Your business may be considering opening up its Application Programming Interface (API) to allow other businesses to integrate their products and services with yours. Although this is a good way of expanding your brand, there are some important considerations to take into account. This article will explain why it is necessary to create effective terms and conditions when opening up your API to third party businesses.
What is an API?
API is the part of a website’s server which sends and receives responses and acts as an interface between the database and the front-end. The front-end is what the general public sees. Usually, an API is built on top of your website. Your business may have an API but only for internal use. However, opening up your API can be beneficial for your business. By opening up your API, developers working for other businesses will be able to access your API and use it to incorporate selected data from your API with their own data. This will allow them to integrate your website functions into the website or application they are working on.
For example, a developer might integrate Google Maps on to a third party website. To do this, the developer would access and use the Google Maps API.
Why Open Your API Up to Third Parties?
You may choose to open up your business’ API to third parties because it allows you to turn your API into a product. You can either provide access on a paid basis, or you can allow free access. Either way, your business will benefit from having parts of your website integrated onto other websites and applications. This allows you to spread your brand further. In the process, you will be able to collect more data and further analyse the trends concerning how your product or service helps end users.
For example, you may have an application which allows users to log their spending. Opening up your API will allow another business, such as a superfund, to use your API to incorporate your application into their website. Therefore, when the superfund’s users access your spending log application, you will be able to see how your product assists these users. This gives a wider sample of data, helping you determine where to direct your focus in the future and improve your application.
Why Are API Terms and Conditions Important?
Opening up your business’ API can deliver a lot of business opportunities. However, you need to make sure you have terms and conditions in place for the use of your API. These terms and conditions will help you ensure you reap the benefits and limit your risk.
Firstly, it is important to consider whether your API will be:
- open in a publicly viewable format; or
- private, meaning you can review access requests and potentially charge a fee for this access.
If your API is entirely open to all users, payment terms won’t be a key feature of your terms and conditions. However, if you are planning to ask for an access fee then you will need to make clear:
- how much the fee is;
- how it is paid; and
- the nature of the access you are providing in return.
Access and Licence to Use
There are also key access terms you should have in place when opening up your API; whether for free or not.
For example, you may require users to create an account so that you can better track who is accessing your API. If you require users to create an account, you will need to set out the steps to create this account. Once the user has created an account and they access your API, you will then need to grant them a licence to use your API and data.
It is in your interests to be explicit in granting this licence, to ensure it is clear that you are only granting a licence to use your API and you are not assigning your rights to your API or your data over to the user. To further protect your ownership, you will also want to specify that you retain intellectual property in the API and your data. Typically, you will also set out that you require attribution for any data reproduced from your API for the third party user’s website or application.
Restrictions on API Use
It is worth noting that even though you have granted a user a licence to use your API you do not need to grant unlimited use.
You may wish to restrict the:
- time period when your API is available; or
- number of API calls a user is allowed to make per day.
For example, if you require payment for access, you may have different call limits attributed to different fees. Limiting availability helps to ensure your API does not become overwhelmed. Otherwise, it may affect the operation of your API and therefore your business.
One of the key risks when opening up your API is security. You will want to have provisions in your terms and conditions which require that users must not seek to:
- violate your security;
- reverse engineer your API; or
- use it in a way that affects the function of your API.
Under the termination clause, if access is free, you should ensure that you can terminate at your discretion and without notice. However, if a user is paying a fee, you should not have an oppressive termination clause in place to ensure the user isn’t deterred from signing up.
Nonetheless, you should ensure that you have terms that allow you to terminate a user’s access if they use the API in a way that:
- infringes your intellectual property;
- poses a risk to your security; or
- affects the use of your API.
The level of support you provide for the use of your API is a commercial decision. If your API is free to access it is likely you will want to limit any support. On the other hand, if the user pays an access fee, you may want to offer some support to provide a further incentive for payment. Support can include terms setting out the process for:
- downtime; and
- technical support.
Was this article helpful?
We appreciate your feedback – your submission has been successfully received.