What do you think?
Rate this book
APIs: A Strategy Guide
Many of the highest traffic sites get more than half of their traffic not through the browser but through the APIs they have created. Salesforce.com (more than 50%) and Twitter (more than 75% fall into this category. Ebay gets more than 8 billion API calls a month. Facebook and Google, have dozens of APIs that enable both free services and e-commerce, get more than 5 billion API calls each day. Other companies like NetFlix have expanded their service of streaming movies over the the web to dozens of devices using API. At peak times, more than 20 percent of all traffic is accounted for by Netflix through its APIs. Companies like Sears and E-Trade are opening up their catalogs and other services to allow developers and entrepreneurs to create new marketing experiences.
Making an API work to create a new channel is not just a matter of technology. An API must be considered in terms of business strategy, marketing, and operations as well as the technical aspects of programming. This book, written by Greg Brail, CTO of Apigee, and Brian Mulloy, VP of Products, captures the knowledge of all these areas gained by Apigee, the leading company in supporting the rollout of high traffic APIs.
146 pages, Paperback
First published December 1, 2011
82 people are currently reading
265 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 30 of 36 reviews
October 25, 2024
This book can serve as a basic checklist for reviewing your API and also act as a warning about your direction. :) It was nice to read key points from Daniel Jacobson - the Director of Engineering for the Netflix API.
In the final section, the authors briefly explain their aim. Let’s hear from them as a concluding note:
In the final section, the authors briefly explain their aim. Let’s hear from them as a concluding note:
“Crafting an API strategy is an art. We have offered the best advice we can about how we have seen this art practiced. More will be revealed as companies gain and share their experience. This book makes no claim to be exhaustive, but we hope that it turns out to be helpful. If we have done our job, you should now have a solid foundation to shape a strategy, understand how the API fits within your company, ask the right questions, identify the right resources, and more.”
April 13, 2015
This is not really a book for technologists, so buyer beware. There were some fine considerations for businesses considering pursuing an API strategy, but the book was sadly lacking in real-world examples.
March 8, 2016
I would set this to 2.5. As a developer this was not a particularly interesting read for me. However it might be quite useful if you're on the business side of a tech company. It might also be useful if you are on the technical side, but need to find well composed arguments to convince the business side of the advantages of APIs. Unfortunately the 2011 edition feels already quite old, so be warned.
January 11, 2016
Quick read.
Wave-top layout of some API ideas. Published in 2012, and the anecdotes and reference points will be less useful/meaningful the later someone picks it up. Useful as a way into the conversation/usecases of APIs. Points about (and sample questions for) tying tech projects to business objectives are solid.
Hard to give a star rating. It's not a 5-star book on APIs, but it's a decent book to help navigate conversations about APIs and think about where you want to learn more.
Wave-top layout of some API ideas. Published in 2012, and the anecdotes and reference points will be less useful/meaningful the later someone picks it up. Useful as a way into the conversation/usecases of APIs. Points about (and sample questions for) tying tech projects to business objectives are solid.
Hard to give a star rating. It's not a 5-star book on APIs, but it's a decent book to help navigate conversations about APIs and think about where you want to learn more.
June 26, 2016
Good advice is sometimes blindingly obvious in retrospect. This book is simple, short, and applicable to general situations.
January 3, 2020
The book was authored in 2011 - bought it without recognizing that - my bad. Majority of the content is still relevant; while the rest is outdated.
The book is quite small at about 134 pages but I thought it could have been smaller still. The editing also was not great in many areas with some of the content being repeated.
The content is quite good otherwise for folks who are looking for a business perspective of APIs.
The book is quite small at about 134 pages but I thought it could have been smaller still. The editing also was not great in many areas with some of the content being repeated.
The content is quite good otherwise for folks who are looking for a business perspective of APIs.
June 15, 2017
Good, solid executive's guide to developing APIs.
January 13, 2019
Great Intro and general overview of the most important aspects for understanding APIs
November 20, 2020
Good explanation of API strategy
I liked thus book and it opened my eyes on all the aspects of APIs, especially from a business and security perspectives.
I liked thus book and it opened my eyes on all the aspects of APIs, especially from a business and security perspectives.
December 2, 2020
Hardly any concrete information whatsoever.
August 5, 2021
The book didn't organised well.
January 3, 2017
Good book for basics on API Strategy. No coding is explained here.
January 25, 2017
Excellent Overview
Most resources out there on APIs tend to be narrowly focused on some particular technical aspect (e.g SOA design, REST, SOAP etc), but there are few resources that provide an overview of how all that actually fits in with a business. This book goes into everything from the types of APIs, the business cases for each, API business models and pricing strategies, basic API design tips (some REST concepts, but it doesn't go in too deeply; there are lots of other books for that!), versioning options, API user management and security, API operations and asset management, legal considerations, and how to build an API developer community. Really an excellent resource for getting prepared to expose an API for internal or public use.
