View News by Category
- Adobe (3)
- Amazon (40)
- AOL (16)
- APIs (217)
- BestMashups (114)
- BestPractices (13)
- Books (6)
- CaseStudies (5)
- Code (4)
- Contests (59)
- ebay (6)
- Enterprise (44)
- Events (59)
- Examples (152)
- Facebook (17)
- Featured (10)
- fun (7)
- Games (3)
- General (16)
- Google (98)
- Gov (28)
- Green (2)
- Hardware (6)
- HowTo (15)
- Infrastructure (11)
- Issues (52)
- Java (2)
- JavaScript (11)
- Jobs (1)
- Law (21)
- Mapping (90)
- Media (14)
- Metrics (7)
- Microsoft (39)
- Mobile (12)
- Money (76)
- Music (17)
- News (118)
- Nonprofit (5)
- OpenSocial (16)
- photo (20)
- Popular (19)
- PopularAllTime (21)
- Press (17)
- Reference (5)
- Religion (1)
- RIA (5)
- roundup (1)
- Ruby (2)
- Salesforce (8)
- Science (1)
- Search (11)
- Security (16)
- SemanticWeb (3)
- Shopping (17)
- Site News (59)
- Social (55)
- Source (2)
- Standards (6)
- Telephony (12)
- Tools (46)
- Video (31)
- Visualization (7)
- Widgets (20)
- wiki (2)
- Yahoo (56)
Archives
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- August 2005
Defensio API Wants to Defend Your Site Against Spam
Kevin Farnham, October 8th, 2008 
Comments(0)
Defensio, the anti-spam service, offers an API that can be integrated into blogs and web sites to fight spam comments and other unwanted spam (details at our Defension API profile). The service appears to be run by a small team, and is similar in purpose to Akismet, the much larger spam filtering service from Automattic (which powers WordPress.com), who also offer an anti-spam API.
The Defensio API lets you submit text entered by a user which is then analyzed by their service and returns an indication of the likelihood that the text is spam. Additional functions let you help train the Defensio database by identifying false negatives (cases where Defensio failed to identify actual spam) and false positives (cases where Defensio incorrectly considered a text to be spam).
The REST-based API supports data in XML or YAML. (Don’t know YAML? It stands for “YAML Ain’t Markup Language”, a human friendly, programming language independent data serialization format). Defensio also provides OpenID support, API documentation, an FAQ, community forums, and the Defensio blog.
Defensio plugins are available for a number of popular blogging applications including WordPress, Korea’s TextCube (recently acquired by Google), and the ExpressionEngine CMS. They also offer language specific wrappers for Java, PHP, Ruby on Rails, Python and .NET.
Magnify.net API Brings Video Channels to Any Site
Jordan Running, September 24th, 2008 Comments(0)
Magnify.net, a web service that allows individuals and companies to build and curate their own video channels and communities, has announced an API to enable developers to pull videos and data from their Magnify.net channels and integrate them into their own applications (details at our Magnify.net API Profile).
From Magnify.net’s API page:
The Magnify API frees your channel’s functionality from its layout. All content that is discovered, reviewed and published by Magnify on your behalf can now be taken anywhere. You can search, browse and display your videos, playlists, users and comments for use on your own site or in your web application. You can build widgets tuned to your exact needs. You can mix, match and mash all of these to use your video in ways we’ve never imagined. And this is only the initial release: stay tuned for even more power.
The API takes simple REST queries and responses are delivered in Atom format. Applications can query video content, playlists, users, and user activity such as comments, ratings, and tags. In order to embed videos from Magnify.net in third-party applications, the Atom response for a content query includes a media:content element with a url value, which can be used as the src in an iframe.
For authentication, developers will use an API key and for end-users of applications built on the API, Magnify.net offers a single sign-on cookie system, which lets them log onto a channel without having to leave the application.
To get started with the Magnify.net API, the Developer’s Guide is the place to start. Sample code, as well as a PHP client library, is also provided, and a demo site gives several examples of the API in action. Their source code is provided on the sample code page.
