[rvnx]

And the moment your SaaS is growing, and your customers request access to your API:

Instead of just implementing ACLs/permissions on existing APIs you have to develop and maintain two APIs, one for the customers (that will get outdated with lot of missing features and be less battle-tested) and one “real API”.

[paulddraper]

Releasing a public API is.....an enormous commitment. Anything you do has to be maintained for years.

[BytesAndGears]

Agreed, and my company has done exactly that.

Our public API is fit for the use-cases of our big customers that want deep integrations, and our frontend’s API is able to handle our specific workflows.

We have a bunch of shared backend code, but the endpoints that our API customers use are very specific. Sometimes we build custom endpoints for a single customer which would be useless for our frontend/services. Keeping them separate allows them to gain needed functionality without trying to bolt it on to existing internal APIs, and cluttering it all into one messy blob.

Of course our internal API is a mess in a bunch of other ways but at least we don’t have to deal with the public parts making it even messier