Demystifying API Governance: Building Success through Understanding

A presentation given by Arnaud Lauret, API Governance Lead, Postman, at our 2023 Platform Summit, October 17-18, 2023

Technology

Demystifying API
Governance: Building
Success through
Understanding
Arnaud Lauret
API Governance Lead

Arnaud Lauret https://apihandyman.io
Arnaud Lauret
● Author of The Design of Web APIs
● apihandyman.io
● API Governance Lead at Postman
(Postman Open Technologies)

Arnaud Lauret https://apihandyman.io
API Governance?

Arnaud Lauret https://apihandyman.io
Designers create wheels that are not round enough

Arnaud Lauret https://apihandyman.io
Developers write highly specific code

Arnaud Lauret https://apihandyman.io
This impacts the organization's productivity and revenues

Arnaud Lauret https://apihandyman.io
No governance, dire consequences

Arnaud Lauret https://apihandyman.io
The API design review

Arnaud Lauret https://apihandyman.io
Transcript of a review trial

Arnaud Lauret https://apihandyman.io
Rules 380, 467, 545 to 553 and 666

Arnaud Lauret https://apihandyman.io
Standards vs. Needs

Arnaud Lauret https://apihandyman.io
Standards vs. DX (developer experience)

Arnaud Lauret https://apihandyman.io
Delays vs. Deadlines

Arnaud Lauret https://apihandyman.io
Why don't you let us do it?

Arnaud Lauret https://apihandyman.io
A perfectly standard but useless API

Arnaud Lauret https://apihandyman.io
Kafkaesque API governnce

Arnaud Lauret https://apihandyman.io
Complex, out-of-touch standards and APIs

Arnaud Lauret https://apihandyman.io
Too extreme consistency

Arnaud Lauret https://apihandyman.io
Creating an API vs. creating the API right

Arnaud Lauret https://apihandyman.io
Time-consuming, error prone, and blocking processes

Arnaud Lauret https://apihandyman.io
Out-of-touch experts

Arnaud Lauret https://apihandyman.io
Kafkaesque governance, dire consequences

Arnaud Lauret https://apihandyman.io
Realistic, user-friendly guidelines

Arnaud Lauret https://apihandyman.io
Tools and automation to simplify, guide and learn

Arnaud Lauret https://apihandyman.io
Raising awareness and advocating

Arnaud Lauret https://apihandyman.io
Training novice designers

Arnaud Lauret https://apihandyman.io
Putting technical and standards issues on the back burner

Arnaud Lauret https://apihandyman.io
Supporting more experienced designers

Arnaud Lauret https://apihandyman.io
Leave the final word

Arnaud Lauret https://apihandyman.io
Autonomous Experts

Arnaud Lauret https://apihandyman.io
Experts that are also trainers

Arnaud Lauret https://apihandyman.io
Increasing direct and indirect value of APIs

Arnaud Lauret https://apihandyman.io
Governance dissolves in day-to-day practice

Arnaud Lauret https://apihandyman.io
API creation isn't just about design

Arnaud Lauret https://apihandyman.io
A holistic approach to API governance

Arnaud Lauret https://apihandyman.io
API governance is
Helping people with a holistic
approach to maximize API-
generated value.
“

Arnaud Lauret https://apihandyman.io
Tip #1 Keep 4 values in mind
●Alignment
●Collaboration
●User Experience
●Enablement

Arnaud Lauret https://apihandyman.io
Alignment (with the organization's objectives)

Arnaud Lauret https://apihandyman.io
Collaboration (between all parties involved in API creation/use)

Arnaud Lauret https://apihandyman.io
(Governance) User Experience

Arnaud Lauret https://apihandyman.io
Enablement (Autonomous API creators)

Arnaud Lauret https://apihandyman.io
Tip #2 - Leverage the API Producer Lifecycle

