SlideShare a Scribd company logo

Dial2Do : API Experience

Download as PPT, PDF
Sean O'Sullivan
Sean O'Sullivan

Sean O Sullivan discusses using APIs to integrate multiple services into a single application accessed with one number. He notes there are good APIs from Facebook, Google, and others that are well-documented but also challenges around security, authentication, dependencies on third parties, and documentation. Authentication can be done through token-based, OAuth, or username/password methods, with token-based preferred.

Technology
1 of 13
API Experience Sean O Sullivan, CTO [email_address] one number to get things done, hands-free
 
 
 
Dial One Number to … Currently 40+ services Interactive, Two-Way service (not just voice to text) Integrates with existing web applications “ sandy” “ Evernote” “ Mosio” “ RTM” “ text” jaiku “ jajah” “ twitter” “ NYT” “ Huff Post” “ tumblr” “ Blogger”
One number, many services
Technical Overview
APIs Lots of API usage in our projects Mobile and Telephony (SMS, on-device APIs, Ribbit …) Classic Web APIs (Google, Facebook, twitter, ping.fm, Jajah…) Also provide our own APIs (not public yet)
Good news Good Examples Broadly speaking, many APIs Facebook API Last.fm Google Are well-documented Are well-structured Have associated documentation and code samples
Issues Security Each service tends to have a different approach to authentication OpenID, OAuth, Token-based (by user or by service), or worst case username/password Often multiple forms of security supported (Google, Yahoo) Architecture and Design Dependencies on third parties - outages outside your control Is twitter down for everyone or just me? :-) Defensive design and coding (async, failure cases) Other Some services not well documented (Bebo)
Authentication Token based, per service Usernames and Passwords don’t need to be stored User control to revoke individual services Your service looks/feels better Oauth or OpenID based Standard with some widespread adoption Google, Yahoo, others… Good documentation, good tools Token based, per user Usernames and Passwords don’t need to be stored Token is at user account level Revoke the token, revoke all services Username / Password Least desirable - YOU have to store username/password
Authorisation OpenID Has not as yet seen wide adoption - but will most likely get there (URLs, more complex to grasp for end user) More features than OAuth Cool Off Period Have to protect against brute force auth attacks Need cool-off periods after multiple auth fails e.g. dictionary attack on twitter OAuth We are a Consumer but not yet a provider
Sean O Sullivan, CTO [email_address] one number to get things done, hands-free

Recommended

Mashing Up with User-centric Identity
Mashing Up with User-centric IdentityMashing Up with User-centric Identity
Mashing Up with User-centric Identity
kkjjkevin03
 
Dial2Do API
Dial2Do APIDial2Do API
Dial2Do API
Sean O'Sullivan
 
Beacosystem Tour for GDG Dublin - Sean O Sullivan
Beacosystem Tour for GDG Dublin - Sean O Sullivan Beacosystem Tour for GDG Dublin - Sean O Sullivan
Beacosystem Tour for GDG Dublin - Sean O Sullivan
Sean O'Sullivan
 
Dial2Do Q4 2010
Dial2Do Q4 2010Dial2Do Q4 2010
Dial2Do Q4 2010
Sean O'Sullivan
 
LocalSocial App Overview
LocalSocial App OverviewLocalSocial App Overview
LocalSocial App Overview
Sean O'Sullivan
 
LocalSocial : Beacosystem Overview
LocalSocial : Beacosystem OverviewLocalSocial : Beacosystem Overview
LocalSocial : Beacosystem Overview
Sean O'Sullivan
 
Proximity and In-Store Engagement for the Digital Marketing Institute
Proximity and In-Store Engagement for the Digital Marketing InstituteProximity and In-Store Engagement for the Digital Marketing Institute
Proximity and In-Store Engagement for the Digital Marketing Institute
Sean O'Sullivan
 
LocalSocial XCake iBeacon Slides Q3 2015
LocalSocial XCake iBeacon Slides Q3 2015LocalSocial XCake iBeacon Slides Q3 2015
LocalSocial XCake iBeacon Slides Q3 2015
Sean O'Sullivan
 

Recommended

Mashing Up with User-centric Identity
Mashing Up with User-centric IdentityMashing Up with User-centric Identity
Mashing Up with User-centric Identity
kkjjkevin03
 
Dial2Do API
Dial2Do APIDial2Do API
Dial2Do API
Sean O'Sullivan
 
Beacosystem Tour for GDG Dublin - Sean O Sullivan
Beacosystem Tour for GDG Dublin - Sean O Sullivan Beacosystem Tour for GDG Dublin - Sean O Sullivan
Beacosystem Tour for GDG Dublin - Sean O Sullivan
Sean O'Sullivan
 