Most resources out there on APIs tend to be narrowly focused on some particular technical aspect (e.g SOA design, REST, SOAP etc), but there are few resources that provide an overview of how all that actually fits in with a business. This book goes into everything from the types of APIs, the business cases for each, API business models and pricing strategies, basic API design tips (some REST concepts, but it doesn't go in too deeply; there are lots of other books for that!), versioning options, API user management and security, API operations and asset management, legal considerations, and how to build an API developer community. Really an excellent resource for getting prepared to expose an API for internal or public use.
June 1, 2015
This thin volume is targeted toward C-level and lower level product management, etc. The technical level is generally not deep, with the deepest foray into the security area where the authors recommend OAuth and a helpful dive into Pragmatic REST. The authors do a good job at raising the core issues to invoke when planning an API strategy from development to roll out. The API as business strategy, like paint on an aging home, can hide a multitude of sins and refresh an aging interface while largely leaving untouched brittle platforms or provide a new layer for otherwise hard to implement functionality, like UI translation.
This was my first encounter with API Keys, for which the authors have security caveats:
"API keys are deliberately simple to hand out and include—they are often not encrypted
or signed, so they could potentially be discovered by an attacker. For this reason, API
keys are more of an auditing tool than a security measure, but for some APIs, this type
of identification is all that is needed.
While the API key is not an authentication tool, it can serve a different security function.
It can be the method for turning off access for rogue applications that (intentionally or
otherwise) flood the system with calls, whether inadvertently flooding because of programming
mistakes, launching a distributed denial of service attack, breaching terms
of use, or practicing any other form of abuse. Filtering or blocking traffic with a certain
API key effectively turns off access for any such application.
Once an app gains access to the API, it is wise to ask for authentication from the API’s
end user if an API makes extensive use of personal information...
...Use API keys only for nonsensitive, read-only data."
This is the first time I noticed in an O'Reilly book a lack of a colophon detailing the cover animal. Boo!
This was my first encounter with API Keys, for which the authors have security caveats:
"API keys are deliberately simple to hand out and include—they are often not encrypted
or signed, so they could potentially be discovered by an attacker. For this reason, API
keys are more of an auditing tool than a security measure, but for some APIs, this type
of identification is all that is needed.
While the API key is not an authentication tool, it can serve a different security function.
It can be the method for turning off access for rogue applications that (intentionally or
otherwise) flood the system with calls, whether inadvertently flooding because of programming
mistakes, launching a distributed denial of service attack, breaching terms
of use, or practicing any other form of abuse. Filtering or blocking traffic with a certain
API key effectively turns off access for any such application.
Once an app gains access to the API, it is wise to ask for authentication from the API’s
end user if an API makes extensive use of personal information...
...Use API keys only for nonsensitive, read-only data."
This is the first time I noticed in an O'Reilly book a lack of a colophon detailing the cover animal. Boo!
February 19, 2017
You should read this book if you are remotely interested in the following:
1. Why your company needs to have an API
2. How to design, secure and manage the API
3. What API strategies your company should adopt, including legal and operational considerations
4. How to measure the success of the API
5. How to drive API engagement
The authors have years of experience in the API space and I think they did a pretty good job distilling their collective wisdom and learned best practices in this "short and sweet" booklet (134-pages!) I think it is important for the success of any API initiative that *all* stakeholders read this book to get on the same page of what needs to take place to ensure the success of the initiative. It's hard to argue with the "tried and true" practices of which this book is rife.
If you're interested in getting into the nitty gritty technical details of how to build an API, I highly recommend RESTful Web Services Cookbook: Solutions for Improving Scalability and Simplicity as a technical companion read to this book. Read this book first, and then delve into the technical details with Subbu's book.
If you're an executive who's on the fence regarding APIs, you must read this book to get educated on the subject. It's important for your team to get your full support which they won't unless you fully understand the whats, hows and whys of APIs.
You need to learn how to speak API and this book will get you fluent in no time.
1. Why your company needs to have an API
2. How to design, secure and manage the API
3. What API strategies your company should adopt, including legal and operational considerations
4. How to measure the success of the API
5. How to drive API engagement
The authors have years of experience in the API space and I think they did a pretty good job distilling their collective wisdom and learned best practices in this "short and sweet" booklet (134-pages!) I think it is important for the success of any API initiative that *all* stakeholders read this book to get on the same page of what needs to take place to ensure the success of the initiative. It's hard to argue with the "tried and true" practices of which this book is rife.
If you're interested in getting into the nitty gritty technical details of how to build an API, I highly recommend RESTful Web Services Cookbook: Solutions for Improving Scalability and Simplicity as a technical companion read to this book. Read this book first, and then delve into the technical details with Subbu's book.
