How Spotify's Poor API Hygiene Broke a Bunch of Hardware and Software

According to one developer, Spotify is the perfect example of what can happen when an API is poorly managed.

Software engineer Stein Magnus Jodal is the developer behind the open-source music server, Mopidy. He has been a Spotify customer and user of its libspotify SDK for years. As Jodal explained in a blog post, libspotify was integrated into a number of open-source projects, including Mopidy, as well as music devices like AV receivers and possibly even cars.

In May 2012 and January 2013, Spotify made the last releases of libspotify available. The problem: "there was no clear communication about this being the end of libspotify, releases have just ceased. libspotify has not been mentioned in a single developer blog post or developer email newsletter since."

With libspotify development apparently halted, Spotify proceeded to unveil a new Web API and SDKs for iOS and Android. But these didn't provide full parity with libspotify. For example, the Web API only provided 30 second song previews, so developers using libspotify were unable to adopt the Web API without losing access to functionality.

In May 2015, Spotify officially deprecated libspotify. According to Jodal, this was done without proactive outreach to developers:

The communication channel of choice? A note on the libspotify webpage. No post on the developer blog. No Spotify Developer News email. To be able to use libspotify, all developers have registered and requested a personal application key. To my knowledge, none of these registered Library users were notified directly.

Meanwhile, Spotify deprecated its Metadata API and while it provided a migration guide to help developers transition to its Web API, as with libspotify, Jodal says that there was no formal notification to developers beyond a note on the Metadata API Documentation page. The Metadata API's life ended in January of this year, again without a reasonable level of notification. 

"There's no blog post on the topic. There's no news email. There's no tweet from @SpotifyPlatform or @SpotifyStatus," Jodal wrote. "I can't find anything except users commenting on various Spotify documentation pages that the text is outdated because the API is no longer merely deprecated, but entirely shut down."

Unfortunately, it gets worse.

In February, users of Mopidy began reporting errors when performing functions that search Spotify. As it turns out, libspotify, which is still described as being deprecated, relied on the Metadata API, which is no longer available.

According to Jodal, Mopidy users weren't the only ones experiencing problems with search. There are reports in the Spotify Community forums from users of numerous devices and software applications made by companies like Denon, Logitch, Onkyo and Roku reporting the inability to search Spotify.

As Jodal notes, Spotify has not provided clear information about the problems. "Some users at The Spotify Community forum are quoting responses from Spotify. Most responses seem to link to the Metadata API migration docs and state that application developers must migrate. In other cases the responses point the finger at the commercial partner which only adds to the confusion," he explained.

When ProgrammableWeb contacted Spotify, a spokesperson for the company said that it "has no comment to share at this time."

Best Practices Shunned

Based on Jodal's description of the situation, it appears that Spotify failed to follow a number of API management best practices:

  • It repeatedly failed to communicate with developers. Despite that fact that in some cases it should have had the ability to communicate directly with users of its APIs, and had other channels, such as a blog and social media accounts, Spotify apparently chose not, or neglected, to communicate with developers. As a result, developers were left to wonder about the status of the APIs they were using, and were caught off guard when functionality broke. Had Spotify better communicated with developers, many of the problems, including broken hardware and software, could have been prevented.
  • Feedback from developers was ignored. A developer ecosystem is nothing without happy developers and paying attention to developers is a big part of keeping them happy. But Spotify apparently failed to do this. For example, developer Jonas Lundqvist pointed out in a blog post that a Spotify employee went so far as to state "We don’t accept either bug reports or feature requests for libspotify."
  • APIs were killed prematurely. Spotify officially ended the life of its Metadata API before ending the life of libspotify, which remains deprecated. Because portions of libspotify apparently rely on the Metadata API, this makes very little sense. libspotify's life should have been ended if a key functional component no longer works.
  • New APIs didn't provide parity. No company can guarantee that an API will be available in perpetuity. But when an API is killed and developers are asked to transition to a replacement, companies should try wherever possible to provide parity. From Jodal's description of the situation, it appears that many developers didn't transition away from libspotify because Spotify didn't deliver alternatives with similar functionality even though Jodal says Spotify employees had suggested this was going to be provided.

Had Spotify adhered to these best practices, developers like Jodal could have taken action. Instead, end users of devices and applications that relied on libspotify and Spotify's Metadata API found themselves unnecessarily without access to functionality they expected to work.

Ultimately, Spotify itself could be the biggest victim of its poor API hygiene. After all, if its customers are unable to access functionality associated with its service, and developers turn away from its Platform, Spotify stands to lose the most.

Be sure to read the next Music article: Daily API RoundUp: Blitzr, Batch, Signpost, Plus Quip, Repustate, Mondo SDKs