Dial2Do Q4 2010
Dial2Do Q4 2010Dial2Do Q4 2010
Dial2Do Q4 2010
Sean O'Sullivan
 
LocalSocial App Overview
LocalSocial App OverviewLocalSocial App Overview
LocalSocial App Overview
Sean O'Sullivan
 
LocalSocial : Beacosystem Overview
LocalSocial : Beacosystem OverviewLocalSocial : Beacosystem Overview
LocalSocial : Beacosystem Overview
Sean O'Sullivan
 
Proximity and In-Store Engagement for the Digital Marketing Institute
Proximity and In-Store Engagement for the Digital Marketing InstituteProximity and In-Store Engagement for the Digital Marketing Institute
Proximity and In-Store Engagement for the Digital Marketing Institute
Sean O'Sullivan
 
LocalSocial XCake iBeacon Slides Q3 2015
LocalSocial XCake iBeacon Slides Q3 2015LocalSocial XCake iBeacon Slides Q3 2015
LocalSocial XCake iBeacon Slides Q3 2015
Sean O'Sullivan
 
A A A
A A AA A A
A A A
Cristian Vat
 
The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2
Kallex
 
OWF14 - Project & Community Driving : Community management of a free software...
OWF14 - Project & Community Driving : Community management of a free software...OWF14 - Project & Community Driving : Community management of a free software...
OWF14 - Project & Community Driving : Community management of a free software...
Paris Open Source Summit
 
Launching a Successful and Secure API
Launching a Successful and Secure APILaunching a Successful and Secure API
Launching a Successful and Secure API
Nordic APIs
 
Shibboleth Guided Tour Webinar
Shibboleth Guided Tour WebinarShibboleth Guided Tour Webinar
Shibboleth Guided Tour Webinar
John Lewis
 
Getting started in app sec
Getting started in app secGetting started in app sec
Getting started in app sec
Amit Dubey
 
UserCentric Identity based Service Invocation
UserCentric Identity based Service InvocationUserCentric Identity based Service Invocation
UserCentric Identity based Service Invocation
guestd5dde6
 
Rest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API SecurityRest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API Security
Mohammed Fazuluddin
 
Delray chamber re google apps
Delray chamber re google appsDelray chamber re google apps
Delray chamber re google apps
Terra Spero
 
Protecting Your APIs Against Attack & Hijack
Protecting Your APIs Against Attack & Hijack Protecting Your APIs Against Attack & Hijack
Protecting Your APIs Against Attack & Hijack
CA API Management
 
OAuth in the Real World featuring Webshell
OAuth in the Real World featuring WebshellOAuth in the Real World featuring Webshell
OAuth in the Real World featuring Webshell
CA API Management
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?
Đỗ Duy Trung
 
Tulsa Techfest 2008 - Creating A Voice User Interface With Speech Server
Tulsa Techfest 2008 - Creating A Voice User Interface With Speech ServerTulsa Techfest 2008 - Creating A Voice User Interface With Speech Server
Tulsa Techfest 2008 - Creating A Voice User Interface With Speech Server
Jason Townsend, MBA
 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Coding
bilcorry
 
BSidesDC 2016 Beyond Automated Testing
BSidesDC 2016 Beyond Automated TestingBSidesDC 2016 Beyond Automated Testing
BSidesDC 2016 Beyond Automated Testing
Andrew McNicol
 
Auth experience - vol 1.0
Auth experience - vol 1.0Auth experience - vol 1.0
Auth experience - vol 1.0
Haggai Philip Zagury
 
Global Azure2021 Verona.pptx
Global Azure2021 Verona.pptxGlobal Azure2021 Verona.pptx
Global Azure2021 Verona.pptx
Luis Beltran
 
Moving To The Cloud
Moving To The CloudMoving To The Cloud
Moving To The Cloud
Steve Matthews
 
DataSploit - Tool Demo at Null Bangalore - March Meet.
DataSploit - Tool Demo at Null Bangalore - March Meet. DataSploit - Tool Demo at Null Bangalore - March Meet.
DataSploit - Tool Demo at Null Bangalore - March Meet.
Shubham Mittal
 
Openid & Oauth: An Introduction
Openid & Oauth: An IntroductionOpenid & Oauth: An Introduction
Openid & Oauth: An Introduction
Steve Ivy
 
Effective Software : Distributed Engineering Team in Europe
Effective Software : Distributed Engineering Team in EuropeEffective Software : Distributed Engineering Team in Europe
Effective Software : Distributed Engineering Team in Europe
Sean O'Sullivan
 
Beacosystem Talk @ MongoDB User Group Dublin @sos100
Beacosystem Talk @ MongoDB User Group Dublin @sos100Beacosystem Talk @ MongoDB User Group Dublin @sos100
Beacosystem Talk @ MongoDB User Group Dublin @sos100
Sean O'Sullivan
 