Arnaud Lauret https://apihandyman.io
Simplify every stage of the life cycle

Arnaud Lauret https://apihandyman.io
Tip #3 - Categorize APIs to know where to focus your efforts

Arnaud Lauret https://apihandyman.io
Identifying boundaries

Arnaud Lauret https://apihandyman.io
Tip #4 - Establish governance iteratively

Arnaud Lauret https://apihandyman.io
Thank you

You may have heard that to leverage APIs successfully, you need API governance. But it has a very bad reputation. People don't like it. They think it's complicated. It limits. It slows down. And in the end, it doesn't work. And that's unfortunately sometimes true. But what if the problem was not governance but misunderstanding? What is API governance? Why do we need it? What is its real purpose? That's what we'll answer, by first exploring 3 different visions of governance, before sharing some tips for implementing it and better grasp the real nature of governance.

I am sorry Developer, your API just became a Product.pdf

Francisco Picolini

INTERFACE by apidays 2023 - API Design Governance, Nauman Ali, Stoplight

INTERFACE by apidays 2023 APIs for a “Smart” economy. Embedding AI to deliver Smart APIs and turn into an exponential organization June 28 & 29, 2023 API Design Governance - Key to building consistent APIs at scale Nauman Ali, Product Manager at Stoplight ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

apidays LIVE JAKARTA - GraphQL, gRPC, REST, Oh My! by Mike Amundsen

INTERFACE, by apidays - API Design is where culture and tech meet each other...

apidays LIVE New York 2021 - API design is where culture and tech meet each o...

SAP Cloud Platform API Management Technical Brief

SAP Cloud Platform

apidays LIVE Paris 2021 - API design is where culture and tech meet each othe...

Intuitive APIs are critical success factors for modern software architectures. APIs should be easy to use, difficult to misuse, consumer friendly, easy to maintain and consistently designed. In order to achieve these goals, it is important to develop APIs before starting the actual development and in a collaborative approach involving various stakeholders. The API-first design approach is important when it comes to exposing existing functionality in the enterprise, e.g. implemented as microservices, to the outside world. But what role do APIs play in microservice architectures? How are APIs and microservices implementations combined and how do I integrate this with a DevOps approach? These questions will be answered in this session and explained on a consistent Microservice example. From a tooling perspective I leverage the power of Oracle Cloud with tools like Apiary, Oracle Kubernetes Engine (OKE), Wercker (aka Container Pipelines) and Oracle Container Registry.

API-first design - Basis for an consistent API-Management approach

Sven Bernhardt

Intuitive API design is a critical success factor for APIs. API-First propagates a collaborative approach, where API development starts with the design and brings various stakeholders together, which dramatically increases efficiency and consistency while defining APIs. Questions that that come up in this area are about quality requirements APIs have to meet nowadays, in order to deliver the desired business value. In this session we want to present an approach how APIs can be defined and implemented consistently using tools like Apiary and Apimatic and the design artifacts can be incorporated in existing CI/CD pipelines, using tools like Dredd, since APIs are a first-class citizen which need to be maintained appropriately.

API Management - Practical Enterprise Implementation Experience

Capgemini

Narinder Sahota Chief Architect - Capgemini David Rutter Solutions Architect - Capgemini APIs are something we take for granted as a key part of modern architecture. This session will talk through the practical experiences of implementing a new cloud-based API Management capability within a mature Enterprise with a complex and business critical integration estate. The session will cover what we learnt about the maturity and evolution of the API Management service implemented during the project, the team model that enabled success, the business benefits achieved, and how the platform is now evolving.

API Workshop Amsterdam presented by API Architect Ronnie Mitra

CA API Management

This workshop with Ronnie Mitra, Layer 7's Principal API Architect, will examine the key foundational elements necessary for a solid API implementation strategy. Building great APIs is about more than just design; it requires detailed, thoughtful execution. Your API strategy needs to meet the business requirements of your organisation but it must also be flexible enough to meet your developer community’s diverse needs.