If you're an executive who's on the fence regarding APIs, you must read this book to get educated on the subject. It's important for your team to get your full support which they won't unless you fully understand the whats, hows and whys of APIs.
You need to learn how to speak API and this book will get you fluent in no time.
July 17, 2013
What a strange little book! I was good with the premise -- a business-side overview of providing APIs (what, why, etc.) and read it because I was curious as to what the (three) authors would have to say.
When it focused on business-side guidance, I could easily see it serving its stated purpose well and helping productively guide the thinking of a B-schooler who has landed in tech.
But, when it started into actual tech topics -- ranging from REST API design to API gateways -- the depth of content went from what had been extremely high-level to suddenly (and spottily) fairly deep. I have a better than B-school knowledge of API-related topics, but they succeeded at losing me at a few points, where I lacked sufficient context and where they didn't provide any. If I don't know what an API is (at least according to the first half of this book), how am I going to know what particular "transformations" the application server is performing vs. those that the API gateway is handling? What??
All I can think is that the various content areas of the book were divvied up among the three writers without a sole editorial hand to unify their POVs. I do consider this book a really nice try, however, and worth re-doing, perhaps, with a clearer unifying vision supporting it.
When it focused on business-side guidance, I could easily see it serving its stated purpose well and helping productively guide the thinking of a B-schooler who has landed in tech.
But, when it started into actual tech topics -- ranging from REST API design to API gateways -- the depth of content went from what had been extremely high-level to suddenly (and spottily) fairly deep. I have a better than B-school knowledge of API-related topics, but they succeeded at losing me at a few points, where I lacked sufficient context and where they didn't provide any. If I don't know what an API is (at least according to the first half of this book), how am I going to know what particular "transformations" the application server is performing vs. those that the API gateway is handling? What??
All I can think is that the various content areas of the book were divvied up among the three writers without a sole editorial hand to unify their POVs. I do consider this book a really nice try, however, and worth re-doing, perhaps, with a clearer unifying vision supporting it.
November 22, 2013
I'd give it a 3.5 stars if Goodreads would let me. I agree with other reviewers that the book could have been more focused. Going deeper on some of the business aspects and directing readers to other sources for more technical topics would be useful. As it is the authors tried to go technical in some areas and that is going to lose some readers lacking or not interested in those topics. That being said I definitely recommend the book for executives and product managers who want to learn more about the what to think about when thinking about APIs.
April 25, 2012
Great for what it is. Covers the high level (manager/business/architect/community/operational/developer) considerations when using one or more API's as a component of a strategy, but also gets into some technical issues as well. Even though there was little I learned for the first time, it will serve as a nice checklist before my next API initiative. Do not expect heavy duty implementation details, though.
August 7, 2012
A decent overview and checklist for prioritizing API. Does a decent job of breaking down the roles and responsibilities (developer evangelist, product manager, project manager, legal, engineering, etc.).
Overall, I thought it lacked depth and insight. I would highly recommend this book to new employees with a lack of experience in the field; however, seasoned veterans will find it lacking and not a lot of new information you don't already know.
Overall, I thought it lacked depth and insight. I would highly recommend this book to new employees with a lack of experience in the field; however, seasoned veterans will find it lacking and not a lot of new information you don't already know.
April 21, 2012
Works as a good checklist of the various business, legal, technical, marketing and strategic considerations you should think of when launching an API. Not a huge amount of depth in any one area though.
October 30, 2012
So boring...
Introductory material only.
If you already are running an API, it is of very limited use.
I even think the 140 pages could have been shorter.
O'Reilly books are typically much more in-depth and useful.
Introductory material only.
If you already are running an API, it is of very limited use.
I even think the 140 pages could have been shorter.
O'Reilly books are typically much more in-depth and useful.
September 18, 2013
Not sure why I decided to read this or what I was expecting. It was a glossy overview, probably a lot of good things to consider. I was more interested in the nuts and bolts, but it didn't get into that.
September 19, 2015
This book presented a good overview and introduction to the process of creating, deploying, and operating APIs. From design considerations to security to monitoring and marketing, a great resource for IT managers actively working with APIs or thinking about doing so.
February 5, 2012
Required reading if you are considering the addition of an API to enhance your business value. Not necessarily a technical guide.
December 12, 2012
Useful overview. Interesting that the main example was on content strategy, not just social API's.
February 2, 2013
Too much strategy for me, but I was warned! Not bad...
October 10, 2013
This book extended my existing API knowledge. Definitely learning more about the foundation of APIs, and extending existing systems.
February 4, 2014
in parts nice but very high level and cxo level details aplenty. gives nice ammunition to talk to clients with.
May 27, 2016
A strategy guide indeed - good as a broad overview of building an API
July 14, 2014
A great book for anyone thinking of launching a API platform. Covers all the concerns to be answered when launching an API program in an enterprise. Especially applicable for a Media Site business.
Displaying 1 - 30 of 36 reviews