Developers Don't Understand UUIDs

Developers Don’t Understand UUIDs

UUIDs

UUID stands for Universally Unique Identifier which is a 128-bit number that can be used to uniquely identify some information, object or entity in computer systems. For simplicity, consider an analogy of a school where a student can be uniquely identified with the help of his id. For instance, a student named “Alex” has a id of 37 which means that he can easily be identified by his id. It can be even more useful if there are two students with same name because their records can be identified separately with the help of their id.

Similarly UUIDs also help in uniquely identifying some information. Examples using the uuid4 algorithm could be f9cc904e-1ab6-458c-9deb-da33a4c6bd05…etc. The advantage of this is that we can generate ids on that are near unique and collision-free on different machines. However, it is gibberish for humans. UUIDs are much more complex and thus more difficult for humans to understand.

UUIDs are made to be unique and secure by design. UUIDs can be generated practically forever. This is smart, but the problem is that they are made for machines not for humans. Most people have difficulties seeing what things are about let alone to remembering them.

For Example

Consider this URL:

https://www.airbnb.com/trips/v1/878728b5-ba83-4e6c-9ebd-181217b92847

878728b5-ba83-4e6c-9ebd-181217b92847 does not look nice. In fact, it looks like absolute gibberish to humans. However, if you publish an unique name that is more memorable and funny, the users can familiarize it, making a more enjoyable experience of using your web page more.

Examples of Unique names:

  • cute-bunny
  • meaty-fishhead
  • flamboyant-goat

Sweet UUIDs - A smart alternative to UUIDs

At this point you should be excited to turn your UUIDs into funny names. For public facing identifiers you can use what we call Sweet UUIDs. You might ask why they are called Sweet UUIDs. Because instead of using a long and hard to memorize UUID you can use the sweet combination of a funny word and a complimentary adjective. As a result you get a user-friendly memorable UUID and that is just plain sweet.

The idea is to use Sweet UUIDs for customer interfacing things like URLs, but not to rely on them to be bruteforce-secure. Where an access token is concerned, a UUID is better, whereas a Sweet UUIDs are better for the following kind of URLs:

What To Choose - Comparison of UUID & Sweet UUIDs

The following table highlights characteristics of both UUIDs and SUUIDs so you can choose what’s appropriate for your needs.

CharacteristicsUUIDSweet UUIDs
Should be used when visible to peopleNoYes
Can be used for tokensYesNo
Make it hard to brute forceYesYes
Reveals info about internal systems (e.g. how many customers does the company have)NoNo
Collisions occurAlmost NeverNever

How to make Sweet UUIDs

You can download word lists that have adjectives and nouns, combine them and then a system that does not allow you to reuse combinations. At apiJack, we have already done this so you can kick-start your Sweet UUIDs using our simple API.

apiJack API for Sweet UUIDS

API call to Sweet UUID endpoint simply returns a unique sentence that can be used as a UUID. You need at least 30 credits to make a call to this endpoint.

In the following example, replace "yourkey" with what is found in the control panels keys section: https://app.apijack.com/app/controlpanel/keys

You can also receive a mail with your key by entering your email:

Curl Example

curl -d '{"key":"yourkey"}' https://api.apijack.com/suuid

# Sample Response

{
    "error": null, 
    "suuid": "meaty-fishhead"
}

HTTPie Example

http -b POST https://api.apijack.com/suuid key=yourkey

# Sample Response

{
    "error": null,
    "suuid": "amused-summary"
}

Pricing Structure

Each request requires a certain number of credits. You can see your credits in the dashboard using the following link. https://app.apijack.com/app/controlpanel/dashboard When you sign-up, you get 5,000 free credits, which results in 166 free names.

API call to /api/suuid costs only 30 credits.

After you have used your initial credits, you can refill your account by choosing one of the three packages according to your needs. After logging-in, you can access these packages from the following link: https://app.apijack.com/app/controlpanel/refill

Advantages of using apiJack

With apiJack you get all a vast amount of functionality at your fingertips without any problems. We have went the extra mile to simplify and document our API so all functionality should be workable within minutes instead of hours. Errors are standardized and documented. If you can't get it to work, there is free techinical support at mail@apijack.com where a engineer will respond back within 24 hours.