This is a crucial failing in far too many security products. They see buggy instantiations of their API all over the place and start ranting about incompetent developers instead of asking themselves why otherwise smart people are struggling to use the API.
The developers aren't all idiots, they are following your incomplete documentation and using the buggy and incomplete example code you provided. Or they are using the buggy example code they found online because you didn't provide any. If your API isn't useful without first taking a college course on the problem domain then that is a problem with your API and probably documentation. The whole point of an API is to encapsulate the complexity and provide the user a tool they can use without having to first learn everything about it.
There are a lot of poor quality products out there, and security products are no different. They too follow a distribution. I am not sure why the parent comment uses the second person. I too find security products to be a liability sometimes, and, if an API does not deliver, will try to switch it out.
The developers aren't all idiots, they are following your incomplete documentation and using the buggy and incomplete example code you provided. Or they are using the buggy example code they found online because you didn't provide any. If your API isn't useful without first taking a college course on the problem domain then that is a problem with your API and probably documentation. The whole point of an API is to encapsulate the complexity and provide the user a tool they can use without having to first learn everything about it.