apidays Australia 2023 - API Strategy In The Era Of Generative AI,Shreshta Shyamsundar, Infosys

Transcript

1. Gen AI API Strategy in the era of Shreshta Shyamsundar

2. None

3. 2 1 The State of AI What it means for

   Enterprises?

4. iPhone Launch 2007 2012 2018 2023 Maturity & Value Timeline

   Mobile & Digital Era Azur e GCP Transformer Architecture Deep Learning ChatGPT AWS Consumerisation of AI is underway, and organizations that have done digital and cloud transformation well will leapfrog into the AI era… 3 Source: Infosys research + Stanford AI Index report 2023 + CB Insights 130+ large language models with 2X growth in the last 7 months Scale up from 1.5B to 540B+ parameters of foundation models 35+ specialized products based on LLMs launched in the last 7 months

5. AI adoption is evolving from generalized to specialized capabilities through

   these evolution patterns 4 Consumer Personal AI Assistant Specialized AI Apps & Assistants Time, Cost & Complexity Business Impact & Value Code: GitHub Copilot, Replit Creative: copy.ai, Adobe firefly Notes Taking: NotebookLM Sales & Service: Salesforce Sales GPT and Service GPT Closed Models & APIs: OpenAI GPT4, Azure OpenAI API’s, AWS Bedrock API’s, Google Vertex API Code: CodeGen, Starcoder, T5 Text: BLOOM, Dolly Speech: OpenAI Whisper, Nvidia Riva Image: Stable Diffusion Medical: Google Med PaLM Finance: BloombergGPT Open AI ChatGPT, pi.ai, perplexity.ai, Google BARD Custom AI Apps Using Fine-Tuned Open Models Custom AI Apps Using Closed Models & APIs Industry-Specific AI Apps Using Specialized Pre-trained Models Source: Infosys Research

6. 5 2 API-first to AI-first What it means for API

   Strategy?

7. Organizations need to revisit their API strategy goals, rationale &

   plan therefore emphasizing the need for a self-governing strategy format 6 Regulatory scrutiny will be a huge factor for governance API designs for machine consumption will be key to enable API product commercialization Explainability of responses will be crucial to ensuring trust in the API security process Demand for Context- aware responses has set a high bar for UX API design Source: Infosys research + SoftwareAG API Strategy documentation API Strategy API Governance API Commercialization API Product Management API Design Developer Experience API Initiative & op model API Security • Design governance • Runtime governance • Lifecycle governance • Oauth / OIDC • AuthN & AuthZ • API consent • API Platform roles/teams • KPIs/Metrics • API Mandate & Maturity assessment • API Economy/Monetization • Digital value chain • Business Model realignment • Design thinking • API Products • Customer centricity • API assets • Solution accelerators • API Marketplace • Architectural Styles • GraphQL/REST • API Lifecycle management (Versioning)

8. AI pair programmers are now mainstream Teams are now using

   productivity enhancing AI tools for code completion and code generation including automatically generated software tests as part of their codebase AI will democratize API build to non-tech staff AI powered platforms such as tabnine, roost.ai, theneo.io help build APIs, quality assess APIs to specifications, generate and amend standard API documentation respectively thereby lowering the barrier to entry for API development Here’s what it will look like with Organizations bringing AI into software engineering across API teams in terms of trends and implications 1/2 TRENDS driven by corporate AI strategy IMPLICATION for the API engineering teams API debugging and API testing will become even more important to get right. These processes will be augmented by generative AI and will decrease the amount of time it takes for developers to get productive. With a lower barrier to entry, there will be an influx of novice API builders who might generate APIs of differing levels of quality which needs to be assessed to be fit for purpose as against the high expectations from the digitally aware community post CoVID-19. Pressure to deliver faster and cheaper increase with AI With an increased automation quotient throughout SDLC; teams will be under pressure to deliver API products faster and at a lower cost. AI-first talent strategy will inform the staffing process to uplift all staff to be AI aware of impacts and influences, some of those to educated to build and integrate with AI services and APIs and a few to build AI services to streamline quality of delivery with speed.

9. AI now can enable autonomous Integrations Platforms such as Superface.ai

   can simply consume standard documentation and auto generate software code to integrate services and deliver simple business outcomes. Emphasis on API responses being Context-aware AI-driven APIs can analyze contextual information (such as user location, behavior, preferences or device type) to adapt their behavior and responses accordingly and deliver personalized content, recommendations, or services. Here’s what it will look like with Organizations bringing AI into software engineering across API teams in terms of trends and implications 2/2 TRENDS driven by corporate AI strategy IMPLICATION for the API engineering teams The API engineering teams will insist on documentation in markdown format with a minimum of introduction, authentication, endpoint/ methods, request & response formats, param & query strings, error handling, versioning, security policies, pagination and change log. Inadequately secure code, security policies governing APIs and other NFRs ignored in AI race AI helps deliver the MVP of a product swiftly however can often overlook secure coding practices, apt security policies based on several factors. Secure code audits must be carried out routinely while creating new/modifying existing APIs especially with AI assistants. Hyperscalers, design platforms and tooling in the DevSecOps ecosystem do help review policy inclusions with APIs in addition to secure code, containerized libraries and dependencies. Context aware capabilities such as Google awareness API should be considered as part of an API platform offering. Combining signals, cues to inform relevant API responses to the customer. In addition, teams must carry a process to identify strategic and reusable APIs to make sure such offerings are used aptly and widely without double dipping.

10. 9 3 Takeaways for the modern Enterprise

11. Embrace Gen AI to build secure, interactive APIs while keeping

    a close watch on evolving regulations with the right governance measures 10 API design and architecture will continue to be in the human domain even while the coding could get commoditised. AI aided bots will help developers collaborate on design reviews and generate API documentation thus representing the future workspaces. Organisations to uplift APIs in terms of documentation, policies, accessibility and on other parameters to leverage AI optimally. Additionally, it might be incumbent to take a quick stock of API inventory to remove any outdated interfaces off the list to help retain focus on relevant APIs. Organisations need to ensure their APIs are designed for machine consumption. The policies to consume APIs need to be fine-tuned in terms of identity and access verification mechanisms and bear the right governance to ensure transactions are driven in line with expectations. Companies to plan for periodic review of their process, tool/platform inclusions, governance mechanism in line with evolving regulations, maturing space in terms of technology and offerings in the market attune to unlocking business outcomes.

12. 11 Q & A

13. Organizations need to revisit their API strategy goals, rationale &

    plan therefore emphasizing the need for a self-governing strategy format. 12 API Strategy API Governance API Commercialization API Product Management API Design Developer Experience API Initiative & op model API Security • Design governance • Runtime governance • Lifecycle governance • Oauth / OIDC • AuthN & AuthZ • API consent • API Platform roles/teams • KPIs/Metrics • API Mandate & Maturity assessment • API Economy/Monetization • Digital value chain • Business Model realignment • Design thinking • API Products • Customer centricity • API assets • Solution accelerators • API Marketplace • Architectural Styles • GraphQL/REST • API Lifecycle management (Versioning)