Nothing ventured, nothing gained

A friend of mine recently wrote about his experience with the free online file storage service, Box.net. I admit I wasn’t surprised to hear about his less than stellar experience, as I ran into several situations where the Box.net crew left me wondering if they were actually serious about running their company.

I have a similar list of issues, but not from the perspective of a user, but as a developer of their public API.

Flashback to February, Aaron contacted me with a request to do a review on the relaunch of Box.net. I really didn’t want to write a review, but I wanted to do something useful for them, so when I noticed they had a developer API, I decided to do them a favor and provide an implementation in Java. It started out easy enough; a very simple REST API–you send HTTP, they send XML.

Fast forward a few months, several emails, and no results later, the list of problems with their API had grown, or perhaps I had just discovered all of them. Since sending email to them doesn’t seem to have any positive effect, I thought it would be nice if I provided issue tracking services by listing the bugs (and gripes) I have with their API. So, in no particular order:

1. None of the developers hang out on the chat room anymore.
2. The documentation is terrible; there are values that aren’t documented, and there are results that aren’t even mentioned.
3. There is an error on line 141 of /var/www/box/modAccountUpload.php
4. File uploads don’t work if the file already exists. In addition, the response doesn’t indicate a failure.
5. If the request is incorrectly constructed, a PHP fatal error occurs. An XML response with details on what I missed would be helpful.
6. Of course, you couldn’t prove any of this since the API documentation page is password protected and requests for access fall on deaf ears.

The last bullet point really made my day. All of a sudden and without warning, the page–you know the one documenting the publicly available API–became private.

Now, if you’re reading this, you might be asking yourself: “Jeez, why is this guy making such a big deal about a bad API?” You know what, in the grand scheme of things, it probably isn’t. In fact, by tomorrow, I will likely forget what I wrote for bullet point 4. But then again, the same guys running the company wrote the API… the buggy, undocumented, and closed API.