If an organization really wants to empower its users, it needs a way to provide maximum power to the user with both safety and security. APIs allow you to design a solution that's not simply the average of these extremes, but rather provides 90% of the power with 99% of the security.
This is a list of 10 best practices that are more subtle than your average Josh Bloch Effective Java rule. While Josh Bloch's list is very easy to learn and concerns everyday situations, this list here contains less common situations involving API / SPI design that may have a big effect nontheless. I have encountered…