AI APIs: Feedback required

Hi there,

We have released a bunch of APIs dealing with images and documents. I am really looking for people with experience in API development and testing to let me know if they find them useful (hopefully) and what use cases they can think of that would make these APIs shine.

thanks!

have a look here: https://apyhub.com/blog/change-log-10-01-24

Top comments (4)

Ranjan Dailata • Jan 13 • Edited

General Feedback

On "Apyhub", Please add an ability for the consumers to set up or configure the keys for Azure, Google, etc.
Go with the public key mechanism and do not utilize the raw API keys by consumers.
Provide the Apyhub account admins with an option to manage users with dedicated permissions. Generally, the users should use their public key to access the APIs, so no real API keys are exposed. Hence, the admins can activate/deactivate users at any point in time.

Document Conversion API Feedback

The document conversion APIs are the most helpful ones, However, I do not see an option to specify the provider other than 'Azure'.

Reference - AI document extraction

Please do not accept the 3rd party provider keys from the consumers unless it's required. Instead, have the default 3rd party provider to be on your end. You could make the consumers aware of it. Also, let the users decide to override if needed.
The API Keys for 3rd party providers are ok but could be an optional one.
Please list the security and compliance on each of the API usages. Also, have a dedicated section highlighting the same.
At the moment, I am unable to test the document conversion APIs as I do not have a dedicated Azure Account. Moreover, the Azure Pricing is too expensive for me to test and provide you guys the feedback :)
Here an interesting issue which I would like to high-light. Although I did not have the Azure Provider key, on your portal, I tried to test and the API request failed. The UI did not show the meaningful error, but I was able to know that the API was expecting the 3rd party provider key via the browser console. Now coming to the major issue, please check below, the Atoms are being consumed even though the API is failed to process the request.

Image Detection API Feedback

The majority of the consumers would be surprised or thinking about where these APIs are applicable. Hence, do not assume that the users are always the "Developers". Always have a bigger vision to explain the APIs to all kinds of users, including business folks.
Please specify the use cases in detail where these APIs could be used in real-time.
Write a great blog post related to it, for example - How to perform facial detection for handling the real-time KYC.
It's interesting that the image detection API has two 3rd party provider options listed, i.e. Azure and Google. However, I do not have 3rd party provider keys of my own for testing and providing you guys the feedback. Moreover, it's highly expensive.

cc @iamspathan For Awareness

Nikolas • Jan 17

Hi again @ranjancse for the very thorough feedback.

Just to answer to a few points:

Regarding the AI APIs, we have added the option for the users to add their own key - as you noticed, for some we are only allowing for the Azure key - but we are working to get more providers soon. Ultimately, for each API there will be a few options to choose from.
On top of that we are also working to allow a second option which is to use the ApyHub key for consuming these APIs. This will allow users who dont have/dont want to bring their own key. This is also coming :)
Regarding the atoms usage, this is indeed a point to underline: The overall atom/API usage gets calculated based on successful (200) & failed (400) Requests. We are including the 400 failed API requests because even if it was a user error (like not passing the proper payload etc) we still have to process the payload. On the other hand, 500 and 429 are NOT considered when calculating the overall atoms usage.
Regarding the user management: We already have a user management system in place. As an admin, you can easily manage team members and their permissions by accessing the 'Workspace Settings' in your account. Here, you can activate or deactivate users as needed, ensuring secure API access through their public keys without exposing real API keys. One of the reasons you might have not seen this is because the starter plan only allows for 1 single user.

In general thanks a million for your feedback - You also mentioned some important aspects like highlighting the use cases for each API, and more. We are constantly working on ensuring that this kind of feedback is circulated and added in our roadmap/fixes.

Let me know if I have missed something. - or even better - do reach out to me or our dev rel team for a call or a demo where we can dive deeper in each of these items.

Nikolas

Ranjan Dailata • Jan 17

Great, thank you for summarizing and responding to my feedback. Majority of the SaaS based platforms which I worked, for which they only charge based on the successful requests. However, it would be unfair if you are considering the 400 bad request errors. The 400 Bad Request response status code indicates that the server cannot or will not process the request due to something that is perceived to be a client error. The final decision is on your end, but I just wanted to convey my feedback :)