Smartcar has raised $12M in financing from A16Z and NEA. The difference between $12M and $55M is a single financing stage.
What likely happened here is a remote team was paid to generate docs with a directive like, “Smartcar has a good API,” and stole them directly. Then the management team didn’t bother checking.
This is great PR for Smartcar all things considered, and I actually think has a fantastic silver lining:
The value of a good API isn’t the API itself. It’s the expertise of designing them. APIs are difficult, the majority of the industry sucks at designing and delivering them. Otonomo can always copy you, but if you have the actual expertise to continually deliver a fantastic API experience you will win in the long-term. Stripe and Twilio are your proof points. Go get ‘em, team.
Bessemer invested in Twilio and they know this, and the Otonomo team just showed them that they’re incompetent in the API space. So — I think you’ve got a bigger leg up than you think.
> What likely happened here is a remote team was paid to generate docs with a directive like, “Smartcar has a good API,” and stole them directly. Then the management team didn’t bother checking.
If a remote team is writing your API documentation by copying and pasting, then what is the actual implementation team building from?
I didn't down-vote you, but I imagine it's because you just repeated "out of" without explicitly clarifying which definition was meant (though it's more obvious in your version, at least to a native speaker).
For what it's worth, the usage here means "from within."
Can you confirm that more of their API other than the authorization code was duplicated? Honestly duplicating auth APIs are perfectly fine. If you showed proof of business APIs being duplicated, I'd have more faith in your claim. Right now this looks like a publicity stunt on a baseless argument.
Unless I'm going crazy. I guess we have a big industry problem around auth then. We only have some many types/ways to implement auth and we all use them.
Remote teams can be responsible for both implementation and documentation.
I’m not saying that’s what happened here necessarily, but I’ve seen this pattern repeated before (less egregiously). Founders can only do so much and most people are completely ignorant of the value of a good API, so it’s not hard for an executive team to say, “make it like that other one,” instead of staffing out the proper team.
> What likely happened here is a remote team was paid to generate docs with a directive like, “Smartcar has a good API,” and stole them directly.
They didn't steal the docs (not only the docs). They stole the whole public facing architecture as evidenced by the fact that they are using in some instances the exact same API resources names and method names.
But we don't know that, do we? They only showed some auth code. The OP does _not_ show that Otonomo has duplicated any business APIs, and Otonomo took their docs down. Unless someone has proof Otonomo copied more than just the examples documented in the OP, this is just pure PR fluff.
Yes, unless the business API was duplicated as well (and as noted above, there is no indication that they were), it just points to someone being lazy in writing up auth documentation.
Duplicated parameter names would be expected in this case, and preferred actually, so that they conform to the OAuth spec :-) The descriptive text is not an exact copy as well. From what we know, the only damning bit is that parameter values were exactly the same as in smartcar's documentation, which while not condonable, is not as egregious as it would be, had Otonomo cloned the business API as well.
I would like to believe that interoperability trumps copyright in this case - a competitor copying an API/protocol and making a compatible, competing service is good for the consumer.
I'm not saying that. I'm saying that if they copied parameter names verbatim, it's very likely that they designed the API with the same public facing approach. Possibly with the goal of attracting Smartcar customers with the premise that they just need to change an endpoint and an api key and it would work out of the box.
And BTW, your first line doesn't add anything to the conversation. Is your argument stronger by saying that "I don't know what I'm talking about"? Check the guidelines: https://news.ycombinator.com/newsguidelines.html - The idea here is to have a civil discussion.
The APIs in the blog post were not invented by Smartcar. Like most HTTP-based APIs, Smartcar's authorization endpoints follow the OAuth 2.0 standard, which specifies the exact parameter names and how they should work: https://tools.ietf.org/html/rfc6749#section-4.2.1
Maybe Otonomo copied more than that, but the blog post only covers the OAuth stuff, so it's incorrect to conclude that Otonomo "stole the whole public facing architecture".
Yea, Otonomo obviously lifted from Smartcar's docs, which is lazy and unclassy, but it's not _that_ big of a deal. I bet most people who implement OAuth end up using an existing company's API docs as a guide; they just usually know better than to copy entire sentences.
The Smartcar blog post is over the top. It makes it seem like their OAuth docs are their value proposition. I really hope it didn't take "months of ideation, engineering, chatting with customers, and iteration" to dream them up.
What likely happened here is a remote team was paid to generate docs with a directive like, “Smartcar has a good API,” and stole them directly. Then the management team didn’t bother checking.
This is great PR for Smartcar all things considered, and I actually think has a fantastic silver lining:
The value of a good API isn’t the API itself. It’s the expertise of designing them. APIs are difficult, the majority of the industry sucks at designing and delivering them. Otonomo can always copy you, but if you have the actual expertise to continually deliver a fantastic API experience you will win in the long-term. Stripe and Twilio are your proof points. Go get ‘em, team.
Bessemer invested in Twilio and they know this, and the Otonomo team just showed them that they’re incompetent in the API space. So — I think you’ve got a bigger leg up than you think.