from Hacker News

Ask HN: Clever ways to handle API access but avoid signup?

by dyml on 8/3/20, 7:48 PM with 3 comments

I’m working on an API to make it easier to try/adopt a certain technology.

I want to reduce friction and barriers to try the API. I would like to avoid forcing the developer to sign up to get an API key.

Current ideas is to allow a developer to create there own API key on the first request, treating it like a secret.

However it would be good to have a way to contact the developer via email.

What are clever ways you’ve seen to reduce friction when trying an API?

  • by bhargav on 8/3/20, 8:10 PM

    Reducing friction is a good idea but I would argue that asking folks to generate and send you a secret is likely the same amount as them getting an API key that you generate for them. You’ll also run into uncertainties in secret key formats that are used by disparate clients.

    If you really want to: One alternative would be to generate a random JWT while the developers are on the website and ask them to secure a given JWT by adding their email, doing on boarding that way.

    Addendum: In terms of reducing friction, if this is going to be a paid API, I would suggest adding a free tier that allows N requests before you either rate limit or cut off, and send an email to ask for a conversion

  • by zzo38computer on 8/3/20, 8:05 PM

    You could require (or just request, if wanted) a "From" header in the HTTP request, perhaps, if you want to contact the user via email.