
API Practices If You Hate Your Customers - YesThatTom2
https://queue.acm.org/detail.cfm?id=3375635
======
jrs235
Dupe discussed 10 days ago:
[https://news.ycombinator.com/item?id=21766781](https://news.ycombinator.com/item?id=21766781)

------
ljm
> Technique #4: Hide the API docs from Search Engines

I utterly despise Atlassian for this shit. If their support forums detect that
you're logged in with them or otherwise have an account, they will
automatically redirect you to a login and support page.

Luckily they engineered it so fucking badly that you can hit ESC/the X button
in your browser and stop the execution, because it takes about 10 seconds for
that logic to load and execute. But if you don't, because you clicked a link
and wanted to visit it later, you won't see the support page, you'll see a
login screen.

Mind, this is Atlassian. It takes over 30 seconds to get a fully functional
page, if you're lucky.

At the end of it, googling for issues or help about jira, or the quirks of
JQL, means you have to be constantly ready to deal with their anti-user,
growth-hacking bullshit. And you're already a paying user, it just so happened
your session expired.

But honestly, above it all, fuck this whole desire to always need more, to
trick and abuse and manipulate to get more.

hen will it ever be enough? Can't we have more of enough? And a bit more of
less?

------
jakespracher
Google maps has masterfully implemented #3

“Older readers may long for the good old days when companies that were actual
monopolies would pretend to love their customers. Now we all work for
companies that don't admit to being monopolies and actually hate their
customers. Boy, how times have changed!”

Yep definitely Google

------
guelo
I recently found out that in their ever growing hatred of api users Twitter
has switched to using technique #2. In order to get a new key these days you
have to fill a long form with redundant questions and lengthy minimum
paragraph length responses. My use case was very simple so I had trouble
thinking of things to say to meet the minimum length requirements. It took me
about 20 minutes to fill out the form only to be denied several days later
asking for more details about the stuff I had already written. I just gave up
at that point, which is probably what they wanted me to do anyway. I wonder
why they don't just shut down their API, I suspect it's only because they
don't want to take the bad PR but.

------
pbreit
10\. Use non-standard authorization (other than basic authentication).

11\. Make backwards-incompatible changes.

------
edoceo
One should checkout LeafData for a lesson in hostile API

