Flakey Docs… Flakey People… Dangerous Waters

Danger

I've been working with an old friend on a project he brought to me about two years ago. There have been several cycles of work here - some really worked well, others not so much. But the current crop of code is about creating an iPad app for this third-party RESTful API. It's for UK midwives - and it's tracking the health and vital stats of the mothers and the babies - and it's a good thing to do as it helps out the people getting health care to the villages in the UK. Good goal.

The problem is that the API that I'm supposed to be writing to is really not well documented at all, and then it's got a really odd way of doing OAuth, and then making subsequent calls is not easy, and in all, it looks like it's been built by someone that really has no idea whatsoever of how to make a good, solid, reliable API. But maybe it's just the docs - who knows?

Well, today I've found out that it's not just the docs - they are bad, but it's the API as well because the docs are incomplete, and when I get a return value it's not what the docs say, so it's not even tracking the old, horrible docs. Additionally, my friend said he worked out how to make the calls by digging into the FORM values returned by the authentication call (yeah, makes no sense to me either), and when he tried it again a week later, the parameters have changed so that it no longer worked.

So in order to make this work we're scraping a web FORM, and it's so dynamic that it's going to change within a week? Yikes! That's all kinds of warning flags to me. Now I'm not trying to be a snob, and there are certainly plenty of issues with professionals doing this, but I can't remember such a really bad interface for a service. It's almost like it doesn't exist - as if the web site is all they have, and there's no plans at all for a decent RESTful API.

That makes a lot more sense than the things I'm seeing.

My friend is asking me if we want to fix this for this guy - and I can't honestly remember a time when that really worked. I'm not saying that it can't - I'm saying that in my life, I can't remember ever seeing it actually work. The singular boss would have to give up a lot of control on the tech side of things. He'd also have to give up a lot of the money he's making on this in order to compensate people capable of really making this a professional API.

On the up-side, he could then sell access to the API to people wanting to build apps on it - like he's attempting to do to us. But in it's current state, there's no way in the world I'd be willing to pay a dime for this - it isn't professional, and it exudes no trust.

I'm not sure what will happen, but I know sirens when I hear them...