Good set of tips. Some tips and tricks that we have learnt when building an API for http://supportbee.com (a JS app in the frontend)
1. Stick to the restful patterns as much as possible. One benefit is that models written in frameworks like Backbone and Spine can start talking to your API right out of the box. Also the other benefits of predictably etc apply.
3. Devise (https://github.com/plataformatec/devise) features an auth_key based authentication making it really easy to give our API access to your users even during the beta phase (before you have fancy Oauth etc rolled out)
The single most useful thing is to use your own API to drive your features so it's dogfed and well tested by the time you roll it out.
I've been using acts_as_api [1], since (aside from the other features) it makes it really easy to version and "subclass" your APIs, and it keeps the presenters for each model separated (really useful for nested responses). I've found that it's really important to version your APIs from the get-go, especially if they are public-facing.
1. Stick to the restful patterns as much as possible. One benefit is that models written in frameworks like Backbone and Spine can start talking to your API right out of the box. Also the other benefits of predictably etc apply.
2. Resfulie (http://restfulie.caelum.com.br/) and Tokamak (http://rubydoc.info/gems/tokamak/1.2.1/frames) are super useful.
3. Devise (https://github.com/plataformatec/devise) features an auth_key based authentication making it really easy to give our API access to your users even during the beta phase (before you have fancy Oauth etc rolled out)
The single most useful thing is to use your own API to drive your features so it's dogfed and well tested by the time you roll it out.