, except for Asif Rahman of Newscred said that the most important leg of oAuth is the end user. This made me happy because it shows that, at least at #APIstrat, people are concerned with the interest of the end user. This is healthy.
In reality, I worry that when platform discussions do occur, the conversation leans too much in favor of platform, then the developer, with very little to no involvement of the end user. Think of the Twitter ecosystem discussions since March of 2010. Rarely do you hear discussion about API access and ecosystem viability in the context of the end-users. Platforms and especially developers are very good at being very loud in these conversations.
The entire panel at #APIStrat agreed that we need more education for end-users about OAuth. Now that we have OAuth 2.0 settled (in some minds), we need to get down to business educating all three legs around the process of OAuth and its best practices, empowering all three parties to be aware, and participate in ongoing conversations about how we are producing, storing, sharing, selling, licensing and consuming resources via APIs.
We need to make sure API platform conversations have all three legs represented. The success of any platform will depend on a healthy balance between a platform, developers and the end-users--with oAuth 2.0 being the best model we have to make this happen to date.
Lets get to work.
|API Evangelist, Apistrat, App.net, Ecosystem, NewsCred, OAuth, peoplebrowsr, Singly, YourTrove|
blog comments powered by Disqus
Latest Blog Posts
- Connect With Linguistics API Apicultur While They Are In San Francisco
- My First Keynote With The Infamous Audrey Watters
- Are You Going To Be At API Days in San Francisco? I Am!
- Updated API History White Paper
- History of APIs - Twilio
- API Providers Guide - API Design
- Box Opens Up Revenue Sharing For API Developers
- History of APIs - Mashery
- A Book API Platform
- History of APIs - del.icio.us
- API Management Using Github
- In The End API Providers Will Only Sell Bandwidth
- The Build-Up To #APIStrat in October
- APIdays Mediterranea Is A Wrap
- Helping EFF Urge The Courts to Block Copyright Claims in Oracle v. Google API Fight
- API Aggregation For Federal Government with FedAPI
- Have You Checked Out Webshell Lately?
- New Features From BaaS Provider AnyPresence
- Signals I Use To Monitor Companies In The API Space
- API Management Using APiphany
- Github Can Be More Than Code
- Quick Demonstration Showing The Benefits of The White House Digital Strategy
- IRS Needs To Use White House Open Data Policy For Guidance
- Dropbox As Your Apps Default File System
- DataSift's Open Source World