Show HN: M3O – Universal Public API Interface (m3o.com)

110 points by asim ↗ HN
Hey all, I'm Asim, the founder of M3O, a curated catalog of APIs that provides simple abstractions for the most common API use cases. The idea is to create a single place to explore, discover and consume public APIs as higher level building blocks.

Most of the time I don’t use all the features of an API and I assume most devs don't either, so picking and choosing the common patterns, abstracting it away and surfacing a new building block is useful. For example, Twilio has a lot of APIs but I only care about SMS. Even then I just want a quick way to send it. So stripping it all away results in something that's one endpoint and 3 fields (from, to and message).

Another example is something like email. There are services like sendgrid that provide a really feature rich experience for email but I’m just looking for something simple that will let me send plain text or html.

There are a number of API marketplaces out there, but we’re doing something different—our goal is to improve productivity. For example, RapidAPI has thousands of APIs, but there’s a lot of duplication. It’s overwhelming for developers. Choice is the enemy of productivity. AWS, on the other hand, offers a curated catalog of services where each focuses on a specific problem. We feel the same: from an API perspective you only need one of each building block. You only need one SMS, Email or Geocoding service.

I've been obsessed with this problem since working as an SRE at Google in 2011, seeing how the internal platform and APIs were being used by teams. I then worked at a ride hailing startup called Hailo where we got to build something similar, and experience the velocity of development in shipping products on top of simple, easily discovered APIs. I spent the next few years bootstrapping an open source project called Micro, trying to get people to standardize their API development to reach this goal.

Ultimately it took raising funding to take a real shot at it. After seeing the productivity Google unlocked and what Hailo could have done with their platform, it was clear to me it could and should be a product: a single way to consume APIs with one platform, one account and one framework.

Our goal is to build an API catalog that can act as the building blocks for most use cases, and then double down on services that have a lot of demand so we can improve the features and reliability.

In the wild, every API looks different, the docs are different, you have to figure out if there's client libraries or not. We unify all that, so everything looks and feels the same. All our docs are generated based on OpenAPI specs, and we code generate examples/client libraries for JS, Go, Dart and the CLI. It means you only ever need one client to access all these APIs.

Unifying API development and consumption requires a lot of resources to do at scale, hence it's only happening inside fast growing startups and large tech cos. There are a lot of barriers to entry. Getting started isn't easy. Our approach has been to first nail API development for ourselves and then focus on API consumption by end users— ultimately we want to let anyone offer APIs on our platform. That requires enough large scale distribution and inbound traffic to make an attractive proposition to developers.

We've spent a year building the product with a lot of feedback on what worked and what didn't. We’ve signed up 8000 people, served 5M API requests and have 60+ APIs on the platform.

On billing: we're still figuring it out and would like feedback. It started as a free product, then moved into per request pricing. Unfortunately that's hard to scale without a lot of volume and it felt like people were more used to subscriptions for SaaS products so that's the route we've gone.

Anyway that's us, hope you try it out (https://m3o.com), and would love to hear your thoughts in the comments!

37 comments

[ 0.31 ms ] story [ 97.3 ms ] thread
Nice idea. Any plans on supporting GraphQL? I've moved all my API's over to that standard.
Yes we'd love to support graphql in the long term. I guess the question is the best approach. Everything in the backend is a microservice written using grpc. So we wondered whether we'd need to stitch the relationship between them all together first or just offer a straight up graphql API per service. Would love some thoughts on the best approach here.
My first instinct is definitely together, but perhaps namespaced, which will lead to some redundant naming but makes sure there are no conflicts. As a consumer you don't want to run to different endpoints all the time to get different things done, you want one endpoint and change the operation through the GraphQL query/mutation/subscription.
I thought this might be the case. Hence needing to do something federated. But initially we might be able to group all the schemas into one giant graphql server. I don't have enough experience with graphql personally so will probably need some help with this.
You might consider checking out www.onegraph.com and www.stepzen.com if you do go the GraphQL route [OneGraph as competition, StepZen as perhaps a solution]
You don't need to choose. You can do both. As graphQL let's you build extending other graphql api's, you could do one for each service, and a general one, this should work nicely with you current setup I think.

Thegraph is mainly this for web3 stuff no?

Is there a reason for using non-standard language features for module imports?

> const m3o = require("m3o")(process.env.M3O_API_TOKEN);

Should be using ES modules, and then allowing the creation of the m3o object with the supplied API token. This future proofs the code, because ES modules are part of the language spec. CommonJS/RequireJS was only ever a hack.

