INTERFACE by apidays 2023 - Governance Doesn't Have to be a Dirty Word, Jason Harmon, Stoplight

Transcript

1. Governance Doesn’t Have to Be a Dirty Word Jason Harmon,

   CTO of Stoplight
2. None

3. 2 Jason Harmon Chief Technology Officer, Stoplight Engineering, Product, Security,

   IT Host of #APIIntersection Podcast Background: • Previously: → Senior Director of Platform Architecture @Expedia Group → Chief Platform Officer and CTO at @Typeform → Head of API Design @Paypal → API Architect @uShip • Co-founded Austin API Meetup • Founding member of OpenAPI Initiative (inactive) • Founding member of RAML Working Group (inactive)

4. 3 Ghosts of SOAP/SOA Governance Past — 2010 & Onwards

   • Tedious and Time Consuming: Review committees & program management from my time at a large old enterprise • SOAP: (Simple object access protocol) official protocol developed by Microsoft as 1.0/1.1, later amended by IBM as 1.2. Industry-wide practices determined by the largest players

5. 4 The SOAP Era • “Centralized-Control” • Large, Slow, Controlling

   • Industry Consortium • Power structure entrenched • Top-down Approach 4

6. 5 …versus The Open Source Approach • SOAP standard vs

   REST architectural pattern (and other modern API standards) • Typically a few committers and a community of people around them providing input, feedback, and contribution • Compare that model of early 2000s web service governance, vastly different! 5

7. “ 6 Governance has changed, but we don’t always look

   at it as “governance” today.

8. 7 Today: Decentralized Governance and the “Federated Approach” Community of

   passionate and informed people Building APIs in a platform ecosystem Core team comprised of silo-breakers “Wanted Influence”

9. 8 Consider the inner source as your culture-change agent. •

   How are you contributing between organizations? • How are you conducting reviews? • Do they have the right permissions?

10. 9 This enables platform -thinking.

11. 10 So, what does that mean for governance today?

12. 11 APIs as Products 1

13. 12 The Rise of the API Product Manager Era •

    An ever-changing role • Not-necessarily-technical • Broader sense of inclusion • APIs are business critical assets • Partnership capability 12

14. 13 Treating APIs as a Product Recognize Relationships Gain Business

    Buy-In Enhance Your Acceptance Criteria

15. 14 If you don’t treat your APIs as products… It

    becomes just a commodity. A tech artifact. You end up with an engineered design experience instead of designing for the end-user. This is system-centric, not customer-centric.

16. 15 Evolving Review Processes 2

17. 16 “ SOAP era: principal engineers wield unchecked power Modern

    era: end product of the API, an intentional design, distributed authority If using a suite of APIs that fits cohesively together, there is a design effort put behind it. Governance makes it possible.

18. 17 The New Review Process • More inclusive • Contributors,

    curators, maintainers & non-technical stakeholders • Building for an ecosystem • This leads to: → Better developer experience → Happier customers → Satisfied partners → Increased Scalability

19. 18 Key Takeaways 3

20. 19 Key Takeaways: Today’s “Governance” Means: • Decentralized Control; distribute

    power • Maintain intentional consistency; small centralized team • APIs as a product; more inclusive product development process • Greater Transparency; educate & evangelize

21. 20 Let’s look at some examples… “To make sure we

    can scale & provide consistency & reliability across our APIs we ultimately relied on API product managers to enforce governance. They had to work with each domain and each business area to make sure that we can understand the customer's perspective … and [then] translate their requirements into the API design itself and ensure standardization requirements are met.” - Dave Holliday, API Product Manager. • Goal: Fiserv has the goal of creating more consistency, shared language, and better change management across the API program. • Challenge: The massive amount of data and payments involved mean different teams are working on different components to develop the final product, but the goal is to give all customers a consistent, predictable, and secure experience. • Approach: From a customer’s perspective, a developer defines consistency as seeing the company as one unified entity. But in reality, the process involves many different teams who create the whole product, hence why Fiserv relied on API Product Managers & the right tools (Stoplight) to enforce their governance program and standards. Case Study

22. 21 Let’s look at some examples… • Goal: Pagerduty aims

    to be the central nervous system of IT Ops and DevOps. An ambitious goal and demanding customers mean PagerDuty must deliver on high expectations with consistency, innovation, and reliability, as well as improve developer productivity. • Approach: PagerDuty wants external developers to be able to adopt new APIs and scale up quickly and painlessly. To meet that goal, they iterate constantly based on customer feedback. They also worked to create a “guided experience” with consistent implementation, style guidelines, and predictable tooling (Stoplight). With lots of iteration and constant feedback, they have to be able to standardize quickly and globally across all of their efforts. • Results: By enforcing style guidelines, their team was able to meet a high-demand feature request while also making the internal developer experience better is a great achievement. It’s the result of PagerDuty’s constant focus on their core values of productivity, consistency and reliability. Case Study

23. 22 Tools to Help Improve Your Governance Efforts • Style

    Guidelines → Standardization of naming conventions • Collaboration Tools to smooth out the design review process • Shared Components/ Model Libraries • A solid API Product Manager! Psst! If you use Stoplight Platform, you can get all of these things and more!

24. 23 For more tips and tricks on the API space…

25. 24 Check out Stoplight’s API Intersection Podcast The podcast on

    the intersection between API design and digital transformation. Available Wherever You Listen to Podcasts

26. 25 Questions?