Video APIs and mashups continue to be one of the most active segments of the web platform, with over 50 video APIs now available. For more on video APIs and mashups, see our Video API and Mashup Dashboard.
Skydeck API Fuses Mobile Phones and Social Networking
Kevin Farnham, September 9th, 2008 Comments(1)
Skydeck announced their new APIs, with the objective of enabling developers to create applications that integrate personal cell phone data into their daily online experience, including email and calendars, Facebook, MySpace, and Salesforce. “Very few developers have ever had the chance to work with cell phone data, so we’re excited to see what people come up with.”
Indeed, there are some unique opportunities for developers building apps on the Skydeck API. The new API provides access to your mobile phone call log, address book, minutes remaining on your monthly plan, etc. Skydeck API applications can also access this information for accounts other than your own account, provided that the people have given permission for others to access the information. In this sense, Skydeck is like many online social networking sites. The screenshot below shows their dynamic “smarter address book”.
The Skydeck API is REST-based with returned in JSON format. All applications that use the API must implement OAuth, which enables users to set permissions for what data they’d like to make available to Skydeck API applications. API calls are secured through the use of an API key. The Skydeck API Documentation provides detailed information on the API methods, calling URLs, and the structure of the API’s data types.
See our new Skydeck profile for an overview of the API.
With Skydeck, people’s cell phones are transformed into an infrastructure that is the basis for a new kind of social networking. As Kristen Nicole wrote in her Mashable.com post “Skydeck API: Turn Your Phone Bill Into a Facebook Application”, Skydeck will:
“… change your perspective about the definition of a social network. In connecting the dots between you and the people you talk to on your cell phone, Skydeck is making a regular activity directly applicable to social networking.”
SoundCloud API Benefits Professional Musicians
Kevin Farnham, August 4th, 2008 Comments(0)
SoundCloud is an online audio platform that enables people to send, receive, play, and distribute music, and also engage in conversation about the music. The platform is designed to meet the needs of professional musicians. Music can be distributed in downloadable or streamable formats, to individuals or groups of people. Conversations about the music are facilitated by a capability to insert comments relating to a specific location within a sound track (see the SoundCloud Tour for an illustration of this innovative feature).
SoundCloud provides an open, standards-based API backed by the SoundCloud Developer Manifesto. The Manifesto describes objectives and principles “for developers inside, outside and around SoundCloud” and welcomes the participation of outside developers in building upon the foundation the API provides.
The API exposes the full range of SoundCloud’s functionality for third-party developers. Developers can upload tracks, access comments and tracks, edit metadata and more.
The API is RESTful, and supports XML and JSON. The API provides resources including users, tracks, assets (audio tracks), comments, and events. As Chris Messina notes, the SoundCloud API supports OAuth as well.
See our new SoundCloud API profile for more details.
The SoundCloud API documentation includes a developer docs wiki and sample code. The SoundCloundAPI Google Group is available for open discussion, and developers are also encouraged to contact the SoundCloudAPI directly with any questions.
Developers have already applied the SoundCloud API to develop some interesting applications, including the app RadioCloud, a radio mashup that visually integrates a user’s social graph, and a Facebook SoundCloud Player. Note that both these apps have source code available, RadioClouds is ActionScript and the Facebook player is PHP. More at our SoundCloud Player for Facebook and RadioCloud mashup profiles.
With features like like the ability to tie conversations to a specific location within a music track, SoundCloud and the SoundCloud API open new ways to match professional-level customizable music distribution capability along with a new kind of social networking.
Update: SoundCloud has offered 100 PW readers an invite to their private beta, just go to http://soundcloud.com/guestlist/programmableweb to sign-up.
Brightkite’s API for Location-based Social Networks
Jordan Running, July 22nd, 2008 Comments(0)
The fledgling location-based social networking service Brightkite, itself in limited beta, have announced the first release of its beta API (our API profile). The service which lets you use mobile and web interfaces to specify your location to connect with friends is described by CNET’s Caroline McCarthy like “a more feature-intensive version of Dodgeball“.