> import { m3o } from 'm3o';

I'm not sure why we did it that way. Will get one of the guys on the team to respond. I think it was about simplifying that initialisation but I sort of understand what you're saying. We still allow per API intialisation in the way you've mentioned.

> import { AddressService } from 'm3o/address'

At the time of writing the examples for the site we decided to use require as we had a lot of new Node.js developers and wanted to make sure they could just get going without having to know how to compile their code.

We will potentially move to import in the future, but people asked for require when the examples previously used imports.

With the package you can user import as an ES Module version is available:

> import M3O from 'm3o'; > const m3o = M3O(process.env.M3O_API_TOKEN);

Note: As long as the M3O_API_TOKEN environment variable is provided via a .env file then this is not required to be passed.

This is very well put together! The API feels very natural and has an obvious flow to it, easy to work with.

The vast majority of Firebase projects should have their needs more than covered by these endpoints/services. I doubt Google would mind if you were to take some of those lower-end customers off their hands ;)

In order to make this comment look less like a paid endorsement: I couldn't find the upstream sources or info on your pre-processing of the data endpoints (news, stocks, etc.). Sadly without this information they are quite useless.

I can see this going places.

Thanks for the comments. Yea so we used to say "Powered By X" to indicate what the APIs were backed by but it was a little hacky. We'll try to reintroduce something back into specify the "source". You can otherwise see all the source code for the services in a monorepo on GitHub https://github.com/micro/services. Would be interested to get feedback on a better way to make it available.
Woah, open source too, that is awesome! I'm currently learning Go, will try to get a PR in later this week.

Considering this public availability of your data source implementation details, a basic provider name listing somewhere in the docs would be good enough for me!

I really want to try make it all programmatic but yea in the docs is probably the easiest to start. Thanks for the feedback.

You can see the rest of the source for the site and client libs in https://github.com/m3o. I'm separating Dev UX from the actual underlying platform and services in the hopes that others might also build things around them.

I really like the product and the direction this is going! Especially for things like Authentication, DB, PubSub the value proposition, compared to tying a bunch of 3rd party services together or reading a lot of AWS docs (both options will be much more expensive), seems great. So I will definitely try out your service!

I do have some question for a bunch of the other APIs, and maybe this points to an issue I'm having in general with the service right now, it's missing transparency in the specs.

- Are things hosted on some other cloud provider, if so where? What region?

- What about uptime? If I end up building an application with all of these APIs, I do need a bit more confidence that things will be stable.

Some more specific questions

- the crypto endpoint looks interesting, but for me, it would be quite crucial to know where the data is from? How often is it updated?

- For the "Google" endpoint, I'm missing the option to select mobile or desktop results, and also what's the default region? Is this done via a headless chrome instance running somewhere, or just curling results? Do I have to worry that your IPs will be blacklisted by Google if there are too many queries?

- And a random idea for the "Comments" API it would be great to combine it with the "Spam" endpoint that's available for emails.

Really excited to see where this is going though! And I'm definitely going to follow you guys for new features and API additions, joined the discord a while ago, actually.

Thanks for the comments and questions. I'll do my best to answer them.

> Are things hosted on some other cloud provider, if so where? What region?

Our core platform is currently hosted on DigitalOcean in the London region. That will expand to multiple regions and multiple providers over time. We did start that way many years ago but with a small team it's hard to manage.

> What about uptime? If I end up building an application with all of these APIs, I do need a bit more confidence that things will be stable.

We want to be able to provide uptime guarantees in the near future. Right now I'll say based on our experience running it in the past 9-12 months it's feeling like four 9s verging on 5 but I don't want to jinx us. We are dependent on our providers but we're also people who have managed platforms for many years.

> the crypto endpoint looks interesting, but for me, it would be quite crucial to know where the data is from? How often is it updated?

Our crypto APIs are currently powered Finage.co.uk. We do some level of caching on our side but only for 5-10 mins. I'll try add some details around that in the overview. You can see the source at https://github.com/micro/services

> For the "Google" endpoint, I'm missing the option to select mobile or desktop results, and also what's the default region? Is this done via a headless chrome instance running somewhere, or just curling results? Do I have to worry that your IPs will be blacklisted by Google if there are too many queries?

This is using Google's custom JSON query API. It's pretty limited but we also started with a very simple usecase. You're the first to ask for anything more advanced and that's how we'd look into it. So happy to dig in more and see if we can work on it.

> And a random idea for the "Comments" API it would be great to combine it with the "Spam" endpoint that's available for emails.

Thanks will look into it!

> Our crypto APIs are currently powered Finage.co.uk. We do some level of caching on our side but only for 5-10 mins.