More Related Content

Similar to Dial2Do : API Experience

OWF14 - Project & Community Driving : Community management of a free software...
OWF14 - Project & Community Driving : Community management of a free software...OWF14 - Project & Community Driving : Community management of a free software...
OWF14 - Project & Community Driving : Community management of a free software...
Paris Open Source Summit
 
Protecting Your APIs Against Attack & Hijack
Protecting Your APIs Against Attack & Hijack Protecting Your APIs Against Attack & Hijack
Protecting Your APIs Against Attack & Hijack
CA API Management
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?
Đỗ Duy Trung
 

Similar to Dial2Do : API Experience (20)

A A A
A A AA A A
A A A
 
The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2
 
OWF14 - Project & Community Driving : Community management of a free software...
OWF14 - Project & Community Driving : Community management of a free software...OWF14 - Project & Community Driving : Community management of a free software...
OWF14 - Project & Community Driving : Community management of a free software...
 
Launching a Successful and Secure API
Launching a Successful and Secure APILaunching a Successful and Secure API
Launching a Successful and Secure API
 
Shibboleth Guided Tour Webinar
Shibboleth Guided Tour WebinarShibboleth Guided Tour Webinar
Shibboleth Guided Tour Webinar
 
Getting started in app sec
Getting started in app secGetting started in app sec
Getting started in app sec
 
UserCentric Identity based Service Invocation
UserCentric Identity based Service InvocationUserCentric Identity based Service Invocation
UserCentric Identity based Service Invocation
 
Rest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API SecurityRest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API Security
 
Delray chamber re google apps
Delray chamber re google appsDelray chamber re google apps
Delray chamber re google apps
 
Protecting Your APIs Against Attack & Hijack
Protecting Your APIs Against Attack & Hijack Protecting Your APIs Against Attack & Hijack
Protecting Your APIs Against Attack & Hijack
 
OAuth in the Real World featuring Webshell
OAuth in the Real World featuring WebshellOAuth in the Real World featuring Webshell
OAuth in the Real World featuring Webshell
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?
 
Tulsa Techfest 2008 - Creating A Voice User Interface With Speech Server
Tulsa Techfest 2008 - Creating A Voice User Interface With Speech ServerTulsa Techfest 2008 - Creating A Voice User Interface With Speech Server
Tulsa Techfest 2008 - Creating A Voice User Interface With Speech Server
 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Coding
 
BSidesDC 2016 Beyond Automated Testing
BSidesDC 2016 Beyond Automated TestingBSidesDC 2016 Beyond Automated Testing
BSidesDC 2016 Beyond Automated Testing
 
Auth experience - vol 1.0
Auth experience - vol 1.0Auth experience - vol 1.0
Auth experience - vol 1.0
 
Global Azure2021 Verona.pptx
Global Azure2021 Verona.pptxGlobal Azure2021 Verona.pptx
Global Azure2021 Verona.pptx
 
Moving To The Cloud
Moving To The CloudMoving To The Cloud
Moving To The Cloud
 
DataSploit - Tool Demo at Null Bangalore - March Meet.
DataSploit - Tool Demo at Null Bangalore - March Meet. DataSploit - Tool Demo at Null Bangalore - March Meet.
DataSploit - Tool Demo at Null Bangalore - March Meet.
 
Openid & Oauth: An Introduction
Openid & Oauth: An IntroductionOpenid & Oauth: An Introduction
Openid & Oauth: An Introduction
 

More from Sean O'Sullivan

More from Sean O'Sullivan (20)

Effective Software : Distributed Engineering Team in Europe
Effective Software : Distributed Engineering Team in EuropeEffective Software : Distributed Engineering Team in Europe
Effective Software : Distributed Engineering Team in Europe
 
Beacosystem Talk @ MongoDB User Group Dublin @sos100
Beacosystem Talk @ MongoDB User Group Dublin @sos100Beacosystem Talk @ MongoDB User Group Dublin @sos100
Beacosystem Talk @ MongoDB User Group Dublin @sos100
 
Hardware is cool again
Hardware is cool againHardware is cool again
Hardware is cool again
 
Hardware is Cool (again)
Hardware is Cool (again)Hardware is Cool (again)
Hardware is Cool (again)
 
LocalSocial O Reilly Webcast Slides - A Tour of the Beacosystem
LocalSocial O Reilly Webcast Slides - A Tour of the BeacosystemLocalSocial O Reilly Webcast Slides - A Tour of the Beacosystem
LocalSocial O Reilly Webcast Slides - A Tour of the Beacosystem
 
