If I have a SaaS app with a distinct front-end and API and want to allow third parties to access my API for building integrations or other purposes, should I set up a separate API endpoint (like api.example.com) for public use, distinct from the internal API that's used by my web and mobile apps? What are the best practices here?
1 Answer
It really depends on your specific needs. If you can clearly differentiate between public and internal API calls—through paths, hosts, or headers—it’s a good idea to create a separate endpoint. This way, you can manage load balancing effectively and ensure that your internal API remains performant even if the public API is under heavy use. I usually opt for a separate application within the project to handle the public API, ensuring correct access rights are managed as well.
Yeah, separating the APIs is also great for performance. Plus, it lets you monitor resource usage for the public API better. If it's consuming a lot of resources, it could prompt a price adjustment for external access.