There are three standard ways to manage API authentication these days: API keys, OAuth tokens and JSON Web tokens (JWT). Adam Duvander over at the Zapier engineering blog explains how and when to use them. The humble API key is the common and earliest form of API authentication.
The benefits of a well-designed, well-implemented, easily integated API are well known: happier developers, higher usage and, hopefully, greater profit as a result. While many high-level best practices for developing a great API have been established, a failure to pay close attention to small details, such as parameter defaults, can create big headaches.
AccuWeather has removed the Reveal Mobile SDK from its iOS app due to privacy concerns brought to the company’s attention by many of the app’s users. According to an article published on Medium, the app was sending location information such as GPS coordinates and Wi-Fi router name to Reveal Mobile.