Show HN: API Happiness is not a 'nice-to-have'

I&#x27;m having trouble figuring out what this actually does from the web page, although it sounds intriguing.<p>Although if other HN users aren&#x27;t having that trouble, maybe it&#x27;s me, not you.<p>Do you essentially use this as a proxy, where your apps contact it, and it contacts the apis, so it can keep stats on your api use? That&#x27;s what the three phrases on the home page sort of imply.<p>But then when I watch the video... it all goes by so fast, but it&#x27;s giving me the idea that I had it wrong, and it&#x27;s doing something else (CORS? What would CORS have to do with what I thought it was doing?)<p>Is it too much to ask for a couple sentences&#x2F;paragraphs explaining what it does, instead of just a couple words and a video?

Interesting service. The reporting and notification features are nice.<p>Several things make me hesitant. And may not be enough to justify these features (at least for me).<p>Current blockers:<p>1) Single point of failure. Let&#x27;s say I use the Reddit API and the Facebook API. If one goes down I still have the other. If apitools goes down I lose both. And what&#x27;s more likely? For either Facebook or Reddit to go down - or for apitools to go down?<p>2) API abuse. If an apitools user abuses an API, the apitools server will get blocked. And so other innocent users will also get blocked. Is there any plan to mitigate abuse? If that plan fails, how quickly can new IPs be allocated to get around any IP bans?<p>3) Security. PII is sent to APIs. How do I know this information isn&#x27;t logged or otherwise accessible to other apitools users? The heart of the issue is trusting strangers running a new proxy service with sensitive info.<p>4) Security #2. SSL support? Looking at the following screen shot it appears that currently I&#x27;d be transferring PII and API keys in plaintext: <a href="http://docs.apitools.com/images/overview.png" rel="nofollow">http:&#x2F;&#x2F;docs.apitools.com&#x2F;images&#x2F;overview.png</a> (&quot;Apitools URL&quot;)<p>5) Price. How much will the service cost? If there&#x27;s a free level, what are the limits?<p>6) Latency. Essentially doubles the number of API requests. Wouldn&#x27;t this make my API requests twice as slow? More importantly, if apitools is under load and experiences longer response times, my site is going to run slower.<p>Even with these objections it looks like a great product. And these blockers may very well end up being irrelevant for most potential users. Best of luck!

I&#x27;ve been thinking of implementing a similar dashboard with <a href="https://github.com/jkassemi/stubby" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;jkassemi&#x2F;stubby</a>.<p>I like the concept of this long term allowing me to specify a single url and toggle the environment of the API I&#x27;m hitting from a remote, secure web interface. What sort of uptime and scaling guarantees do you intend to provide?

So if someone abuses the proxy and gets ip blocked the entire service fails for that api for all users, or am I missing something?

&quot;Analyze&quot;

The &quot;insert middleware in API traffic handling&quot; is reminiscent of F5 iRules in a different context (and epoch!).

I love the concept of the middleware to modify the requests. When are you guys going to start sending the invites?

I&#x27;d suggest you replace the music with a voice-over that explains what&#x27;s going on.

Looks like Runscope

So how does this compare to something like apigee?