I always wondered what big companies' APIs tend to look like. Is it like simply that you take the initial big dump of data, then ETL it into a separate database and format to process for stuff like match history, then ETL it further onto a different server for API purposes?
Do you instead just have 2 different APIs, one publicly available, and the other private, and both use the same kind of access points, and the same dataset, but with less security enforced onto your own client?
Oh there's a lot to this question, I'll try and his the high level parts. All good questions though.
I don't necessarily think there's one right way to do things, as in most of software engineering there are tradeoffs to everything so it really just depends on your circumstances/constraints to determine which path you take to creating an API. You might ETL all this data into a separate data store for the API if isolation is a concern. You might make two separate APIs if you need to. It all kind of depends on your requirements.
Theory first. I personally like it when the client or primary product uses the same APIs as as made available to the public and the only difference is the permission set (in something like OAuth this means scopes). In general, creating a product that is API first ensures that the API is never an after thought and the product is designed in way for the data to be sharable while still meeting the product needs. If you do take a different approac...
Read more