confluent, profile picture
Uploaded byconfluent
262 views

Simplifying the OpenAPI Development Experience

This document discusses strategies for simplifying the OpenAPI development experience. It introduces Minispec, a domain-specific language and generator that produces OpenAPI specifications from high-level API descriptions. Minispec aims to reduce complexity and standardize API design. The document also outlines challenges with OpenAPI specifications, such as supporting required, immutable and contextual fields, and discusses how API linters can help address these issues. The goal is to make API design and documentation self-service for development teams.

Embed presentation

Simplifying the OpenAPI Development Experience Cody A. Ray, Staff SWE Tech Lead Manager, API Foundations API World - Oct 27, 2021
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Assumptions 1. You’re amped up about API contract-first design 2. You’ve decided to standardize on OpenAPI specifications 3. ??? 4. Profit Today’s talk will focus on the tactical steps for adopting OpenAPI contract-first design in practice. 2
API Design Guide Rules to ensure all your teams make high-quality and consistent APIs Minispec A new DSL and generator for OpenAPI specs OpenAPI Challenges Deep dive into some challenges to using OpenAPI “right” that Minispec handles API Linters Minispec gets you 70%+ of the way. This is helping us close another 20%+
API Design Guidelines
5 API Design Guides Hyper-growth companies be like ● Q1 - 1 API ● Q2 - 5 APIs ● Q3 - 7 APIs When you know that’s coming, you do your best to “get ahead of it” by adopting a company-wide API Design Guide in advance. Tons of company-specific design guides but no real standards for REST API design.
6 API Design Standards? Ok, maybe {JSON:API} (jsonapi.org) We tried hard but failed to adopt it. 1. Designed for requirements we don’t have and never expect to adopt. a. Ex: Compound Documents. “Why not just GraphQL?” 2. Inflexibility for requirements we do have a. Not self-descriptive (api_version and kind) b. No batch/bulk support 3. Developer pushback for unusual relationship handling (e.g., related links can’t change) 4. PM pushback on verbosity (tech products) 5. Low adoption and development seems slow (1.1 stalled since 2015)
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. A New Standard! 7
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. A New Problem! 8 Or maybe 1000 new problems. Even the existing “standards” and inspiration left a ton of gaps we needed to fill ourselves. And try to convince 100s of busy developers who are already working on hard problems to also internalize these API nuances is… impossible.
Minispec
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Minispec 10 DSL for REST APIs Let developers focus on the bits they (should) care about. ● Resources, attributes and relationships ● Filters, pagination, and sorting (on list requests) ● Versioning, deprecations NOT urls, methods, query params, request and response bodies, etc. Generates OpenAPI On average, the minispec DSL for an API is 1/5th the size of the final OpenAPI. More importantly, it handles all the details and matches the design guide. Aggregator and Filters Multiple APIs, some supporting different audiences (external, UI/CLI) Different use cases require different OpenAPI specs. 😩 ● Lack of support for “immutable”, “create only” etc in OpenAPI ● AllOf bugs in the OpenAPI-generator
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. But… GraphQL? GRPC? 11 This is more a business question than a technical one ● How broad is the market you’re targeting? ● Who are the customers? ● How technically savvy are they? ● What technologies are they comfortable with? Confluent serves everyone from Fortune 500 companies to one-person shops. We want the broadest possible adoption with the minimal possible friction. Everyone knows HTTP. #businessdecision
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. The Many Specs of OpenAPI 12
13 Minispec DSL
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Minispec DSL 14
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Minispec DSL 15
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Wait, what is this doing? 16
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Too much code. Pictures please! 17
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. 18
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Generated OpenAPI 19
OpenAPI Challenges
21 OpenAPI Challenges ● Required Fields ● Immutable Fields ● Read-Once Fields (e.g., creating a secret) ● Context-Aware Examples ● OneOf/AllOf/AnyOf support ● Shared Schemas (e.g., BadRequest, Error) ● ...
22 Required | Immutable
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Required Fields - Bugs 23
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Read-Once Fields - Not Supported 24 Return the API Key secret only once, when its first created. Ideally openapi-generator support to automatically remove this value from marshalling (e.g., non-create API operations, customer-facing audit log and events, developer logs, etc).
25 Contextual Examples Have to override examples on common schemas for every operation. Ex: standardizing request or resource metadata: Another “allOf”
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. 26 AllOf / AnyOf / OneOf - Bugs
OpenAPI Linter
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. 80+ custom rules in Spectral (from Spotlight) 28
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Automating API PR Reviews 29 Eventually we hope to remove centralized API team reviews. Make API design entirely self-service But I’m not sure if that’s possible. Linters are good at low-level details. Not at big picture design: “Should this be a resource?” “How should we model this?”
API Design Guide Rules to ensure all your teams make high-quality and consistent APIs Minispec A new DSL and generator for OpenAPI specs OpenAPI Challenges Deep dive into some challenges to using OpenAPI “right” that Minispec handles API Linters Minispec gets you 70%+ of the way. This is helping us close another 20%+
Copyright 2021, Confluent, Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Vision: API Publishing Platform 31
cnfl.io/careers cnfl.io/slack cnfl.io/blog Thank you! @codyaray cody@confluent.io PS - We’re Hiring! :D