This seems very much at odds with the description of "up to the second cryptocurrency prices, quotes, previous close information, and news."

I wouldn't want to act on stale information, especially when the timestamp is truncated so much.

    crypto/handler/crypto.go:172: 
    rsp.Date = time.Unix(0, int64(res.Timestamp)*int64(time.Millisecond)).UTC().Format("2006-01-02")
I understand the need for caching, of course.
I think you'll find most providers are doing some form of caching but I understand your point. We shouldn't miss sell it. Thanks for the feedback. I'd like to try provide up to the second relevant data but it would have to come from an exchange like binance or something else.
What about utilizing your own pubsub to enable a websocket subscription to price pushes? You could still cache historic, folks can subscribe to events, charged for receipt? I don’t know how you have your backends but I wrote a trading platform once and this was how we did it. Don’t become a trading platform. Just provide a way to get the true latest quote if someone needs it.
Very interesting idea. I think a lot of people are asking for pubsub/events/websockets for updates on a number of APIs so if we can offer some sort of general abstraction to get events for any API that would be useful.
1- Please don't promote discord by enticing users to join a server to earn "extra credits". At least add in Matrix or IRC.

2- How does this differ from RapidAPI?

Thanks for your post and hope you success!

1. Appreciate your perspective on this. We're really giving people credits to write services. A number of people have already done so. I'm trying to get more and more people to help us build. Always looking for better ways to introduce that to people.

2. Paragraph above mentions. Rapidapi has thousands of APIs. Often duplication across many of them. We're very much focused on curation and one of each building block. Hopefully less choice means more productivity since you don't have to spend so much time figuring out which API to use. We also define our own APIs and client libraries whereas rapidapi is more of a proxy.

This looks great. I've had a similar idea, as we've had to build many of these utility tools internally for our team (address parsing / geocoding, Google search, proxies, etc). I wished there was just an easier, off the shelf, affordable option we could have reached for instead.

I'm the founder of BigPicture.io. We have APIs for looking up company data via domain, name, or IP address. I'm not sure if our APIs are potentially too "high level" for your platform, but I'm open to chat if you're interested in collaborating or just doing general user research.

Out of sheer curiosity - why name it M3O?
I believe it's a shortening of Micro -> m3o with the 3 representing the number of removed letters. In the style of Kubernetes -> k8s, accessibility -> a11y, etc.

You can find out more about Micro at https://micro.dev and https://github.com/micro (I am not affiliated).

When your email endpoint starts getting jammed up with spam and phishing, drop me a line.
Ah I remember when you launcehd micro - used to work at Mashape - good times!
I don't understand the pricing. For example, the free tier says "1M requests per credit," but what's a credit and how much does a credit cost?
If you scroll down it says it under the "API request" heading. 1 credit is £1 and allows 1M API calls. There are a few APIs that are charged above the base rate so that number will be slightly lower but effectively 1 credit is £1. The reason for using credits is because a lot of our users complained of currency fluctuation and preferred not to have something dollar denominated.
Some questions come to mind after poking around the catalogue (having worked in an enterprise that ended up with many API catalogues, and now many APIs in startup land, I get the pain point).

- What's the difference between currency and forex? They look to be serving the same case, but in different ways, without reference to one another - challenging the implied claim to "this is the best way to X"

- payments. Stripe/... integration into any moderately saas business is a ball-ache. Current "subscription management" services are woefully, laughably inadequate . If you had a /pay endpoint, where I could offload payments, I would have been quite happy indeed - email. Needs better documentation. When sending an email through this interface, is there impersonation? Or is it "me@mine.com <someemailservice@someintermediary.foo.bar>"

Neat idea - the enterprise survivor in me wishes you success

Thanks for your response and questions. On the point of payments. Yes would love to do this for payments. We've abstracted away stripe in this way internally but offering it to everyone is more of a question of how to do it right. Do people want to use their own stripe account? If not do they want us to manage their payout details and customers? It's worth doing but only if we can do it right.

On currency vs Forex. The Forex service is more for those needing trading data, that's what it is. The currency service is more generally useful for providing currency conversion in your website or app or that's how I think of it.

# I'm so frustrated, this product was advertised so many times and it also was "rebrended" a lot. At first it was an API hub, then it became an alternative to AWS, then the author was selling it as serverless thing, now it is Universal Public API Interface.

Author is also know for working on project called micro that changed the license once so you could not use it for any purpose that competes with the project, but it was changed to Apache later again. Such bold decisions of the author and now the creator of m3o service makes one to think twice before trying the product. Link to the commit: [Update LICENSE · micro/micro@31c1254 · GitHub](https://github.com/micro/micro/commit/31c12547b9cd4a4fd0176b...)