LocalSocial Getting Started Guide
LocalSocial Getting Started GuideLocalSocial Getting Started Guide
LocalSocial Getting Started Guide
 
Beacosystem V3
Beacosystem V3Beacosystem V3
Beacosystem V3
 
LocalSocial @ AppsWorld
LocalSocial @ AppsWorldLocalSocial @ AppsWorld
LocalSocial @ AppsWorld
 
Real Estate, Property and iBeacon
Real Estate, Property and iBeaconReal Estate, Property and iBeacon
Real Estate, Property and iBeacon
 
Indoor Location / iBeacon @ Digital Summit Ireland by LocalSocial
Indoor Location / iBeacon @ Digital Summit Ireland by LocalSocialIndoor Location / iBeacon @ Digital Summit Ireland by LocalSocial
Indoor Location / iBeacon @ Digital Summit Ireland by LocalSocial
 
LocalSocial Bluetooth Webinar
LocalSocial Bluetooth WebinarLocalSocial Bluetooth Webinar
LocalSocial Bluetooth Webinar
 
LocalSocial - Indoor Location Positioning Overview
LocalSocial - Indoor Location Positioning OverviewLocalSocial - Indoor Location Positioning Overview
LocalSocial - Indoor Location Positioning Overview
 
LocalSocial : In-store engagement platform
LocalSocial : In-store engagement platformLocalSocial : In-store engagement platform
LocalSocial : In-store engagement platform
 
Beyond The Check-In
Beyond The Check-InBeyond The Check-In
Beyond The Check-In
 
LocalSocial Smart Mobile Marketing
LocalSocial Smart Mobile MarketingLocalSocial Smart Mobile Marketing
LocalSocial Smart Mobile Marketing
 
Wireless Systems Congress LocalSocial
Wireless Systems Congress LocalSocialWireless Systems Congress LocalSocial
Wireless Systems Congress LocalSocial
 
Software Development Engineers Ireland
Software Development Engineers IrelandSoftware Development Engineers Ireland
Software Development Engineers Ireland
 
LocalSocial Overview Q2 2011
LocalSocial Overview Q2 2011 LocalSocial Overview Q2 2011
LocalSocial Overview Q2 2011
 
LocalSocial Overview Q22011
LocalSocial Overview Q22011LocalSocial Overview Q22011
LocalSocial Overview Q22011
 
LocalSocial @ MoMoLo
LocalSocial @ MoMoLoLocalSocial @ MoMoLo
LocalSocial @ MoMoLo
 

Recently uploaded

Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Peter Udo Diehl
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 

Recently uploaded (20)

Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 

Dial2Do : API Experience

  • 1. API Experience Sean O Sullivan, CTO [email_address] one number to get things done, hands-free
  • 2.  
  • 3.  
  • 4.  
  • 5. Dial One Number to … Currently 40+ services Interactive, Two-Way service (not just voice to text) Integrates with existing web applications “ sandy” “ Evernote” “ Mosio” “ RTM” “ text” jaiku “ jajah” “ twitter” “ NYT” “ Huff Post” “ tumblr” “ Blogger”
  • 6. One number, many services
  • 8. APIs Lots of API usage in our projects Mobile and Telephony (SMS, on-device APIs, Ribbit …) Classic Web APIs (Google, Facebook, twitter, ping.fm, Jajah…) Also provide our own APIs (not public yet)
  • 9. Good news Good Examples Broadly speaking, many APIs Facebook API Last.fm Google Are well-documented Are well-structured Have associated documentation and code samples
  • 10. Issues Security Each service tends to have a different approach to authentication OpenID, OAuth, Token-based (by user or by service), or worst case username/password Often multiple forms of security supported (Google, Yahoo) Architecture and Design Dependencies on third parties - outages outside your control Is twitter down for everyone or just me? :-) Defensive design and coding (async, failure cases) Other Some services not well documented (Bebo)
  • 11. Authentication Token based, per service Usernames and Passwords don’t need to be stored User control to revoke individual services Your service looks/feels better Oauth or OpenID based Standard with some widespread adoption Google, Yahoo, others… Good documentation, good tools Token based, per user Usernames and Passwords don’t need to be stored Token is at user account level Revoke the token, revoke all services Username / Password Least desirable - YOU have to store username/password
  • 12. Authorisation OpenID Has not as yet seen wide adoption - but will most likely get there (URLs, more complex to grasp for end user) More features than OAuth Cool Off Period Have to protect against brute force auth attacks Need cool-off periods after multiple auth fails e.g. dictionary attack on twitter OAuth We are a Consumer but not yet a provider
  • 13. Sean O Sullivan, CTO [email_address] one number to get things done, hands-free

Editor's Notes

  1. Dial2Do is focused on enabling drivers to do things while they drive. The service was launched to public in August 2008.