Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Reverse Engineering APIs
Search
mikz
May 30, 2014
Technology
630
1
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Reverse Engineering APIs
Hacking Sonos and Bicing APIs with APItools.
ApiDays
mikz
May 30, 2014
Other Decks in Technology
See All in Technology
BigQuery の Cross-cloud Lakehouse への歩み
phaya72
2
600
2026.06.13_AI時代に事業会社が「SIer出身エンジニア」を求める理由 / Why Businesses Seek Engineers with a System Integrator Background in the AI Era
jumtech
0
700
Oracle AI Database@Google Cloud:サービス概要のご紹介
oracle4engineer
PRO
6
1.5k
新規事業を牽引する技術選定 〜フルスタックTypeScript開発の実践事例〜
nullnull
3
360
地元にいないローカルオーガナイザーの立ち回り
uvb_76
1
1.1k
ITエンジニアを取り巻く環境とキャリアパス / A career path for Japanese IT engineers
takatama
4
1.8k
「コーディング」しない人のための Claude Code 入門 ChatGPT の次の一歩 — 業務に組み込む 育成・共有・自動化
rfdnxbro
2
1.2k
コードレビューを制するチームがソフトウェアデリバリーのフローを制す / Beyond Code Review: Distributing Its Responsibilities Across the SDLC
mtx2s
4
1.3k
社内 AI エージェント Synapse と セマンティックレイヤーの育て方
hiroakis
0
260
LLMと共に進化するプロセスを目指して
ymatsuwitter
12
3.5k
PHP と TypeScript の型システム比較:AI 時代の「型」は誰のためにあるのか? #frontend_phpcon_do / frontend_phpcon_do_2026
shogogg
1
260
Microsoft Build Keynoteふりかえり
tomokusaba
0
100
Featured
See All Featured
Statistics for Hackers
jakevdp
799
230k
A better future with KSS
kneath
240
18k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.7k
Building an army of robots
kneath
306
46k
Music & Morning Musume
bryan
47
7.2k
SEO in 2025: How to Prepare for the Future of Search
ipullrank
3
3.5k
The agentic SEO stack - context over prompts
schlessera
0
800
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
inesmontani
PRO
0
400
Reflections from 52 weeks, 52 projects
jeffersonlam
356
21k
Typedesign – Prime Four
hannesfritz
42
3.1k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
35
2.5k
Paper Plane
katiecoart
PRO
1
51k
Transcript
Reverse Engineering APIs Raimon Grau & Michal Cichra 3scale
Inspecting APIs github.com/kidd & github.com/mikz 3scale
Debugging APIs
[email protected]
&
[email protected]
3scale
APIs Everywhere
Get in touch!
[email protected]
Cases of study • ‘Hidden’ API:
Sonos • Combining APIs: Bicing on steroids
Get in touch!
[email protected]
Sonos
Get in touch!
[email protected]
Sonos
Get in touch!
[email protected]
Sonos
Get in touch!
[email protected]
Sonos
Get in touch!
[email protected]
Sonos
Demotime!
Yay! :) or nay :(
Get in touch!
[email protected]
What else you could do? •
Transfer song from Spotify to the Sonos • Backup playlists • Stream the music to remote locations • Vote the songs added to the queue
Get in touch!
[email protected]
Case 2: Api aggregation Bicing +
Google Maps Source: Carlos Mejía Greene https://www.flickr.com/photos/carlitos/3101121106/ CC BY-NC-SA 2.0
Get in touch!
[email protected]
Improvements • Reduce transfer size •
Reduce roundtrips • Improve accuracy by getting info from multiple sources • Improve API interface
Get in touch!
[email protected]
Api Aggregation Mobile app Middleware Web
APIs requests responses
Get in touch!
[email protected]
Api Aggregation Mobile app Middleware Web
APIs requests responses http://techblog.netflix.com/2013/01/optimizing-netflix-api.html
Demotime!
Get in touch!
[email protected]
How we improved? Size Savings Response
time Original XML 131k ~0.7s JSON 80k 39% ~0.7s JSON with distances 91k 30% ~0.7s nearest 10 5k 96% ~0.8s
Get in touch!
[email protected]
What APIs to combine? Hue +
Google Calendar Google Maps + Foursquare Sonos + Last.fm Dropbox + Github Almost any, actually
Get in touch!
[email protected]
What do we get from it?
• As hackers we like to know what’s under the hood • Cross API • We can ‘discover’ hidden APIs. :) • It’s fun! • We can improve performance by aggregating multiple calls.
Get in touch!
[email protected]
Special Treat Primavera Sound Festival 2014
fake apps on Google Play Store real iOS app with a twist
Thank You and Happy Hacking! www.apitools.com @apitools -
[email protected]
[email protected]
/
[email protected]
phaya72
jumtech
oracle4engineer
nullnull
uvb_76
takatama
rfdnxbro
mtx2s
hiroakis
ymatsuwitter
shogogg
tomokusaba
jakevdp
kneath
philnash
bryan
ipullrank
schlessera
inesmontani
jeffersonlam
hannesfritz
marcduiker
katiecoart
![Debugging APIs [email protected] & [email protected] 3scale](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_2.jpg){kind=link}
![Get in touch! [email protected] Cases of study • ‘Hidden’ API:](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_4.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_5.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_6.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_7.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_8.jpg){kind=link}
![Get in touch! [email protected] Sonos](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_9.jpg){kind=link}
![Get in touch! [email protected] What else you could do? •](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_12.jpg){kind=link}
![Get in touch! [email protected] Case 2: Api aggregation Bicing +](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_13.jpg){kind=link}
![Get in touch! [email protected] Improvements • Reduce transfer size •](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_14.jpg){kind=link}
![Get in touch! [email protected] Api Aggregation Mobile app Middleware Web](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_15.jpg){kind=link}
![Get in touch! [email protected] Api Aggregation Mobile app Middleware Web](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_16.jpg){kind=link}
![Get in touch! [email protected] How we improved? Size Savings Response](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_18.jpg){kind=link}
![Get in touch! [email protected] What APIs to combine? Hue +](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_19.jpg){kind=link}
![Get in touch! [email protected] What do we get from it?](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_20.jpg){kind=link}
![Get in touch! [email protected] Special Treat Primavera Sound Festival 2014](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_21.jpg){kind=link}
![Thank You and Happy Hacking! www.apitools.com @apitools - [email protected] [email protected]](https://files.speakerdeck.com/presentations/b56d08b0ca3d0131569646e151884671/slide_22.jpg){kind=link}