About David O'Neill

APImetrics CEO, founder, API expert, writer and entrepreneur

Happy Holidays and Here’s to the New Year

In my lifetime, there have been lots of “you’ll always remember where you were” moments. The Challenger disaster and September 11, 2001, are the first two that always come to mind for me. But I think this will be the first time that the thing I will remember most is that I mostly stayed at home. It has been a challenging year for everybody as I can tell from the many, many Zoom/Teams/WebEx sessions with clients, team members, and partners – whether it is the loss of family and friends, of which there has been so much, or the challenge [...]

By |2020-12-29T10:48:01-08:00December 25th, 2020|Opinion|0 Comments

Authentication in Open Banking APIs

Open Banking APIs are, by necessity, secure. In the United Kingdom, an entity wishing to make a call to a UK financial service provider must be a trusted TPP (Third Party Provider). The exact model is different in other geographies, but the fundamental idea is similar – the TPP will be given access to a certificate that proves who they are and credentials that allow for secure mutually authenticated communication between their servers and the institution they are connecting to. This all has to take place before an individual user can get to the authentication stage that we’re all familiar [...]

By |2020-11-20T10:25:48-08:00November 17th, 2020|Fintech|0 Comments

API Rant: You Call THAT Authentication?

This is a slight departure from my usual rants, but only because authentication has occupied too much of my damn time this week. Many years ago, we wrote a White Paper on OAuth with the team at OAuth.io who includes the amazing crew behind the APIdays events. It was called "The Standard That Isn’t." We almost called it the 57 Flavors of Authentication, but we thought we might get sued. Still better than 50 Shades of Authenticattion. Our position was that there were LOTS of REALLY ANNOYING problems with OAuth that made handling API authentication painful. You’d have thought that [...]

By |2020-11-16T09:33:53-08:00November 16th, 2020|Rants|0 Comments

API Rants – Trust but verify

There is an idiom in English, “you don’t let the foxes guard the hen house.” I’m not sure how well it translates, but the meaning is simple – don't have people or things who can’t necessarily be trusted to do things requiring trust. This was essentially the sub-theme of my first API Rant where I opined that the monitoring industry was becoming quite self-serving. But it’s a topic to explore in more detail because it’s come back and annoyed me again during a conversation with one of the API industries top vendors. Me: (Explaining what we do and why people use [...]

By |2020-09-18T08:36:33-07:00September 15th, 2020|Rants|0 Comments

API Rant: Begging the question…

API Rant... For this week's API rant, a little story from history. When I was a kid, back when telephones were a thing in the hallway, my friends would phone up and say, “is David there?” My father, who, as the man who controlled the phone would sometimes reply, “yes.” And put the phone down.As he would explain to anybody who cared, the correct question is, “may I speak to David.”What does this have to do with APIs you may ask? Well, let me tell you.A discussion this week with @kin lane revealed an interesting conversational and business problem lurking [...]

By |2020-09-02T11:37:14-07:00September 2nd, 2020|Rants|0 Comments

APImetrics Feature Update: New Statistics Views

APImetrics Feature Update: New Statistics ViewsIn our rolling series of feature updates we have reached a new milestone with our new stats pages. The changes are designed to improve performance and make it easier to see and understand the data clearly.The key changes are:Summary reports now expand into full page reportsYou can change the details of the API you are looking at from the stats viewing page without leaving itOnly locations where the API call is running show as an option nowImproved latency mapping with a new regional summary view as well as the traditional per location viewLatency Graphs can [...]

By |2020-08-27T12:15:55-07:00August 27th, 2020|Feature updates|0 Comments

API Rant: TTFB – This is not the metric you are looking for

TTFB – This Isn’t The Metric You’re Looking ForTTFB (Time to First Byte) is a metric used by Open Banking UK, and was originally defined by the Open Banking Implementation Entity. The trouble is, it’s also something of an example of Goodhart’s Law which is hugely problematic for monitoring.Essentially Goodhart states: Any observed statistical regularity will tend to collapse once pressure is placed upon it for control purposes. Goodhart's Law - Wikipedia So, harkening back to my previous comments about how self-serving the monitoring industry is, if you define a metric, then you’re defining something somebody can game if you don’t pay [...]

By |2020-08-20T17:01:59-07:00August 20th, 2020|Rants|0 Comments

OpenAPI Welcomes New Member APImetrics

Welcome to OpenAPI! APImetrics provides an enterprise-focused API monitoring solution that interfaces with REST and SOAP API protocols. Monitoring is supported by analytics and customizable downtime alerts and provides data to enterprises to meet service level agreements (SLAs) and customer expectations. “The economy has increasingly become a digital economy and the digital economy has been increasingly becoming an API economy over the past decade,” said Dr Paul Cray, Head of Machine Learning and Standards at APImetrics. "The COVID-19 crisis has only accelerated that trend. Global quality standards that are meaningful, quantifiable and measurable are essential to maximizing the value that [...]

By |2020-08-18T08:34:15-07:00August 18th, 2020|Press Releases|0 Comments

API Rant: Test In Prod or Give Up

API Rants: Test in Prod or give up.  This is a public service rant.  For the love of Mike/whatever being is responsible for your monitoring, please monitor your APIs in their production environment!  I had a little rant recently about how I thought the monitoring industry had become somewhat self-serving— now I’m going to shift to something that isn’t the fault of the monitoring industry but is a HUGE problem in the Open Finance sector.  Monitoring Production Systems  You release a software service. Own it. Period. We can go home now.  What’s that?   Group risk and security won’t let you monitor a real account?   Then give up, you’ve failed before you’ve even [...]

By |2020-08-05T09:06:51-07:00August 3rd, 2020|Rants|0 Comments

API Ratings: 13 July – 20 July 2020

API.expert API Ratings We are already into the middle of July and the nights are starting to draw in. That time of the week has again arrived for us to talk about the State of the APIs over the past seven days. We launched API.expert (http://api.expert) earlier in the year as a simple way to provide everybody with insights into the API economy and the leading APIs in different categories in particular. The basic service is free and will remain free, but other, related services will be built on top of it, including your very own API.expert dashboards if you want them! If something is missing that you think should be here, don’t hesitate to drop us [...]

By |2020-08-06T03:34:10-07:00July 23rd, 2020|Weekly Report|0 Comments