From Rapid Prototypes to an end-to-end Model Deployment: an AI Hedge Fund Use...

Sri Ambati

Numerai is an open, crowd-sourced hedge fund powered by predictions from data scientists around the world. In return, participants are rewarded with weekly payouts in crypto. In this talk, Joe will give an overview of the Numerai tournament based on his own experience. He will then explain how he automates the time-consuming tasks such as testing different modelling strategies, scoring new datasets, submitting predictions to Numerai as well as monitoring model performance with H2O Driverless AI and R.

Establish, Grow, and Mature Your API Platform - James Higginbotham, LaunchAny

A presentation given by James Higginbotham, Executive API Consultant, LaunchAny, at our 2024 Austin API Summit, March 12-13. Session Description: Building and growing an API platform takes more than building and organizing your APIs. It requires understanding the needs of your ecosystem, establishing lightweight processes that drive discoverability, providing the resources for self-service enablement, and delivering a federated API coach program to scale your efforts. This talk will explore the practices and patterns implemented by global organizations that will help your API ecosystem shift from a functional program to a transformational API platform.

Modernise your IT landscape with APIs and Microservices

Colin McGovern

APIdays Paris 2019 - API Descriptions as Product Code by Phil Sturgeon, Stopl...

APIStrat Keynote: Lessons in Transforming the Enterprise to an API Platform

LaunchAny

The API Opportunity: Crossing the Digital Divide

CA Technologies

Web APIs provide a mechanism for exposing business data and services for use by mobile devices, social networks, cloud-based systems or any other software. This presentation discusses how the state of today's APIs is roughly similar to the state of the websites of 1997, looking at how the evolution of websites can help us predict the evolution of APIs going forward. It provides a framework for thinking about the value of APIs and demonstrates how some leading API users have successfully deployed them to generate significant business value. For more information on CA Security solutions, please visit: http://bit.ly/10WHYDm

Transforming Product Development - AWS Transformation Day 2018: Detroit

Many enterprises who are embarking on a journey to the cloud view this effort as an opportunity to transform their operations and development practices. DevOps, agile software development, and design thinking are the popular methodologies that are being used to create a more customer-centric mindset and speed up the delivery of new products & features. This session breaks down the essential components of each methodology and provides best practices on navigating the challenges that are commonly encountered when adopting these methods during a cloud migration. About the event AWS Transformation Day is designed for enterprise organizations migrating to the cloud to become more responsive, agile and innovative, while staying secure and compliant. Join us for this one-day event and we’ll share our experiences of helping enterprise customers accelerate the pace of migration and adoption of strategic services. Who should attend? This event is recommended for IT and business leaders who are looking to create sustainable benefits and a competitive advantage by using the AWS Cloud. CIOs, CTOs, CISOs, CDOs, CFOs, IT leaders and IT professionals, enterprise developers, business decision makers, and finance executives.

Transforming Product Development - Transformation Day Montreal 2018

[WSO2Con EU 2018] APIs - Technology That Can Transform Your Business Into a P...

WSO2

Transforming Product Development - AWS Transformation Day Boston 2018

MuleSoft Surat Virtual Meetup#38 - Deep Dive into Anypoint API Proxy Options ...

Jitendra Bafna

Webcast: Apigee Edge Product Demo

Apigee | Google Cloud

Watch the live demo of Apigee Edge to learn how to: - Easily configure and manage new APIs and enforce security with minimal impact to backend services - Create, manage and monetize API products - Extend API Services to increase flexibility and tailor to business requirements with JavaScript, Java, Python, and Node.js - Provide developers easy, yet secure access to explore, test, and deploy APIs Use end-to-end visibility across the digital value chain to monitor, measure, and manage success, with unified operational, developer, app performance, and business metrics Hear the podcast version here: http://bit.ly/1zzXy2B

Transforming Product Development - AWS Transformation Day: Santa Clara 2018

Many enterprises who are embarking on a journey to the cloud view this effort as an opportunity to transform their operations and development practices. DevOps, agile software development, and design thinking are the popular methodologies that are being used to create a more customer-centric mindset and speed up the delivery of new products & features. This session breaks down the essential components of each methodology and provides best practices on navigating the challenges that are commonly encountered when adopting these methods during a cloud migration. About the Event: AWS Transformation Day is designed for enterprise organizations migrating to the cloud to become more responsive, agile and innovative, while staying secure and compliant. Join us for this one-day event and we’ll share our experiences of helping enterprise customers accelerate the pace of migration and adoption of strategic services. Who should attend? This event is recommended for IT and business leaders who are looking to create sustainable benefits and a competitive advantage by using the AWS Cloud. CIOs, CTOs, CISOs, CDOs, CFOs, IT leaders and IT professionals, enterprise developers, business decision makers, and finance executives.

How I Built Bill, the AI-Powered Chatbot That Reads Our Docs for Fun , by Tod...

A presentation given by Todd Kerpelman, Developer Advocate at Plaid, at our 2024 Austin API Summit, March 12-13. Session Description: Have you ever thought about building your own chatbot to help developers be more successful using your APIs? Well, we made one for Plaid’s documentation site, and in this talk, I’ll cover some of the things we learned! This presentation will cover topics like: – How does it work? What does it mean to “train” a bot on your docs? – Setting appropriate expectations: Do you still need to write documentation? Do you still need a support team? – The trade-offs around building your own vs. buying a 3rd party solution – Some decisions around the underlying tech – How to build a decent “conversational mode” so you can ask follow-up questions – How you evaluate the quality of a chatbot, and some surprises we ecountered along the way – What do you do when things go wrong? – Security considerations And much more! Actually, probably not that much more. That already sounds like a lot.

The Art of API Design, by David Biesack at Apiture

A presentation given by David Biesack, Chief API Officer at Apiture, at our 2024 Austin API Summit, March 12-13. Session Description: API Design is truly an art. While ChatGPT can spit out seemingly detailed APIs, there is still much to be said for well-crafted, consistent APIs designed by organic intelligence, in a broader context, with the consumer and Developer Experience in mind. A good (or dare we dream, great) Developer Experience (DX) is an important aspect of API design and the success of your API program. Attendees will grok the interplay of API design, patterns, and language constraints and limitations. See how and why artful API Design Matters to DX and "good" API outcomes, and why fluency in the myriad languages of APIs matters. Learn how choosing guiding principles can shape all your APIs for success. Learn how to stay relevant as an API designer when the API generating robots are breathing down your neck.

Similar to Demystifying API Governance: Building Success through Understanding

APIs for your Business + Stages of the API Lifecycle

3scale

apidays LIVE Jakarta - What will the next generation of API Portals look like...

Intro to Strapi 4

Shadi Akil

API design-first and Microservices

Sven Bernhardt

API-first design - Basis for an consistent API-Management approach

Sven Bernhardt

API Management - Practical Enterprise Implementation Experience

Capgemini

API Workshop Amsterdam presented by API Architect Ronnie Mitra

CA API Management

From Rapid Prototypes to an end-to-end Model Deployment: an AI Hedge Fund Use...

Sri Ambati

Establish, Grow, and Mature Your API Platform - James Higginbotham, LaunchAny

Modernise your IT landscape with APIs and Microservices

Colin McGovern

APIdays Paris 2019 - API Descriptions as Product Code by Phil Sturgeon, Stopl...

APIStrat Keynote: Lessons in Transforming the Enterprise to an API Platform

LaunchAny

The API Opportunity: Crossing the Digital Divide

CA Technologies

Transforming Product Development - AWS Transformation Day 2018: Detroit

Transforming Product Development - Transformation Day Montreal 2018

[WSO2Con EU 2018] APIs - Technology That Can Transform Your Business Into a P...

WSO2

Transforming Product Development - AWS Transformation Day Boston 2018

MuleSoft Surat Virtual Meetup#38 - Deep Dive into Anypoint API Proxy Options ...

Jitendra Bafna

Webcast: Apigee Edge Product Demo

Apigee | Google Cloud

Transforming Product Development - AWS Transformation Day: Santa Clara 2018

Many enterprises who are embarking on a journey to the cloud view this effort as an opportunity to transform their operations and development practices. DevOps, agile software development, and design thinking are the popular methodologies that are being used to create a more customer-centric mindset and speed up the delivery of new products & features. This session breaks down the essential components of each methodology and provides best practices on navigating the challenges that are commonly encountered when adopting these methods during a cloud migration. About the Event: AWS Transformation Day is designed for enterprise organizations migrating to the cloud to become more responsive, agile and innovative, while staying secure and compliant. Join us for this one-day event and we’ll share our experiences of helping enterprise customers accelerate the pace of migration and adoption of strategic services. Who should attend? This event is recommended for IT and business leaders who are looking to create sustainable benefits and a competitive advantage by using the AWS Cloud. CIOs, CTOs, CISOs, CDOs, CFOs, IT leaders and IT professionals, enterprise developers, business decision makers, and finance executives.

Similar to Demystifying API Governance: Building Success through Understanding (20)

APIs for your Business + Stages of the API Lifecycle

apidays LIVE Jakarta - What will the next generation of API Portals look like...

Intro to Strapi 4

API design-first and Microservices

API-first design - Basis for an consistent API-Management approach

API Management - Practical Enterprise Implementation Experience

API Workshop Amsterdam presented by API Architect Ronnie Mitra

From Rapid Prototypes to an end-to-end Model Deployment: an AI Hedge Fund Use...

Establish, Grow, and Mature Your API Platform - James Higginbotham, LaunchAny

Modernise your IT landscape with APIs and Microservices

APIdays Paris 2019 - API Descriptions as Product Code by Phil Sturgeon, Stopl...

APIStrat Keynote: Lessons in Transforming the Enterprise to an API Platform

The API Opportunity: Crossing the Digital Divide

Transforming Product Development - AWS Transformation Day 2018: Detroit

Transforming Product Development - Transformation Day Montreal 2018

[WSO2Con EU 2018] APIs - Technology That Can Transform Your Business Into a P...

Transforming Product Development - AWS Transformation Day Boston 2018

MuleSoft Surat Virtual Meetup#38 - Deep Dive into Anypoint API Proxy Options ...

Webcast: Apigee Edge Product Demo

Transforming Product Development - AWS Transformation Day: Santa Clara 2018

More from Nordic APIs

How I Built Bill, the AI-Powered Chatbot That Reads Our Docs for Fun , by Tod...

The Art of API Design, by David Biesack at Apiture

ABAC, ReBAC, Zanzibar, ALFA… How Should I Implement AuthZ in My APIs? by Dav...

A presentation given by David Brossard, CTO at Axiomatics, at our 2024 Austin API Summit, March 12-13. Session Description: So you've just built your cool new API and figured out the authentication part. You're even using OAuth for access delegation, scopes, and claims. So, you're good, right? Well what about fine-grained authorization? What about OWASP's #1 security threat, broken access control? How do you handle that? Maybe you need an authorization framework to help with that. But which one? Is ABAC the way to go? Policies? Graphs? In this presentation, we'll give you the tools to understand what authorization for APIs entails, what options you have, and how to successfully implement a secure authorization strategy for your APIs. We will cover approaches such as ALFA, ReBAC, and Zanzibar and illustrate with a live demo.

Crafting a Cloud Native API Platform to Accelerate Your Platform Maturity - B...

A presentation given by Budhaditya Bhattacharya, Developer Advocate at Tyk, at our 2024 Austin API Summit, March 12-13. Session Description: APIs and microservices are powering domain-driven design architectures and have become the fabric of modern cloud-native applications. However, focusing on technology isn't enough - there is a need for a synergy between people, processes, and tools. Based on the CNCF platform maturity model, we will look to bridge the gap between an org's current and desired platform maturity level when creating cloud-native API platforms. We'll discuss: 1. The platform team model - team topologies and key roles for developing internal API platforms 2. Processes like platform discovery, jobs-to-be-done analysis, and continuous feedback loops to understand and meet developer needs 3. Applying a "platform as a product" mindset to measure and communicate platform success 4. Architecting for discoverability, security, observability and integration capabilities 5. The role of technologies like service meshes, API gateway, identity management, internal developer portals and OpenAPI specifications

The Federated Future: Pioneering Next-Gen Solutions in API Management - Marku...

A presentation given by Markus Müller, CTO at APIIDA, at our 2024 Austin API Summit, March 12-13. Session Description: In an era where digital transformation is pivotal, the management and governance of APIs have emerged as critical components in the technological infrastructure of businesses. "The Federated Future: Pioneering Next-Gen Solutions in API Management" is a forward-looking talk that delves into the evolving landscape of API governance, with a particular focus on Federated API Management as a groundbreaking approach. Over the course of this presentation, we will explore the paradigm shift from traditional, centralized API management towards a more dynamic, federated model. This approach not only offers scalability and flexibility but also fosters innovation by enabling diverse teams to collaboratively manage APIs while adhering to consistent governance policies. Key topics include: - The current challenges in API governance and how federated management addresses these. - The principles and architecture of Federated API Management, distinguishing it from traditional models. - Real-world implications of adopting a federated approach, including case studies that illustrate its transformative impact on businesses. - Strategies for implementing Federated API Management, focusing on best practices for seamless integration. - The future outlook of API governance, anticipating emerging trends and technologies.

API Authorization Using an Identity Server and Gateway - Aldo Pietropaolo, SGNL

A presentation given by Aldo Pietropaolo, Director of Solutions Engineering at SGNL, at our 2024 Austin API Summit, March 12-13. Session Description: Securing APIs and ensuring you are protected from threats by implementing authentication and authorization while keeping the request context intact can be challenging. This session will show us how to leverage SGNL, Curity, and the Kong API Gateway to protect fictitious patient records. The session will be a technical session focused on the architecture and integration points for implementing continuous access management.

API Discovery from Crawl to Run - Rob Dickinson, Graylog

A presentation given by Rob Dickinson, VP of Engineering at Graylog, at our 2024 Austin API Summit, March 12-13. Session Description: Discovering the attack surface presented by your APIs is the first step to improving API security. But APIs are fundamentally dark and constantly changing, which presents serious challenges for security teams trying to assess and manage new risks. There are several reasonable ways to perform API discovery, but each has its own tradeoffs and implications about what is actually being counted. This talk covers taking an API discovery program from start to best-of-breed, and strategies for measuring and monitoring your API attack surface.

Productizing and Monetizing APIs - Derric Gilling, Moseif

A presentation given by Derric Gilling, CEO of Moseif, at our 2024 Austin API Summit, March 12-13. Session Description: The talk would target product owners looking to turn APIs into revenue centers. Specifically, how to price and package APIs, different strategies around prepaid, postpaid, and PAYG billing, and how to choose the right metric to charge, etc. Then, we’ll chat on the go-to-market to drive developer adoption.

Securely Boosting Any Product with Generative AI APIs - Ruben Sitbon, Sipios

A presentation given by Ruben Sitbon, Lead Solutions Architect at Sipios, at our 2024 Austin API Summit, March 12-13. Session Description: ChatGPT has been a tidal wave, changing forever the way people and companies perceive the value of Artificial Intelligence. Many startups have launched products with ChatGPTI at its core, innovative SaaS players have all integrated Generative AI extensions or plugins, but it is now clear that users will be expecting more and more Generative AI to boost the features of products they use on a daily basis. In this talk, I will describe how a framework relying on Generative AI in-house APIs that allows: - Easily « boosting » any product feature with Generative AI - Improving the answers through a « trainer API » that allows experts to improve the accuracy and tone of the model - Bundling security and continuous compliance in the APIs to enjoy the benefits even within risk averse large corporates.

Security of LLM APIs by Ankita Gupta, Akto.io

A presentation given by Ankita Gupta, Co-Founder and CEO, Akto.io, at our 2024 Austin API Summit, March 12-13. Session Description: In this session, I will talk about API security of LLM APIs, addressing key vulnerabilities and attack vectors. The purpose is to educate developers, API designers, architects and organizations about the potential security risks when deploying and managing LLM APIs. 1. Overview of Large Language Models (LLMs) APIs 2. Understanding LLM Vulnerabilities: - Prompt Injections - Sensitive Data Leakage - Inadequate Sandboxing - Insecure Plugin Design - Model Denial of Service - Unauthorized Code Execution - Input attacks - Poisoning attacks 3. Best practices to secure LLM APIs from data breaches I will explain all the above using real life examples.

I'm an API Hacker, Here's How to Go from Making APIs to Breaking Them - Katie...

A presentation given by Katie Paxton-Fear, API Security Educator, Traceable AI, at our 2024 Austin API Summit, March 12-13. Session Description: Have you ever wanted to be the villain or anti-hero? In this talk, we'll cover how to hack APIs, with permission, of course. First, we'll look at the tools of the trade for API hackers, some of the most common security vulnerabilities and how we test for them, and finally, I'll tell some of my API hacking stories. The aim of the session will be to learn a little API hacking and encourage people to have a go at API hacking themselves. Participants will also join me as I hack live, giving suggestions for the next steps, for an interactive and engaging session.

Unleashing the Potential of GraphQL with Streaming Data - Kishore Banala, Net...

A presentation given by Kishore Banala, Senior Software Engineer, Netflix, at our 2024 Austin API Summit, March 12-13. Session Description: Extend the advantages of GraphQL beyond the UI layer by creating data streams that seamlessly transfer data from Federated GraphQL to your preferred destination. This presentation explores the myriad use cases that can be unleashed, such as Search, Analytics etc., sparing you from the complexity of extensive ETL jobs. Join us for an in-depth exploration of the advantages that arise from seamlessly connecting GraphQL with data streams, opening new dimensions of efficiency and capability.

Reigniting the API Description Wars with TypeSpec and the Next Generation of...

A presentation given by Gareth Jones, API Architect at Microsoft, at our 2024 Austin API Summit, March 12-13. Session Description: Didn't the API description wars end in 2017 when we all agreed that OAS was the way forward? Yes, and yet how satisfied with your API descriptions are you? Are they thousands of lines of hard to read yaml or JSON? When someone makes a change, is it easy to review for correctness and completeness? Do visual tools make this easier? Do they support change management? I'll make the case that the next generation of more abstract DSLs for defining APIs such as Smithy from Amazon and TypeSpec, open sourced by Microsoft, move us back to a more intentional approach to design and give us the opportunity to highlight the business characteristics that matter most at design-time.

Inclusive, Accessible Tech: Bias-Free Language in Code and Configurations - A...

A presentation given by Adrienne Moherek, Developer Experience Technical Leader, Cisco, at our 2024 Austin API Summit, March 12-13. Session Description: Heard of suss? You can suss out more information or you can find someone’s information to be suss. “Suss” shows the flexibility of language. It’s an ongoing process to change how we use certain words. It’s important to choose words carefully to convey the correct meaning and avoid harmful subtext or exclusion. Let’s explore some of the tools and triage methods that it takes from an engineering viewpoint to make bias-free choices. How can you ensure that biased words do not sneak into code, UI, docs, configurations, or our everyday language? First, let’s walk through how to take an inventory of assets from code to config files to API specifications to standards. Next, by placing those findings into categories, prioritize the work to substitute with inclusive alternatives. Let’s examine some examples using both API and code assets. Next is a demonstration of how to automate analyzing your source code or documentation with a linter, looking for patterns based on rules that are fed into the tool. What’s in the future for these efforts? Inclusive language should expand beyond English and North America efforts. To do so, let’s organize the work with automation tooling, as engineers do.