More Related Content

PPTX
Kafka Connect and KSQL: Useful Tools in Migrating from a Legacy System to Kaf...
byconfluent
 
PDF
Industry-ready NLP Service Framework Based on Kafka (Bernhard Waltl and Georg...
byconfluent
 
PPTX
Stream me to the Cloud (and back) with Confluent & MongoDB
byconfluent
 
PPTX
RabbitMQ & Kafka
byVMware Tanzu
 
PPTX
How does a Modern Integration Platform Innovate
bySEEBURGER
 
PDF
Event Mesh: The Architecture Layer That Will Power Your Digital Transformation
bySolace
 
PDF
스타트업을 위한 Confluent 세미나
byconfluent
 
PDF
Event-Streaming verstehen in unter 10 Min
byconfluent
 
Kafka Connect and KSQL: Useful Tools in Migrating from a Legacy System to Kaf...
byconfluent
 
Industry-ready NLP Service Framework Based on Kafka (Bernhard Waltl and Georg...
byconfluent
 
Stream me to the Cloud (and back) with Confluent & MongoDB
byconfluent
 
RabbitMQ & Kafka
byVMware Tanzu
 
How does a Modern Integration Platform Innovate
bySEEBURGER
 
Event Mesh: The Architecture Layer That Will Power Your Digital Transformation
bySolace
 
스타트업을 위한 Confluent 세미나
byconfluent
 
Event-Streaming verstehen in unter 10 Min
byconfluent
 

What's hot

PDF
Express Scripts: Driving Digital Transformation from Mainframe to Microservices
byconfluent
 
PDF
Confluent Operator as Cloud-Native Kafka Operator for Kubernetes
byKai Wähner
 
PDF
Beyond the brokers - A tour of the Kafka ecosystem
byDamien Gasparina
 
PDF
How Apache Kafka helps to create Data Culture – How to Cross the Kafka Chasm
byconfluent
 
PPTX
Introducing Events and Stream Processing into Nationwide Building Society
byconfluent
 
PDF
IoT Architectures for a Digital Twin with Apache Kafka, IoT Platforms and Mac...
byKai Wähner
 
PDF
Telco 4.0 - Payment and FinServ Integration for Data in Motion with 5G and Ap...
byKai Wähner
 
PDF
Quantum metrics
byBrij Consulting, LLC
 
PDF
Application Modernization Using Event Streaming Architecture (David Wadden, V...
byHostedbyConfluent
 
PDF
The Rise Of Event Streaming – Why Apache Kafka Changes Everything
byKai Wähner
 
PPTX
Modernizing your Application Architecture with Microservices
byconfluent
 
PDF
Building a Secure, Tamper-Proof & Scalable Blockchain on Top of Apache Kafka ...
byconfluent
 
PDF
Building Event-Driven Applications with Apache Kafka & Confluent Platform
byconfluent
 
PDF
Kafka for connected vehicle research | Pavle Bujanovic, Federal Highway Admin...
byHostedbyConfluent
 
