Wednesday, 10 December 2008 API reg / support site nearly built - and the ethics of logging.

I'm not far away from launching the API registration and support site. I hope to have it ready by the weekend and will announce the web link from here.

It's been quite a week - talk in the web world of this being a busy few days for taking orders has certainly proved true here at and it's been 'all hands to the mill' to ensure everything is flowing sweetly. All seems to be well - at least the infrastructure team aren't running around installing extra bits of server equipment like we used to in the 'olden' days at this time of year.

Ah yes, maybe I should recall in some future blog entries some memories of days of yore when our small but merry band kept things humming thanks to the small matter of working 12-14 hour days...!

Anyway back to the future and registration: When you register you will obtain a 20-character alphanumeric text string which I am calling a developer key which you need to supply to the Login() web method of the API as part of successful authentication. The key is entirely randomly generated at registration (I'm not hiding anything encrypted in it) and is then used to look up your developer record in a database to ensure that you are 'allowed' to use the service.

Don't worry - I'm going to use a light touch when it comes to regulating this community preview edition of the API (conscious though I am that 'light touch' is what the Financial Services Watchdog did to the banks and look what's happened...) so as to get your feedback at this early stage.

I'm genuinely delighted by messages from developers who are excited about what they might do with the API, and I plan to launch a competition in the coming weeks to find the the most innovative use of the service.

I've also got an interesting ethical puzzle: I am about to provide for the API to include a logging facility. The idea is that you can call a 'log' web method anytime you want from your client application to log some event or other. You will then be able to analyse events through the developer web site by logging in with your developer-id. You will be able to see if users under-use some aspect of your application, for example. But what do you and I tell the customer that the application is logging about their behaviour? And how far do we go with logging? Every key press or mouse-click? The output from this CTP version of the API is going to have to come up with some rules about behaviour with client application logging, as well as reassure the customer.

My focus at the moment, though, is stabilising the service and launching this CTP edition in the next few days. Better get back to my C# coding...

No comments:

Post a Comment

As this blog grows in readership - and because it carries the Tesco brand - I have had to become more careful about the sort of comments that are acceptable. The good news is that I'm a champion of free speech so please be as praising or as critical as you wish! The only comments I DON'T allow through are:

1. Comments which criticise an individual other than myself, or are critical of an organisation other than Tesco. This is simply because they cannot defend themselves so is unfair and possibly libellous. Comments about some aspect of Tesco being better/worse than another equivalent organisation are allowed as long as you start by saying "in my personal opinion.." or "I think that...". ... followed by a "...because.." and some reasoned argument.

2. Comments which are totally unrelated to the context of the original article. If I have written about a mobile app and you start complaining about the price of potatoes then your comment isn't going stay for long!

3. Advertising / web links / spam.

4. Insulting / obscene messages.

Ok, rules done - now it's your go: