The Private API Iceberg

Our directory recently passed 4,000 APIs, each one different than almost every other one. There is a single defining factor of all 4,000: in some way, they're available for any developer to use. They're public. There is a virtual ocean below our directory of APIs that are currently private. These APIs drive mobile apps, connect strategic partnerships and exist within organizations large and small to facilitate data sharing.

Some of the APIs in our directory look like cousins of the private API. Their Documentation is only available by request, or access is only offered to approved partners. And increasingly, there is a paid barrier to many we list. In some cases, the entire business is an API or collection of APIs.

InstagramPrivate APIs are different. When Instagram became a sensation a year ago, we all knew its iPhone app used some sort of API to interact with the service. It took a developer reverse engineering the app to encourage the official Instagram API.

There are tens of thousands more Instagrams. These APIs fall into one of three camps: private for partners, private for now and truly private.

Private for Partners

RetailigenceCatering to independent developers is hard work. "If developers haven't launched an app yet, the chance they’ll launch and move the needle is slim," said Retailigence CEO Jeremy Geiger. Instead, Geiger's company seeks out developers with apps that would benefit from the Retailigence API. So, even though the API is public, the approach that has worked well is one focused on partners.

Many companies already have employees skilled at business development, so it's natural to take a similar approach to their APIs. In fact, in the case of many private APIs, the APIs probably come second, as a necessity to the partnership.

FoursquareFoursquare and American Express worked together to provide deals at local businesses when AMEX and Foursquare accounts are linked. Foursquare no doubt uses some American Express API, but there's nowhere for other companies or developers to find out more information. That's what makes it private.

NetflixNetflix has many private APIs. Each of the 100s of devices that use the Netflix API to stream instant content are given a unique endpoint.

Though Netflix is a special case, it probably makes sense for most private for partners APIs to open up. At least let others know your service is available and have a way to make contact.

TwilioEven better is if you can make documentation available or even allow an API trial. Twilio (a ProgrammableWeb sponsor) landed a partnership with Intuit without any business development effort. An Intuit employee independently checked out Twilio, played around with it and decided it could work for Intuit's needs. Now Intuit uses Twilio as an extra layer of security for its over 1 million payroll customers.

Remember, sometimes those "independent developers" work at big companies.

Private for Now

FoodspottingA year ago Instagram would have been on this list. Similarly, Foodspotting has flirted with private for partners while it figures out how developers want to use its Foodspotting API. I suspect many mobile apps that collect or distribute user data should be considered private for now.

When we thanked mobile for the APIs, we said that every app already has an API. As new versions of the app ship, often do new versions of the API. These companies are already learning how to handle feature changes across apps and API simultaneously. And with different teams working on multiple platforms, they're already dogfooding their developer community. Regardless of whether they know it, they're preparing to open their API, even if it's private for now.

Truly Private

Some APIs will always be private. In fact, this may be the largest section of the private API iceberg. Companies will always need to share data across departments. Increasingly, this data will be accessible to mobile devices, but there may never be outside developers accessing that API.

However, many truly private APIs may move up the iceberg, closer to sea level. They may open up for a partner, which eventually makes someone realize that being private is temporary. And while private APIs are the bulk of the APIs in existence, there is an expanding tip, pushing its way out of the water. Those 4,000 APIs are showing how it's done and how businesses can be made by waving your API flag in the direction of those who can best further you cause.

Iceberg graphic adapted from Sean MacEntee

Be sure to read the next Mobile article: The Curious Case of the Unofficial APIs