PDF
Mainframe Integration, Offloading and Replacement with Apache Kafka
byKai Wähner
 
PPTX
Bridge Your Kafka Streams to Azure Webinar
byconfluent
 
PDF
Qlik and Confluent Success Stories with Kafka - How Generali and Skechers Kee...
byHostedbyConfluent
 
PDF
Apache Kafka vs. Integration Middleware (MQ, ETL, ESB) - Friends, Enemies or ...
byconfluent
 
PDF
Enabling Smarter Cities and Connected Vehicles with an Event Streaming Platfo...
byKai Wähner
 
PDF
Top 5 Event Streaming Use Cases for 2021 with Apache Kafka
byKai Wähner
 
Express Scripts: Driving Digital Transformation from Mainframe to Microservices
byconfluent
 
Confluent Operator as Cloud-Native Kafka Operator for Kubernetes
byKai Wähner
 
Beyond the brokers - A tour of the Kafka ecosystem
byDamien Gasparina
 
How Apache Kafka helps to create Data Culture – How to Cross the Kafka Chasm
byconfluent
 
Introducing Events and Stream Processing into Nationwide Building Society
byconfluent
 
IoT Architectures for a Digital Twin with Apache Kafka, IoT Platforms and Mac...
byKai Wähner
 
Telco 4.0 - Payment and FinServ Integration for Data in Motion with 5G and Ap...
byKai Wähner
 
Quantum metrics
byBrij Consulting, LLC
 
Application Modernization Using Event Streaming Architecture (David Wadden, V...
byHostedbyConfluent
 
The Rise Of Event Streaming – Why Apache Kafka Changes Everything
byKai Wähner
 
Modernizing your Application Architecture with Microservices
byconfluent
 
Building a Secure, Tamper-Proof & Scalable Blockchain on Top of Apache Kafka ...
byconfluent
 
Building Event-Driven Applications with Apache Kafka & Confluent Platform
byconfluent
 
Kafka for connected vehicle research | Pavle Bujanovic, Federal Highway Admin...
byHostedbyConfluent
 
Mainframe Integration, Offloading and Replacement with Apache Kafka
byKai Wähner
 
Bridge Your Kafka Streams to Azure Webinar
byconfluent
 
Qlik and Confluent Success Stories with Kafka - How Generali and Skechers Kee...
byHostedbyConfluent
 
Apache Kafka vs. Integration Middleware (MQ, ETL, ESB) - Friends, Enemies or ...
byconfluent
 
Enabling Smarter Cities and Connected Vehicles with an Event Streaming Platfo...
byKai Wähner
 
Top 5 Event Streaming Use Cases for 2021 with Apache Kafka
byKai Wähner
 

Similar to Simplifying the OpenAPI Development Experience

PDF
INTERFACE, by apidays - Scaling APIs
byapidays
 
PPTX
API-first development
byVasco Veloso
 
PDF
The Future of API Specifications -- Aidan Cunniffe 2021
byAidan Cunniffe
 
PDF
Always up to date, testable and maintainable documentation with OpenAPI
byGOG.com dev team
 
PDF
Schema-First API Design
byYos Riady
 
PDF
Api clarity webinar
byLibbySchulze
 
PDF
Designing APIs with Swagger and OpenAPI 1st Edition Joshua S. Ponelat
bytatajebezad
 
PDF
Presentation at the 2016 Linux Foundation Collab Summit
byOpen API Initiative (OAI)
 
PPTX
SVQdotNET: Building APIs with OpenApi
byJuan Luis Guerrero Minero
 
PDF
Building APIs with the OpenApi Spec
byPedro J. Molina
 
PPTX
The Swagger Format becomes the Open API Specification: Standardizing descript...
by3scale
 
PDF
Why You Should Be Doing Contract-First API Development
byDevenPhillips
 
PDF
Space Camp June 2022 - API First.pdf
byPostman
 
PDF
Apidays Paris 2023 - API design first: A case for a better language, Emmanu...
byapidays
 
PDF
INTERFACE, by apidays - Building an Accessible API Spec
byapidays
 
PDF
Spec-first API Design for Speed and Safety
byAtlassian
 
PDF
apidays Paris 2024 - API Governance for EDA, Frank Kilcommins, SmartBear
byapidays
 
PPTX
Design and Evolution of APIs in Microservice Architecture
byLohika_Odessa_TechTalks
 
PPTX
Open API Specification - SiliconValley Code camp 2017 session @siddiqimuhammad
byMuhammad Siddiqi
 
PDF
JOSA TechTalks - RESTful API Concepts and Best Practices
byJordan Open Source Association
 
INTERFACE, by apidays - Scaling APIs
byapidays
 
API-first development
byVasco Veloso
 
The Future of API Specifications -- Aidan Cunniffe 2021
byAidan Cunniffe
 
Always up to date, testable and maintainable documentation with OpenAPI
byGOG.com dev team
 
Schema-First API Design
byYos Riady
 
Api clarity webinar
byLibbySchulze
 
Designing APIs with Swagger and OpenAPI 1st Edition Joshua S. Ponelat
bytatajebezad
 
Presentation at the 2016 Linux Foundation Collab Summit
byOpen API Initiative (OAI)
 
SVQdotNET: Building APIs with OpenApi
byJuan Luis Guerrero Minero
 
Building APIs with the OpenApi Spec
byPedro J. Molina
 
The Swagger Format becomes the Open API Specification: Standardizing descript...
by3scale
 
Why You Should Be Doing Contract-First API Development
byDevenPhillips
 
Space Camp June 2022 - API First.pdf
byPostman
 
Apidays Paris 2023 - API design first: A case for a better language, Emmanu...
byapidays
 
INTERFACE, by apidays - Building an Accessible API Spec
byapidays
 
Spec-first API Design for Speed and Safety
byAtlassian
 
apidays Paris 2024 - API Governance for EDA, Frank Kilcommins, SmartBear
byapidays
 
Design and Evolution of APIs in Microservice Architecture
byLohika_Odessa_TechTalks
 
Open API Specification - SiliconValley Code camp 2017 session @siddiqimuhammad
byMuhammad Siddiqi
 
JOSA TechTalks - RESTful API Concepts and Best Practices
byJordan Open Source Association
 

More from confluent

PDF
Stream Processing Handson Workshop - Flink SQL Hands-on Workshop (Korean)
byconfluent
 
PPTX
Webinar Think Right - Shift Left - 19-03-2025.pptx
byconfluent
 
PDF
Migration, backup and restore made easy using Kannika
byconfluent
 
PDF
Five Things You Need to Know About Data Streaming in 2025
byconfluent
 
PDF
Data in Motion Tour Seoul 2024 - Keynote
byconfluent
 
PDF
Data in Motion Tour Seoul 2024 - Roadmap Demo
byconfluent
 
PDF
From Stream to Screen: Real-Time Data Streaming to Web Frontends with Conflue...
byconfluent
 
PDF
Confluent per il settore FSI: Accelerare l'Innovazione con il Data Streaming...
byconfluent
 
PDF
Data in Motion Tour 2024 Riyadh, Saudi Arabia
byconfluent
 
PDF
Build a Real-Time Decision Support Application for Financial Market Traders w...
byconfluent
 
PDF
Strumenti e Strategie di Stream Governance con Confluent Platform
byconfluent
 
PDF
Compose Gen-AI Apps With Real-Time Data - In Minutes, Not Weeks
byconfluent
 
PDF
Building Real-Time Gen AI Applications with SingleStore and Confluent
byconfluent
 
PDF
Unlocking value with event-driven architecture by Confluent
byconfluent
 
PDF
Il Data Streaming per un’AI real-time di nuova generazione
byconfluent
 
PDF
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
byconfluent
 
PDF
Break data silos with real-time connectivity using Confluent Cloud Connectors
byconfluent
 
PDF
Building API data products on top of your real-time data infrastructure
byconfluent
 
PDF
Speed Wins: From Kafka to APIs in Minutes
byconfluent
 
PDF
Evolving Data Governance for the Real-time Streaming and AI Era
byconfluent
 
Stream Processing Handson Workshop - Flink SQL Hands-on Workshop (Korean)
byconfluent
 
Webinar Think Right - Shift Left - 19-03-2025.pptx
byconfluent
 
Migration, backup and restore made easy using Kannika
byconfluent
 
Five Things You Need to Know About Data Streaming in 2025
byconfluent
 
Data in Motion Tour Seoul 2024 - Keynote
byconfluent
 
Data in Motion Tour Seoul 2024 - Roadmap Demo
byconfluent
 
From Stream to Screen: Real-Time Data Streaming to Web Frontends with Conflue...
byconfluent
 
Confluent per il settore FSI: Accelerare l'Innovazione con il Data Streaming...
byconfluent
 
Data in Motion Tour 2024 Riyadh, Saudi Arabia
byconfluent
 
Build a Real-Time Decision Support Application for Financial Market Traders w...
byconfluent
 
Strumenti e Strategie di Stream Governance con Confluent Platform
byconfluent
 
Compose Gen-AI Apps With Real-Time Data - In Minutes, Not Weeks
byconfluent
 
Building Real-Time Gen AI Applications with SingleStore and Confluent
byconfluent
 
Unlocking value with event-driven architecture by Confluent
byconfluent
 
Il Data Streaming per un’AI real-time di nuova generazione
byconfluent
 
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
byconfluent
 
Break data silos with real-time connectivity using Confluent Cloud Connectors
byconfluent
 
Building API data products on top of your real-time data infrastructure
byconfluent
 
Speed Wins: From Kafka to APIs in Minutes
byconfluent
 
Evolving Data Governance for the Real-time Streaming and AI Era
byconfluent
 

Recently uploaded

PDF
How to Design Premium Health (Public Health) PPT Using AI? Top Strategies
byPublic Health Concern Nepal
 
PDF
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
PDF
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
PDF
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 
PDF
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
PDF
React Mastery: Visual Mental Models to Understand React Deeply
byThomas Gaye
 
PDF
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
PDF
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
PDF
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
PDF
Why AI Girlfriends Are the Future of Digital Companionship
byAi Angels
 
PDF
Transcript: EU regulations for the North American book supply chain - Tech Fo...
byBookNet Canada
 
PDF
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
PDF
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
PPTX
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
PDF
How to build hackthon projects from ZERO!
byishantyadav1111
 
PDF
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
PPTX
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
PDF
7 Essential Types of Penetration Testing Services Every Business Should Under...
bypandeydevika621
 
PPTX
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
PDF
Web3 - Applications and Architectures - History and Horizons
byGokul Alex
 
How to Design Premium Health (Public Health) PPT Using AI? Top Strategies
byPublic Health Concern Nepal
 
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
React Mastery: Visual Mental Models to Understand React Deeply
byThomas Gaye
 
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
Why AI Girlfriends Are the Future of Digital Companionship
byAi Angels
 
Transcript: EU regulations for the North American book supply chain - Tech Fo...
byBookNet Canada
 
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
How to build hackthon projects from ZERO!
byishantyadav1111
 
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
7 Essential Types of Penetration Testing Services Every Business Should Under...
bypandeydevika621
 
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
Web3 - Applications and Architectures - History and Horizons
byGokul Alex
 

Simplifying the OpenAPI Development Experience

  • 1.
    Simplifying the OpenAPI DevelopmentExperience Cody A. Ray, Staff SWE Tech Lead Manager, API Foundations API World - Oct 27, 2021
  • 2.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Assumptions 1. You’re amped up about API contract-first design 2. You’ve decided to standardize on OpenAPI specifications 3. ??? 4. Profit Today’s talk will focus on the tactical steps for adopting OpenAPI contract-first design in practice. 2
  • 3.
    API Design Guide Rulesto ensure all your teams make high-quality and consistent APIs Minispec A new DSL and generator for OpenAPI specs OpenAPI Challenges Deep dive into some challenges to using OpenAPI “right” that Minispec handles API Linters Minispec gets you 70%+ of the way. This is helping us close another 20%+
  • 4.
  • 5.
    5 API Design Guides Hyper-growthcompanies be like ● Q1 - 1 API ● Q2 - 5 APIs ● Q3 - 7 APIs When you know that’s coming, you do your best to “get ahead of it” by adopting a company-wide API Design Guide in advance. Tons of company-specific design guides but no real standards for REST API design.
  • 6.
    6 API Design Standards? Ok,maybe {JSON:API} (jsonapi.org) We tried hard but failed to adopt it. 1. Designed for requirements we don’t have and never expect to adopt. a. Ex: Compound Documents. “Why not just GraphQL?” 2. Inflexibility for requirements we do have a. Not self-descriptive (api_version and kind) b. No batch/bulk support 3. Developer pushback for unusual relationship handling (e.g., related links can’t change) 4. PM pushback on verbosity (tech products) 5. Low adoption and development seems slow (1.1 stalled since 2015)
  • 7.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. A New Standard! 7
  • 8.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. A New Problem! 8 Or maybe 1000 new problems. Even the existing “standards” and inspiration left a ton of gaps we needed to fill ourselves. And try to convince 100s of busy developers who are already working on hard problems to also internalize these API nuances is… impossible.
  • 9.
  • 10.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Minispec 10 DSL for REST APIs Let developers focus on the bits they (should) care about. ● Resources, attributes and relationships ● Filters, pagination, and sorting (on list requests) ● Versioning, deprecations NOT urls, methods, query params, request and response bodies, etc. Generates OpenAPI On average, the minispec DSL for an API is 1/5th the size of the final OpenAPI. More importantly, it handles all the details and matches the design guide. Aggregator and Filters Multiple APIs, some supporting different audiences (external, UI/CLI) Different use cases require different OpenAPI specs. 😩 ● Lack of support for “immutable”, “create only” etc in OpenAPI ● AllOf bugs in the OpenAPI-generator
  • 11.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. But… GraphQL? GRPC? 11 This is more a business question than a technical one ● How broad is the market you’re targeting? ● Who are the customers? ● How technically savvy are they? ● What technologies are they comfortable with? Confluent serves everyone from Fortune 500 companies to one-person shops. We want the broadest possible adoption with the minimal possible friction. Everyone knows HTTP. #businessdecision
  • 12.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. The Many Specs of OpenAPI 12
  • 13.
  • 14.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Minispec DSL 14
  • 15.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Minispec DSL 15
  • 16.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Wait, what is this doing? 16
  • 17.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Too much code. Pictures please! 17
  • 18.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. 18
  • 19.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Generated OpenAPI 19
  • 20.
  • 21.
    21 OpenAPI Challenges ● RequiredFields ● Immutable Fields ● Read-Once Fields (e.g., creating a secret) ● Context-Aware Examples ● OneOf/AllOf/AnyOf support ● Shared Schemas (e.g., BadRequest, Error) ● ...
  • 22.
  • 23.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Required Fields - Bugs 23
  • 24.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Read-Once Fields - Not Supported 24 Return the API Key secret only once, when its first created. Ideally openapi-generator support to automatically remove this value from marshalling (e.g., non-create API operations, customer-facing audit log and events, developer logs, etc).
  • 25.
    25 Contextual Examples Have tooverride examples on common schemas for every operation. Ex: standardizing request or resource metadata: Another “allOf”
  • 26.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. 26 AllOf / AnyOf / OneOf - Bugs
  • 27.
  • 28.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. 80+ custom rules in Spectral (from Spotlight) 28
  • 29.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Automating API PR Reviews 29 Eventually we hope to remove centralized API team reviews. Make API design entirely self-service But I’m not sure if that’s possible. Linters are good at low-level details. Not at big picture design: “Should this be a resource?” “How should we model this?”
  • 30.
    API Design Guide Rulesto ensure all your teams make high-quality and consistent APIs Minispec A new DSL and generator for OpenAPI specs OpenAPI Challenges Deep dive into some challenges to using OpenAPI “right” that Minispec handles API Linters Minispec gets you 70%+ of the way. This is helping us close another 20%+
  • 31.
    Copyright 2021, Confluent,Inc. All rights reserved. This document may not be reproduced in any manner without the express written permission of Confluent, Inc. Vision: API Publishing Platform 31
  • 32.