How Many APIs Does the Average Enterprise Have?
Understanding the technology, business, policies, and people of Apis.| API Evangelist
Before I understood the business and politics of the API hustle I used to cry fowl here on API Evangelist about the sudden shifts in plans and pricing for APIs, as well as the unfair and restrictive rate limits put in place for the APIs I depended upon. These things still hurt, and often negatively impact my business, but I am much more aware of the market forces at play now and I understand that it is just “markets working things out”.| API Evangelist
One of our trusted advisors for Nafitko sent this tweet over to me about there being a big consultancy opportunity involved with “finishing folks Replit and Loveable apps”. I chuckled because this cycle has emerged after outsourcing to [fill in blank] country, and a variety of low-code and no-code trends trends throughout this centruy. It is always fascinating how much money there is to fix broken things and not actually doing the proper planning and design, while also bringing in the pro...| API Evangelist
I have hit the wall one more time in the last five years when it comes to my belief that people producing APIs will want to do the right thing. Whether it be API design-first, productization of APIs, governance, or any other narrative we’ve constructive narrative we’ve constructed to guide SMB, SME, and enterprises forward. The majority of this rhetoric is in service of selling you something, and the few people who do care about doing APIs well within large organizations just do not have ...| API Evangelist
As we work to build Naftiko, we are interested in talking with people about what they are facing when it comes to putting APIs to work. Throughout the summer we will be having conversations with people we know, and hopefully many people we do not know about what they face when it comes to API integration and consumption at scale. We are looking to understand the business and technical challenges everyone is facing when it comes to the consumption of any APIs and data currently, or as part of ...| API Evangelist
While at API Days in NYC a couple weeks ago, I heard from several people that they missed the Breaking Changes podcast when I was the host. And that the show had a certain tone and line of questioning they found extremeley useful in their work. I agree. And specifically it was season two of Breaking Changes where I was able to hit a stride with the conversations where I was learning a ton, which is something that tends to translate into a meaningful show that helps the audience stay engaged. ...| API Evangelist
I have been engaged in a number of conversations with folks since I left Bloomberg last August, consulting and exploring different ways that I can work with startups and enterprises to govern APIs. I have been open to full time positions and consulting work, while still investing in content and artifacts for API Evangelist. I have also been cultivating and steering my work as API Evangelist towards some potential startup ideas for when the right people come along. Well, the right person has c...| API Evangelist
I see two distinct types of API governance unfolding within enterprises who view their operational culture and their workforce having different levels of understanding and respect for leadership. I get asked to come in and provide advice, guidance, and even enforcement of API governance, and once you begin to ask a few questions about their current understanding of what API governance is and what business or engineering would like to accomplish with API governance–you can usually put enterp...| API Evangelist
I have heard it several times now, folks in charge of API governance sharing with me that they are finding success in injecting API governance into developers workflow using artificial intelligence. They had tried changing behavior with teams through meetings, sprints, workshops, and other approaches unsuccessfully, and now they are finding that developers question things less when it is introduced via artificial intelligence available in their integrated development environment (IDE). It is ...| API Evangelist
I learned over a decade ago why API discovery isn’t a solvable problem within the world of technology—the people in charge of the narrative don’t see business, they see technological solutions. Pundits in the API universe often give a blank nod towards APIs.json as part of the API discovery solution, but rarely ever put it to work and adopt as part of their narrative. Why? Because APIs.json provides references to the technical bits they care about, but also provides references to the bu...| API Evangelist
I am an equal opportunity hater of automobiles as well as the Internet. I see them both as equal destroyers of the earth and humanity. Of course, one can argue that both of these technologies have benefits, but once can also easily argue they are widely misused and have very damaging effects on our world. As I was thinking about these parallel universes I was pondering how automobiles are also an “agentic”, in the same sense that “agentic” AI is being hustled right now. They are both ...| API Evangelist
While continuing to process the Spectral rules in use by API producers as part of their efforts to govern their API operations I am always looking for interesting and useful patterns being applied by API producers, and I recently came across the use of standardized OpenAPI extensions to override governance rules in specific circumstances. This particular use case was about enforcing encryption on server URLs, but it also provides a way to override the need for encryption using x-sandbox OpenA...| API Evangelist
You hear a lot about feedback loops with customers in technology and the world of APIs. There are entire disciplines dedicated to establishing and managing feedback loops with customers as part of the software development lifecycle. However, in my experience few technologists and engineering leadership within startups and enterprises are actually interested in listening to, let alone engaging with customers via these feedback loops. As you can see with the current state of technology and arti...| API Evangelist
I learned about the usage of the word “open” the hard way during the Web 2.0 dayz. I was the frontline of the open data and open API (and OpenAPI) push. Like with APIs, I was the face of various charges forward to open up government, higher education institutions, and other structural aspects of our world when it came to calls for opening up data and valuable digital resources. It took me about five years to learn that the calls for opening up data and other digital resources was about op...| API Evangelist
The spell of AI is strong today. It is difficult to escape. Most do not have a choice. I am not here to do the work for folks to compare the latest AI moose diarrhea with reality, but I am here to remind you that you do not need agents to automate your business. I am here to remind you that it is not the most cost effective or efficient way to automate your business. I am here to remind you that the current state of generative AI is about applying a predictive approach to automation when you ...| API Evangelist