Brightkite’s API offers both basic HTTP authentication and OAuth. Resources available through the API include users, their friends, places, checkins (i.e. when a user “checks in” at a particular place), notes and photos about a place, placemarks (a user’s saved favorite places, comments left on notes and photos, and user-to-user messages. It also makes available the service’s “streams,” or recent actions from friends or people nearby. Developers may choose to receive responses in XML or JSON format, and the API is fully RESTful—HTTP POST for object creation, GET for reading data, PUT for updates, and DELETE to delete an object.
In the announcement, Brightkite’s Brady Becker uses Socialthing! as an example of the API in action. Socialthing! uses the API to pull in a user’s Brightkite updates as well as his avatar and has filters for notes, photos, and checkins (our mashup profile):
Brightkite is organizing third-party developers using Google Groups and some appear to be hard at work building Brightkite mashups, as well as interfaces for Blackberry, Windows Mobile, and other devices.
Last.fm Shifts Its Music API into Overdrive
Kevin Farnham, July 15th, 2008 Comments(1)
Last.fm has announced a major upgrade to their API. Last.fm API 2.0 is replacing Last.fm’s original API, which is now considered legacy.
Last.fm’s API is one of the most popular of all music APIs, with over 60 mashups having already been developed using the original API. The methods in the original API will continue to be supported, but this version offers significant new capabilities that will enable much deeper integration of applications with the Last.fm platform. As their announcement notes:
Our vision is the most comprehensive social music API on the web, and today marks a big step forward in that direction.
New features in API 2.0 include:
- user authentication protocol, enabling creation of user sessions
- write services: authenticated users can create and update their Last.fm content
- mobile device support
- new read/write tagging methods
- new search, playlist, and event capability
- enhanced geographical capability, enabling retrieval of events for a particular location
In terms of structure and protocol, the new API 2.0 maintains consistency with the original API: REST and XML-RPC requests are supported. Data is typically returned in XML format, with some methods offering additional format options (for example, you can retrieve geo.getEvents data in XML, RSS, or iCAL format).
One thing that hasn’t changed is the depth and clarity of the Last.fm API documentation. Each method is thoroughly described, and illustrated using example return data.
In addition to the popular Last.fm mashups listed here including TuneGlue, show below from our TuneGlue profile, a slick interactive visualization of the relationship between music artists using the Last.fm and Amazon.com.uk APIs. You can find more Last.fm applications on the build.last.fm site.
ReadWriteWeb’s Sarah Perez has more on the release.
Keep track of music-related APIs at our Music API and Mashup Dashboard.
Tangler: An API for Discussion Forums
Andres Ferrate, July 8th, 2008 Comments(3)
Tangler, an online network of discussion forums, recently announced their new API. The Tangler service takes traditional discussion forums to a new level, by allowing anyone to easily set up a discussion forum that can grow to include hundreds of topics and thousands of users. Tangler forums include the ability to embed video, “real-time” discussions, and social networking. There’s even an instant desktop notifier application that alerts users whenever a new message is posted to a particular topic.
We’ve added a new Tangler API profile with more details.
The Tangler API is a RESTful API that supports nine calls for content from Tangler, including:
- Get all topics in a forum
- Get all messages in a topic
- Get all (public) forums for a user
- List popular topics in a forum
- List popular topics in a forum according to the limit specified
- List topics in a forum according to the Time Value specified
- List topics in a forum according to the author
- List messages in a Topic according to the Time Value specified
- List all messages created by the supplied user
Be sure to check out the complete API documentation as well as Tangler Developer’s Forum (which, of course, uses Tangler). Also note that Tangler supports RSS feeds for its discussion forums, so it’s possible to subscribe to discussion threads as well without use of the API.
On a similar note, see the the Webride API, which allows users to embed and start discussions on a variety of web pages.
Monetize Chat Apps with AIM Money
Kevin Farnham, June 23rd, 2008 Comments(1)
AOL is now offering developers who create applications using the Open AIM API the opportunity to make money. AIM Money is a new revenue-share platform where developers profit from ads they embed into their Open AIM applications.
