Developing with the Community: The Riot API

By RiotExLibris

We recently announced the winners of our 2nd API challenge, and the dev community continues to grow. Read about the origin of the API below.

Almost two years ago, we opened the digital floodgates and sent League data rushing out into the community via a new application programming interface (API). Requests (known as “calls”) through the API went directly into our game servers, offering up terabytes of juicy data for community devs to devour. What began as a weapon against unauthorized attempts to siphon raw data from live servers (known as scraping) became a powerful collaborative tool for devs both inside and outside of Riot.

Riot’s Developer Relations team works with the League community’s creators and purveyors of third-party apps, features, and other programming wizardry. But, “It was a fight against scraping before it was about the community,” David Pritchett, Developer Relations specialist, admits. Developer Relations and Third Party Ecosystem manager J Eckert adds, “It was about protecting the player experience by protecting the platform. We needed to find a way to discourage third parties from scraping live servers and impacting server performance as a result.”

Back in 2011 and 2012, server platforms like Europe West were scaling at a rate none of our platform engineers had ever encountered before, and our old tech suffered stability issues. A few Rioters felt websites harvesting League data from our live servers could contribute to the problems we were seeing.

Sites would fake client sessions in order to scrape the servers -- they needed accounts to do that. So site owners and devs created bot accounts to send thousands of requests for game-related information. Eckert says, “The biggest negative impact players could feel was on log-in queues, because as soon as we would bring the servers back up, all of the bots would try and reconnect and clog the queue.” Normally there’s spacing between real players connecting, even if it’s just milliseconds, but with bots, they all log in at the same exact instant the servers return.

In addition to the potential stability problems and the definite log-in issues, “Scraping was, at least, white noise when we were troubleshooting,” explains Eckert. “There were a lot of connections and we didn’t know which ones were hurting us, and it was impossible to tell with all of the static, so we decided to try and get rid of some of it.” Cutting down on the thousands of extra requests for game data would either make things better, or we’d at least be closer to figuring out what was happening.

Pritchett points out, “There was never a smoking gun pointing back to scraping definitively [as the cause for service instability], but we knew it was happening, and it was happening on significant scale.”

Fan art by SizoW

Developing an official API wasn’t the first thing we tried in order to cut down on the rampant automated requests for large volumes of data. Pritchett points out, “Ban waves of accounts we knew were scraping did have at least some positive impact, but it wasn’t much.”

Enter a small group of Rioters who had it in their heart to get more data out to players. “There was a side project started by a Rioter who wrote the code basically overnight, like over a weekend, and that was the very, very early inception of [the API],” says Pritchett.

Teams working to maintain service stability realized that providing sites with official data would cut down on extraneous calls. Pritchett emphasizes, “The point was that we had a bunch of players with very valuable skillsets, who were using those skillsets to help other players, even if it was in ways that we might not have been fully comfortable with. By working with them to build this API (and the community around it), we could address player feedback and concerns in ways that are meaningful and faster to market than a big dev can usually provide.”

It wasn’t perfect. Pritchett is candid about the limitations of early implementations: “When we were first shopping around the API to a smaller group of sites, we were getting a ton of reasonable questions.” They would ask if the service was as stable, as data-heavy, or as useful as the scraping methods they were using before. Pritchett says, “We had to admit that in most cases the answer was, ‘Not yet.’”

Having identified those shortcomings , we took notes on what devs needed and what they expected from the API. Pritchett finishes, “We tried to tailor the service to fit those specifications to fully get those devs on-board with the project.” Eckert adds, “We’ve since been able to hit parity with the methods they were using to get data before.”

To the Developer Relations team, it all comes down to a really big carrot and a really small stick. Eckert describes the carrot, “We’re trying to make as many incentives as possible to work with us: sign up, get access to the API, get a lot more support, gain access to the community, talk to us one on one. It’s designed to be a huge bonus to be part of this.” As for the stick, he adds: “It’s not about punishments or penalties for coloring outside the lines, devs who choose to ignore the community just don’t receive the same resources and support.”

We love sharing our data and we’re excited every time someone finds a new use for the firehose of numbers gushing from of our servers. Now the API lives in three data centers around the world, servicing millions of calls to game servers in every Riot region for over a thousand independent devs. All the while protecting players from slowdown, disconnects, or other stability issues that might have otherwise been related to that kind of call volume.

In hindsight, the decision to start developing with the community through an official API was obvious, J Eckert concludes. “Passionate people who love the game and who know how to code are going to make stuff,” he says. “We just want to help them do it in a positive way.”

3 years ago

Tagged with: 

Related Content