I know many of us have bought into the API management messaging and the APIs as a product vision over the last ten years. It is a logical response to obtaining and maintaining a handle on the API sprawl that emerged as we made the switch from to power web and mobile applications. Turning this sprawling and chaotic digital factory floor into a well known orchestration engine to automate the enterprise is the proper response to what has been happening. The problem comes in when you come up agai...| API Evangelist
I have witnessed a lot of discussion and defense of what developer advocacy is over the years, and as I watch what is happening right now with artificial intelligence and labor, I am left dreaming of a world where developer advocates truly advocated for developer rights across platforms and employers, built real communities, and had solidarity for each other. The drumbeat for developer advocacy has dwindled as the funding priorities shifted in Silicon Valley over the last five years, and it f...| API Evangelist
API governance policies are meant to cover a wide range of operational areas, which begin with API design considerations like which HTTP methods we use to communicate around our digital resources and capabilities, but they go much further and help define how we version our APIs, which authentication, documentation, and even testing we provide as part of our operations. When it comes to government policies or even enterprise policies, the concept of a policly is often seen as slow moving and f...| API Evangelist
I heard it repeatedly at API Days in NYC last week-—apologies from people doing AI, and positioning their marketing and storytelling to speak to AI. People know me, know my brand, and know that API Evangelist is about pushing back on the fabulism that is ubiquitous in the world of technology. So, it is interesting to hear folks make their plea to me that they have to speak to AI In this moment, and there is no operating outside the AI bubble when it comes to their investors and customers—...| API Evangelist
It takes work to strengthen the awareness engineering teams have surrounding OpenAPI. OpenAPI is often seen as simply a configuration for producing API documentation, or possibly for generating client side SDKs, but it is the alignment between backend API code and the API gateways which can have the greatest impact. The strength of your API, as defined by a complete and accurate OpenAPI, which is used to configure your API gateway is the most important thing you can be doing to realize API go...| API Evangelist
Mapping the API landscape across an enterprise should always include the mapping of team boundaries. The outcomes of your API governance will be shaped by these boundaries, resulting in many API governance efforts looking to overcome and flatten team boundaries, when you should be understanding and embracing these boundaries. There are many ways you can introduce standardization across many different teams as part of API governance, but if you are looking to bend teams to your central API gov...| API Evangelist
Governance spans multiple dimensions of our API operations, but few areas get people thinking and talking about API governance than talking about the security of your APIs. I am working with customers to think through the details of the OWASP Top 10 API Security Risks, and up at the top of the list is broken authentication, which forgetting to actually configure and enforce API authentication across APIs being a pretty common slice of this API security. API security and API governance overlap...| API Evangelist
You can lint your OpenAPI artifacts in your CI/CD pipelines, but if you aren’t actually using it to configure your API gateway, and then validating the outputs of the configuration are in alignment with your API governance goals—-it is all just talk. It will be different with each API gateway, but AWS API Gateway allows you to configure your APIs using OpenAPI, but then you can also retrieve an updated OpenAPI output from the gateway with the following potential OpenAPI extensions applied...| API Evangelist
For teams who have adopted a design-first approach to APIs governance happens during the design time, and if your team is code-first it happens in the IDE during development time. If you are an engineering manager you likely don’t really care about the nuance between design and development times and see API governance occurring during the build-time right before production or any previous stage. This is something that very much shapes API governance because of who services and tooling are b...| API Evangelist
As I was reading the Study of Man Adjusting Men to Machines I kept thinking about how API governance is actually about people, despite the focus on the technical details of the design of APIs. I think that API operations has replaced the older concept of the factory, but much of what applied in the 1940s when it comes to understanding workers within the factor applies to our API operations. A factory has to be conceived as a social system, with the relations of its parts defined not only by t...| API Evangelist
Isn’t it strange that we are regularly talking about the need to get business stakeholders more involved in doing APIs? Like us engineers producing and consuming APIs operate in some liminal space outside the business of APIs. I work with Claire Barrett of APIsFirst on a weekly basis and she is always quick to point out that there is no separation between business and engineering when it comes to doing APIs, we are actually all in this together-—there is not “outside the business”.| API Evangelist
Understanding the technology, business, policies, and people of Apis.| API Evangelist
Understanding the technology, business, policies, and people of Apis.| API Evangelist
I am always fascinated by how us technologists can’t leave our backends out of API discussions. Keeping an API design conversation just about the interface between a producer and consumers proves to be one of the most difficult things about collaborating within or across teams. Sure, there are plenty of backend concerns expressed in interfaces, but those things need to be abstracted away and distilled down into only what is needed for a single, or series of API transactions with consumers. ...| API Evangelist
I was stuck in a cycle of thinking yesterday about the executability of an OpenAPI vs. Postman Collection. I am closely watching the Arrazzo spec for defining workflows, but I am very interested in the executability of an individual API operation using an OpenAPI. I was stuck in a rut thinking that my collection is the best way to approach this, and I wanted to “certify” a single operation via just OpenAPI. I was asking why the perception of Collection being executable persists, but peopl...| API Evangelist
Last year there was an accidental post from a Google employee about Google+. The internal rant was accidentally shared publicly and provides some insight into how Google approached APIs for their new Google + platform, as well as insight how Amazon adopted an internal service oriented architecture (SOA). The insight about how Google approached the API for Google+ is interesting, but what is far more interesting is the insight the Google engineer who posted the rant, Steve Yegge, provides ...| API Evangelist
