Always validate 3rd API data. Here’s why.

Download a free copy

This is what I think, hear me out. Just because the data is coming from a TRUSTED 3rd party API doesn’t mean you blindly trust, store, and let your users consume it.

This is because even though the APIs generally return predictable responses there’s a possibility they mess up (even if this happens for a minute before someone reports and engineers fix it).

And if you’ve been consuming that data to make decisions and build your own dataset you’ll unknowingly introduce anomaly.

This is why we should have checks where possible. For example, if a property is supposed to be String then it better be, every single time.

Just because API version hasn’t changed it doesn’t mean the risk isn’t there.

For example, let’s say a payments API returns “status” of the payment which you store in your database. You’ve read the docs, and the status can be “successful”, “declined” or “pending”.

What does your system do IF it returns “cancelled”? Do you simply store it? You probably would, this would simply break other parts of your system.

Leave a comment

Your email address will not be published. Required fields are marked *