Besides all of that product is bad, therefore doesn't suite for production use cases. A few points:

1. Pricing is dumb. "Unlimited API requests", "1M requests per credit", what does it mean?

2. Community support? Where is the community and the community can answer my questions if you don't have any documentation?

3. Any SLA? No even for Business plan?

4. Authentication and user management. Are you crazy? Who is going to use it? No idea is the data encrypted or not, can I backup it? Do you have failover solution? Again, SLA? This kind of API can't be just used by anyone in any production environment.

5. SMS API relies on credits. Where is the pricing for credits on your website?

6. What about OpenAPI, JSON Schema or GraphQL? JS, Go, Dart and Bash SDKs are not enough. You probably don't have enough resource to cover 99% of the most used programming languages, so just publish OpenAPI spec and let the customers to generate code in Java, for instance, until you finish the SDK for Java.

*Conclusion* It seems that m3o is just a pile of different API that are supposed to be an alternative to SMS provides like Twillio, some finance APIs, Email providers like Sendgrid, a few products from AWS etc. Yet it doesn't even cover a 1% of the features that those companies do provide.

Please, be responsible for your product, don't mislead your customers. If you want people rely on your product in production put in alpha or beta stage, make it free or let a limited number of users test it, work on every API you want to provide thoroughly, write documentation AND then put sell it.

Thanks for your honest and critical feedback. Let me try to address your questions head on. First let's start with context. I've been working on the ideas behind and around Micro for 7 years now. The first 4 years of which were solo and bootstrapped. It started with the idea of building a "platform for microservices". I spent that initial time focused on an open source framework called Go Micro and then a companion toolkit called Micro. These were what I thought as the building blocks of a platform and my hope was to create a standard in the industry that would lead to everyone building services that could be shared and reused. It was pretty hard going, I burned my savings for a year, then a friend was gracious enough to put his name on the line and sponsor my work at his company. But I was still largely doing this solo coding 18 hours a day in my apartment. Eventually I managed to raise $2m in seed funding May 2019 after failing for the 4 years before that. That changed everything. I was able to hire a team and try to execute on the goal of building a platform for microservices. It also meant massively overhauling the open source project to support that.

The licensing change you're referring to is at a time when we were writing a v3 of the software (again major overhaul) moving from a toolkit to a PaaS like product. At that time AWS was picking up popular open source projects and running them without contributing anything back. I watched the hard work of so many people I knew personally just get lifted and profited from with nothing in return. I also saw them fightback using custom licenses. Cockroach, Mongo, Redis, Elastic, Confluent and others all relicensed to address the issue. I tried to learn from their experiences and my assumption at the time was, we need some sort of new licensing standard and that Micro should adopt something like that too so we don't run into this future problem. I saw Heather Meeker, who wrote most of those custom licenses do something called Polyform, trying to create this standard, so I started to think about adopting it. We had gone from this solo bootstrapped project to VC funded and I was trying to turn this thing into a real platform which meant the project was effectively being totally rewritten and v3 was a massive departure from everything it had done before. It was clear we'd be leaving behind those existing users and so I made the decision to relicense. I used the information I had at the time to make a decision, whether it's right or wrong in the eyes of users, it was the decision I made.

You have to understand, I'm a developer who believed in everything being free and open and doing the right thing in the open source ecosystem. But I had also spent 5+ years giving away free software with little contribution in return, I had one corporate sponsor and everyone else was just using the software filing issues, complaining on slack, etc. I was so grateful in the beginning to have people use something I wrote, but I became resentful of that fact the longer it went on without anyone contributing back. I was personally struggling, mentally, financially, but no one really cares about that side. People just care that you give them free stuff.

So the licensing change was based on a complete rewrite, move to v3 and watching the industry shift. I was in that space, I had to act accordingly. In time as our PaaS efforts failed, it became clear this wasn't going to be a thing we needed to worry about, so I switched back to Apache 2.0. That's the gist of it. People make mistakes, but we're also just trying to do our best. I have more empathy for Solomon from Docker, Shay from Elastic and others now than ever before. None of us are doing things maliciously, none of us are trying to pull a bait and switch, we're just doing the best we can. It's blood, sweat and tears. But you can only know that if you live the journey.

On your frustrations around the rebranding. Startups pivot. What can I tell you. We're quite lit...

I'm just here to say, this is a very thoughtful response. Thanks for replying to the criticism and providing context.
I wanted to build something like this a few months ago.