The Crunch API – one of our most-requested new features – is now almost ready for public consumption.
For the less technically inclined among you, an API, or Application Programming Interface, is a way for third parties to interact with client data stored on the Crunch system. For example if a developer wanted to make an iPhone app to record expenses, they would need to access client information through a secure, identifiable connection. This is what an API provides.
Of course, in creating our API security has been the top priority. We are instituting several layers of security in our API to ensure nothing untoward ever happens to your data.
Firstly, prospective developers will need to apply in order to gain an API key. This means that if something goes wrong while an application is accessing the Crunch system we will be able to identify the developer, and withdraw access if necessary.
If a client wishes to use a third-party application to access their Crunch data, they will be required to grant access to that application (similar to granting access to apps in Facebook or Twitter). Once granted, the third-party application will have access until it is revoked by the client.
Version 1.0 of the Crunch API – which will be arriving in the coming weeks – is primarily a test bed for these security measures. As such the only function available through the API at launch will be the recording of an expense. Once we’ve tested with a number of developers and are satisfied the security is air-tight we’ll start building in other functionality such as generating and sending invoices, drawing dividends etc. Adding other functionality to the API will be a relatively simple affair, so once this initial testing period is over the API’s feature set should grow quickly.
In this first release we’ll be looking for clever-clogs developers to build applications using our API, to test the security, and to provide feedback to our development team. If this sounds like you, send an email to firstname.lastname@example.org to get your application started.
Some quick information for techie types hoping to tinker with our API – authentication will be done via OAuth, and we’ve decided to go with a RESTful system as opposed to SOAP, primarily for its ease of use.
While our development team will be limiting the number of developers included in this first test, we are hoping to open the API up to all comers very shortly, and we can’t wait to see what you guys build with it!