Going Platinum: How to Make a Hit API by Bill Doerrfeld, Nordic APIs

A presentation given by Bill Doerrfeld, Editor in Chief of Nordic APIs, at our 2024 Austin API Summit, March 12-13. Session Description: As it turns out, making a hit API is a lot like making a hit music album. You have to find a niche, you need good naming, and you need quality content. Also, on the production side, design, style, experience, and collaboration all matter a lot. At the end of the day, both are products, requiring the right management tools, marketing know-how, and infrastructure to scale. In this SXSW-inspired opening keynote, I'll look into the parallels between the two endeavors, providing a fun and informative look into specific things API providers should be considering on their journey toward becoming API platform rockstars.

Getting Better at Risk Management Using Event Driven Mesh Architecture - Ragh...

A presentation given by Raghavan Sadagopan, Sr. Director from CapitalOne & Lakshmi Narayana, Sr. Lead Software Engineer from CapitalOne, at our 2024 Austin API Summit, March 12-13. Session Description: Managing Risk is critical to the success of an organization. Managing Risks starts with identifying potential Risks which in the digital world are signals emanating from varying source systems. Identifying potential risks real-time enables organizations to mitigate / better prepare for potential exposures. The session will share our point of view on implementing an API centric event mesh architecture that routes events in real-time through a scalable and resilient cloud-native service on AWS.

GenAI: Producing and Consuming APIs by Paul Dumas, Gartner

A presentation given by Paul Dumas, Senior Director Analyst at Gartner, at our 2024 Austin API Summit, March 12-13. Session Description: GenAI will be, well, generating APIs. We are entering the era where software creates software. It will develop APIs faster than humans are capable of. Humans cannot compete with this compute power. How do we marshal this power, govern what it produces, and leverage it to support our business objectives and strategies? We will become more dependent on the capabilities we have as humans that elude machines. This talk provides insight to software leaders about the challenges of leading and managing this new software development power. The key lies in skills that are unique to humans: foresight, intuition, and agility.

The SAS developer portal –developer.sas.com 2.0: How we built it by Joe Furb...

A presentation given by Joe Furbee, Developer Advocate and Developers Communities Manager at SAS Institute, at our 2024 Austin API Summit, March 12-13. Session Description: Sure, we could have hired someone to (re)create our developer portal, developer.sas.com. However, we wanted the freedom to build our portal from the ground up. But, it takes more than an API architect and a developer advocate to create a modern, interactive developer experience. This session provides an overview of the steps we took to relaunch the SAS AI and analytics platform developer portal. Who was involved? How did we accomplish what we wanted to build? We’ll explore the stakeholders involved, the importance of open-source technologies, and why focusing on the developer’s perspective matters. This is not a marketing pitch to promote SAS services. Instead, it’s a detailed look at the process we followed to deploy our new developer portal.

How Netflix Uses Data Abstraction to Operate Services at Scale - Vidhya Arvin...

A presentation given by Vidhya Arvind, Staff Software Engineer, Netflix, at our 2024 Austin API Summit, March 12-13. Session Description: At Netflix, Data abstraction plays a pivotal role in hosting 100s of use cases that scale, they are widely adopted and depended on by mission-critical systems. In this talk, I show how to design reliable APIs and layout data for Key-Value services for petabyte-scale datasets. Key-value service uses a control plane and data plane to abstract the data, uses some novel techniques to reliably store and safely scale the service to 100s of instances.

cURL to SDK: Navigating the API Adoption Chasm - Sidney Maestre, APIMatic