As Stephen Shankland reports over at Webware, AIM Money is enabled by new features in AIM 6.8 and extensions to the Open AIM API. The new developments let developers:
Write software such as the mini-applications that plug into AIM’s own chat software, bots that can communicate with humans on the network, Web-based AIM interfaces, and software that show when AIM members are available online through the service.
The payment model is simple: you are paid for each ad displayed, on a monthly basis, using PayPal.
To get started with AIM Money, go to the AIM Money home page, log into your AIM account, and click the “Sign Up Now” button. Once you agree to the terms, you can get the ad code you need to embed into your AIM application.
The AIM advertisements are packaged into HTML <iframe> elements. The frames, which are served from a subdomain on AOL’s Userplane.com site, come in three different sizes, letting you apply the ad size that works best in your AIM application.
See our WebAIM API page to view some of the types of applications people have developed using Open AIM. For example, the TinyBuddy IM mashup applies AOL’s OpenAuth API along with WebAIM in an IM client that works on the iPhone and iTouch, as well as in standard browsers (more details at our mashup profile).
You can find good tutorials on developing Open AIM applications at the AIM Central site. And by adding in AIM Money you’re on your way to monetizing your next chat application.
Paris Hilton Photos Leaked via API Security Breach
John Musser, June 9th, 2008 Comments(0)
What happens when the API is technically secure but the environment, whether widget, web site or mashup, is not? Recent security breaches in MySpace and Yahoo, which led to the release of semi-embarrassing photos of prolific celebs Paris Hilton and Lindsay Lohan, points out the added opportunities for hackers in the open web.
According to the CNET story the vulnerability was caused by a ‘deprecated API’, but it also appears to be a function of the interaction between two cooperating environments: a MySpace widget that in turn used a Yahoo authorization scheme. The vulnerability has been fixed but the step-by-step details are outlined by this Valleywag article.
And the folks over at F5 looked at this and asked: Is deprecation of APIs a security risk?. They call out some of the inherent issues with deprecating functionality in an online API: “Deprecation is to developers what quiescing is to database administrators and bleeding-off is to TCP-focused products. Deprecation can take years, as anyone familiar with the Java language specification can tell you…Deprecation in a Web-based API a la REST also increases the number of methods, scripts, or applications that have to be maintained and increases the potential security holes through which bad guys might be able to access private data - or worse.”
This isn’t the first time privacy-related mashup security has been newsworthy. Even two years ago just the prospect of open API-enabled security breaches was the centerpiece of a New Scientist story on Mashups as Hacker’s Dream. And “creative application” of available online personal data was used in the eye opening proof of concept we covered in Banned Books and the Big Brother Mashup, in which readers of subversive books got plotted on a Google Map.
And as the web opens and interconnects, we’ll certainly see more incidents of this type. Racy photos are one thing, but what if it is your medical history or financial records? And with multiple vendors, some of whom don’t have the policies and reputation of the big players, who is responsible for repairing and notifying you if such a breach occurs?
Twitter Search via the Summize API
Kevin Farnham, June 4th, 2008 Comments(0)
Summize.com provides the capability to search Twitter conversations. Summize now offers the Summize Twitter Search API (profile), providing programmable Twitter searches. You can search for:
- tweets containing a word
- tweets from a specific user
- tweets to a specific user
- tweets referencing a specific user
- tweets containing a hashtag
- any combination of the above
The returned tweets can be limited by language, status ID, and geocoding. The geocoding operation is interesting: you can search only for tweets that originated within a certain radius of a given latitude and longitude (based on the user’s profile location).
See our Summize Twitter Search overview for details on the API. The API utilizes a standard REST protocol. You can call the API and receive the results using Atom and JSON data formats.
Twizon, a Mashup of the Day this week, is a new mashup that combines the Summize Twitter Search API with the Amazon eCommerce API to provide recent tweets about Amazon products. Visit Twizon.com to find out what Amazon products people are tweeting about.
Peter Laird has written about the potential benefits for companies that mine Twitter for candid thoughts and user opinions about company products. The Summize Twitter API is the perfect tool for automating these types of search.
Our Sponsors
Member of
