background preloader

40 useful APIs for web designers and developers

40 useful APIs for web designers and developers
An application programming interface (API) is a set of rules and specifications that software programs can follow to communicate or ‘interface’ with each other. As developers are well aware, there are hundreds of APIs out there for doing almost anything you could imagine online. Some are better than others, and some are definitely more useful than others. Below are forty of the most useful APIs out there. Please share with us which APIs have you found most useful and feel free to recommend others that we may have missed… The Google APIs Google offers dozens of APIs for web designers and developers. Some are specifically related to popular Google products, like Gmail and Analytics, while others are more specialized and aren’t part of public programs. All are free to use, of course. Feed API – The Google Feed API lets you download any public feed (including RSS, Media RSS, and Atom) and then combine them into mashups. The Yahoo! Like Google, Yahoo! More APIs Yahoo! Which APIs do you use? Related:  REST API

OAuth 2.0 – The Good, The Bad & The Ugly In a world dominated by social media, it's hard to not come across a client application which you have used to access restricted resources on some other server, for example, you might have used a web-based application (like NY Times) to share an interesting news article on your Facebook wall or tweet about it. Or, you might have used Quora's iPhone app that accesses your Facebook or Google+ profile and customizes the results based on your profile data, like suggesting to add/invite other users to Quora, based on your friends list. The question is, how do these applications gain access to your Facebook, Twitter or Google+ accounts and how are they able to access your confidential data? Before they can do so, they must present some form of authentication credentials and authorization grants to the resource server. OAuth is often described as a valet key for the web. However, OAuth is not a new concept, but a standardization and combined wisdom of many well established protocols.

How child porn killed my app called YayNay — Interesting Innovation and Technology Over a period of 6 months, two programmers and I, worked nights and weekends to create, launch and kill an iOS app called YayNay (hot or not for anything). We maintained full time jobs and families while pursuing this effort. Consumer apps are a hit or miss. YayNay was a miss. Read on to learn a bit about our process and how child porn eventually did our app in. “You don’t almost land on an aircraft carrier” I came up with the idea of YayNay in the summer of 2013 while clothes shopping with my 12 year old daughter, Maren. Observing my daughter and the twitter and instagram behavior had me convinced building a “Yay or Nay” app would be a success because the app would align with existing human behavior. Creating products around existing human behavior is an idea I borrowed from BJ Fogg, who runs the Persuasive Technology Lab at Stanford. With a core idea very loosely verified in the marketplace I was ready to dive in and start creating this app. How we built YayNay Brand and Colors Launch

2013 Most Popular and Successful Web APIs | Mathieu Fenniak Have you ever been stumped how to design a Web API? There are so many different approaches that you can take for even simple things, like paginating API result sets. If you list out your options, it can be easy to end up in analysis paralysis. I like to remind myself that I’m not the first person to tread on this soil. I defined an API’s success and popularity based upon whether it is supported by integration solutions. I gathered the available APIs in nine integration platforms: Zapier, Mule ESB, ifttt, itDuzzit, Pipethru, Formstack, Magic xpi, Adeptia, and CloudWork. So, here it is; the most popular APIs by their integration platform support: RSS, SMS, and e-mail also get a nod at being well-supported by these integration platforms, but I excluded these from this list as they don’t fit in as APIs that you can look at and learn from. Join in the discussion over at reddit and Hacker News.

protocol design - Efficient and stateless anti-forgery method - Cryptography Stack Exchange If you don't want to store the anti-CSRF tokens on the server, for most purposes it is sufficient to simply store the token as an HTTP cookie on the client. The OWASP wiki calls this technique "Double Submit Cookies". The reason this works is that, in the standard CSRF attack scenarios, the attacker cannot directly read or modify the user's cookies. Indeed, if the user's authentication credentials are also stored in cookies (as is very commonly done in modern web applications), any leak of cookie data already implies a much more fundamental security failure than a mere CSRF attack. Of course, an attacker might be able to gain (full or partial) access to the user's cookies via an XSS or other injection attack or through session fixation, but this is mostly outside the scope of CSRF prevention and must be addressed by other means. Let: When creating a form, calculate the anti-CSRF token T as T = \operatorname{MAC}_K([U, S, F, D])

arbor.js The Increasing Importance of APIs in Web Development Web APIs have experienced an exponential increase in popularity and usage in the past few years. These days, they're an important tool for web developers; however, they are also even becoming an effective marketing tool for many types of businesses. This article covers Web API statistics, their benefits, and a list of some of the most useful APIs currently available. What is an API? All of the Charts in this post are powered by the Google Charts API! An API, or "Application Program Interface", is a set of routines and protocols that provide building blocks for computer programmers and web developers to build software applications. Web API (Web Service) Web APIs allow developers to build web pages and web based applications (known as "mashups") using data from multiple online sources. Video Increase in Popularity and Usage of Web APIs In the Summer of 2005, ProgrammableWeb, one of the largest online API directories and resources, had only thirty-two APIs listed in their directory. Nu...

angularjs - How to test endpoints protected by csrf in node.js/express alexwolfe/Buttons