About David O'Neill

APImetrics CEO, founder, API expert, writer and entrepreneur

Auth0 Outage April 20, 2021 – 3 hours

Today's Auth0 OutageAPImetrics, along with many other services, utilizes a 3rd party provider, Auth0, to operate our sign-in and user authentication processes.   What Happened?Auth0's services in North America failed between 15:35UTV and 15:39UTC on April 21, 2021 making it impossible for our users to sign into their dashboards. For that we are sincerely sorry and we are re-evaluating our use of Auth0 to determine if there is a better provider or other ways to mitigate against the problems reoccurring. The service was restored between 19:14 and 19:18UTC according to our monitoring. Did it impact our monitoring?No. During this period our operational services were [...]

2021-04-22T06:40:43-07:00By |News|

Product Updates: Projects View and New Project Home

Welcome to the spring APImetrics product update!As we prepare for the launch of API.expert Premium, and the huge number of new community and integration features that will bring, we're adding some critical new functionality to our core product. So here is a round up of our spring APImetrics product updates. Now that you'll be able to subscribe to different datasets and subscribe as a viewer to historical data, you need to be able to see everything in one view. Projects ViewThe first change is the projects view, this will allow all users to see the data sets, organizations and projects they have [...]

2021-03-26T15:09:19-07:00By |Feature updates|

7 Key Performance API Metrics Every API Dependent Should Know

You may have seen some articles doing the rounds about the 13 key API metrics that teams should track. But going back to the challenge we have with how we describe API consumers, the needs of the 'team' in this context are vague. The API metrics performance section lists uptime (or does it?), CPU usage, and Memory usage.Then they talk about adoption and use metrics – which are important. But why the narrow technical view of API performance? Why ignore the fact that as an API Dependent (a consumer, a solution business owner, a customer success provider, sourcing, and MANY [...]

2021-03-26T13:19:58-07:00By |Opinion|

Happy Holidays and Here’s to the New Year

In my lifetime, there have been lots of “you’ll always remember where you were” moments. The Challenger disaster and September 11, 2001, are the first two that always come to mind for me. But I think this will be the first time that the thing I will remember most is that I mostly stayed at home. It has been a challenging year for everybody as I can tell from the many, many Zoom/Teams/WebEx sessions with clients, team members, and partners – whether it is the loss of family and friends, of which there has been so much, or the challenge [...]

2020-12-29T10:48:01-08:00By |Opinion|

Authentication in Open Banking APIs

Open Banking APIs are, by necessity, secure. In the United Kingdom, an entity wishing to make a call to a UK financial service provider must be a trusted TPP (Third Party Provider). The exact model is different in other geographies, but the fundamental idea is similar – the TPP will be given access to a certificate that proves who they are and credentials that allow for secure mutually authenticated communication between their servers and the institution they are connecting to. This all has to take place before an individual user can get to the authentication stage that we’re all familiar [...]

2020-11-20T10:25:48-08:00By |Fintech|

API Rant: You Call THAT Authentication?

This is a slight departure from my usual rants, but only because authentication has occupied too much of my damn time this week. Many years ago, we wrote a White Paper on OAuth with the team at OAuth.io who includes the amazing crew behind the APIdays events. It was called "The Standard That Isn’t." We almost called it the 57 Flavors of Authentication, but we thought we might get sued. Still better than 50 Shades of Authenticattion. Our position was that there were LOTS of REALLY ANNOYING problems with OAuth that made handling API authentication painful. You’d have thought that [...]

2020-11-16T09:33:53-08:00By |Rants|

API Rants – Trust but verify

There is an idiom in English, “you don’t let the foxes guard the hen house.” I’m not sure how well it translates, but the meaning is simple – don't have people or things who can’t necessarily be trusted to do things requiring trust. This was essentially the sub-theme of my first API Rant where I opined that the monitoring industry was becoming quite self-serving. But it’s a topic to explore in more detail because it’s come back and annoyed me again during a conversation with one of the API industries top vendors. Me: (Explaining what we do and why people use [...]

2020-09-18T08:36:33-07:00By |Rants|

API Rant: Begging the question…

API Rant... For this week's API rant, a little story from history. When I was a kid, back when telephones were a thing in the hallway, my friends would phone up and say, “is David there?” My father, who, as the man who controlled the phone would sometimes reply, “yes.” And put the phone down.As he would explain to anybody who cared, the correct question is, “may I speak to David.”What does this have to do with APIs you may ask? Well, let me tell you.A discussion this week with @kin lane revealed an interesting conversational and business problem lurking [...]

2020-09-02T11:37:14-07:00By |Rants|

APImetrics Feature Update: New Statistics Views

APImetrics Feature Update: New Statistics ViewsIn our rolling series of feature updates we have reached a new milestone with our new stats pages. The changes are designed to improve performance and make it easier to see and understand the data clearly.The key changes are:Summary reports now expand into full page reportsYou can change the details of the API you are looking at from the stats viewing page without leaving itOnly locations where the API call is running show as an option nowImproved latency mapping with a new regional summary view as well as the traditional per location viewLatency Graphs can [...]

2020-08-27T12:15:55-07:00By |Feature updates|

API Rant: TTFB – This is not the metric you are looking for

TTFB – This Isn’t The Metric You’re Looking ForTTFB (Time to First Byte) is a metric used by Open Banking UK, and was originally defined by the Open Banking Implementation Entity. The trouble is, it’s also something of an example of Goodhart’s Law which is hugely problematic for monitoring.Essentially Goodhart states: Any observed statistical regularity will tend to collapse once pressure is placed upon it for control purposes. Goodhart's Law - Wikipedia So, harkening back to my previous comments about how self-serving the monitoring industry is, if you define a metric, then you’re defining something somebody can game if you don’t pay [...]

2020-08-20T17:01:59-07:00By |Rants|
Go to Top