- What is an API?
- Do I have to change my API to take advantage of Mashery?
- What if I have already issued developer keys - do my developers need to re-register?
- How hard is it to discontinue use of the Mashery service?
- What size developer communities can you accommodate?
- Can you really scale quickly enough to accommodate the growth of web services?
- How secure are your developer keys?
- How does Mashery handle rate limiting?
What is an API?
API stands for "Application Programming Interface." Web applications are generally built with a modular architecture; for instance, the "front end" web server may access "back-end" modules to get data, to modify a record, or to perform a calculation. When these modules are opened to the outside world through an API, third party developers can use of them as building blocks for their own applications. Businesses that open their API benefit by creating a cost-effective distribution channel for their unique content and services.
Do I have to change my API to take advantage of Mashery?
Absolutely not! We recognize that you already have developers who have built applications using your API, and we have designed our service to minimize the impact on your existing developers - and, of course, on your own engineering team.
What if I have already issued developer keys - do my developers need to re-register?
No. We will work with you to integrate your keys - and, if you want - your authentication database - with Mashery so that your users will be able to use existing authentication with Mashery.
How hard is it to discontinue use of the Mashery service?
While we expect all of our clients to be more than satisfied with our service, we recognize that API management is very important and strategic to our clients. We encourage our clients to use domain redirection, so that your API and community sites are directed to a domain you control, such as api.yourdomain.com or developer.yourdomain.com. Your data is your data - all developer information, keys, content and statistics can be downloaded from Mashery at any time.
What size developer communities can you accommodate?
Mashery is an effective way to manage communities of a half dozen developers, or tens of thousands. Whether you are looking to do a small, private group of external partners or encourage widespread adoption of your web services, our tools will scale to your needs.
Can you really scale quickly enough to accommodate the growth of web services?
Absolutely! Our engineering team has experience building and maintaining high-volume services running a wide variety of applications, and we have built Mashery to accommodate high volumes. Our entire service runs on Amazon EC2 and S3, so we can add new server capacity in minutes as needed.
How secure are your developer keys?
Mashery issues 24 character, randomly generated developer keys based on microtime and randomly generated salts.
How does Mashery handle rate limiting?
Mashery supports two forms of rate limiting for each API it manages. First, the API vendor specifies how many calls per second they are willing to accept from a particular developer key to avoid a particular developer overloading the API from a burst of activity. If they exceed that, they will receive an HTTP/1.1 403 error ("Forbidden - Over rate limit") until the next second begins. Second, the API vendor specifies how many calls each developer key can make over a predetermined period of time (generally a day or a month, but it is configurable). If they exceed that, it is up to the vendor how we handle - we can allow the traffic but notify the API provider and the developer, we can return a 403 error, or we can create a notification, but allow the overage up to a certain higher level. In a future release, we will include the option to accept traffic up to a certain level for free, but to charge for access that exceeds the "free" limit.