The API Evangelist Blog - 2020

This blog is dedicated to understanding the world of APIs and exploring the technology, business, and politics of APIs.


Establishing an API-First Reference Implementation

06 April 2020
I do a lot of API blah blah blah’ing about abstract technical concepts. Sometimes I am able to craft a coherent narratives around some complex technology goings on, but most of the time I am just practicing. Workshopping different concepts until I find one that will make an impact on the way folks see APIs. One of the challenges I face in my storytelling is that I operate too far into the abstract, and not making the rubber meet the road enough. Another challenger I face is going too far down the rabbit hole with a particular companies implementation, which usually turns down the volume significantly on my storytelling, because most companies, organizations, institutions, and government agencies aren’t equipped to be 100% transparent about what they are doing...

Crowdsourcing COVID-19 Testing Location Data

03 April 2020
I have been heads down working on resources for Postman's COVID-19 response, pulling together a variety of COVID-19 data and information that developers (and non-developers) can put to use when trying to make sense of what is going on around us. Identifying existing API resources that were available, while shining a light on the hard work of others was the first wave of our response, but along the way we identified some areas where there were no existing APIs, and felt there was an opportunity to step in. So I got to work on developing a couple of proof of concepts (POCs) that we could rally around as a company, and further contribute to the COVID-19 / Coronavirus fight. One of the POCs that came out of this work was an idea for crowdsourcing COVID-19 testing location data, resulting in a pretty interesting blueprint for making data available as APIs, which could be used for a variety of open data efforts—not just COVID-API testing locations...

COVID-19 Data and Information

26 March 2020
When it comes to coping with the stressful world unfolding around us I like to lose myself in my work. Data and APIs is a great way to tune out the world and keep myself busy while in isolation. Like most other technosolutionists I want to do some good in this crazy time, even if I don’t quite fully know what that means. So, to help me define what that means I sat down and began scratching at what was already occuring across the landscape. Identifying what sources of data were available out there, and what types of information was available which would truly make a difference in everyones world--not make it worse. Informational API Collections To begin I wanted to better understand where the top sources of information were, so I began documenting who the most relevant government agencies were in the COVID-19 conversation, going directly to the source of information at the highest levels...

A Proof of Concept API Service Tier

12 March 2020
If you  have followed me over the years you know that I get very frustrated by the access or lack of access to APIs, as well as the services and tooling that target the sector. As someone who is perpetually kicking the tires of API providers and service providers, not being able to on-board at all, on-board without my credit card, or one of the many other ways companies introduce friction, I find myself regularly pissed off. So anytime someone makes my world easier, and accommodates my need, desire, and obsession with playing with every damn API tool out there I have to say something. Today’s example is from my partner in crime Tyk, with their proof of concept option  Tyk acknowledges that most of us might not be ready for pro status—we just need to kick the tires a bit...

The Official Cloudflare API Postman Collection

12 March 2020
I use Cloudflare for my DNS. I like the threat protection they offer, the dead simple DNS management, and their robust API. I automate the management of a handful of my domains. Providing maintenance on 100 of my API life cycle, couple hundred API landscape sites, and the range of tooling, APIs, and other side projects I have. I’ve written several times about how Cloudlare weaves their API into their UI, so I am happy to write about their new Postman collection for the complete Cloudflare API. The Clouflare API Postman collection provides 447 individual API requests organized into different folders, making the entire surface area of the API much easier to navigation and make sense of what is going on...

API-First [Business]

10 March 2020
I am working my way through defining a more precise definition of what API-first means which I can use across my API storytelling and conversations. I workshopped the widest definition possible of what API-First means to me yesterday, and be the end of the day I posted another more precise definition of what API-First means to a more technical crowd which I dubbed API-First [Design || Code]. Today, I’m once again thinking more about the business side of the conversation, and focusing on what I would like to eventually be a more precise definition of what API-First means to business stakeholders, which I am dubbing as API-First [Business]. As I said in my broader definition of API-First, if these conversations aren’t including business stakeholders we are doing it wrong...

API-First [Design || Code]

09 March 2020
I worked through my thoughts on what API first is, which I consider to be the outer layers of what is going on when we use this phrase. I wanted to focus on the technical and business rift that exists in this discussion first, now I want to dive into the more technical core of this phrase, and get to the heart of how developers are going to see this phrase. Depending on the type of developer you are, and your exposure to different aspects of the API industry or API operations within your organization you are going to make different assumptions about what API first is or isn’t. Some will feel it is more just about doing APIs before you build applications, while others are going to see it as being more about going API design first, before you ever write any code...

What Is API First?

09 March 2020
I really struggled with this piece on API-first. It is one of those holistic API advice pieces I am very conflicted about. API-first feels like yet another marketing phrase or latest trend like microservices. So as I am writing down my thoughts over the last couple weeks on this, my bullshit-o-meter kept going off. Honestly it still is, but I still feel like there is enough value here that I can move forward with a story. As my co-worker Joyce rightfully pointed out in a meeting recently, API-first is one of those phrases we regularly throw out there without much assessment, agreement, or real definition of what it means. That is one reason it feels so wrong at times, because I feel like it is one of those feel good things we throw out there, but never really think too deeply about while doing, or after it fails and we’ve moved on to the next thing...

What Is My API Network

06 March 2020
I am working on the vision for the Postman Network. As I do with everything, I want to start with the basics human aspects of what is going on, and then relate them to the more technical and then business aspects of it all. Right now, the Postman Network is a listing of teams and individuals who have published Postman collections under a handful of categories. While visiting the network you can browse collections by category or search by keyword, and view the team or individual profile, select the “Run in Postman” button, or view the documentation. My goal is to brainstorm what is next for the Postman network, but also help define what network means in a world of API collaboration...

The Building Blocks of API Partner Programs

04 March 2020
I’m doing a deep dive into partner API research, taking a fresh look at how API providers and service providers are operating their partner programs. I looked through around a hundred partner programs I have indexed, and listed a few of the notable ones below. It can be difficult to study partner API programs because many organizations consider their API program a type of partner program by itself, and then there are also a lot of partner APIs, providing actual services involving partners, providing programmatic access to a variety of partner resources. I’ll be rolling up this research into several other more formal strategies and guides that I will publish as part of API Evangelist, but like I do with all my work I wanted to publish my notes and research here as I’m working through...

Postman API Reference and Capability Collections

04 March 2020
Postman collections are a great way to document every detail of an API, defining the host, path, parameters, headers, and body of each API request. Allowing any single API request to be captured as a machine and human readable Postman collection that can be shared and used by any technical or non-technical user. The most common approach to defining a Postman API collection is to document the requests across all available APIs, providing a complete collection of all API requests that can be made, then using that reference to mock, document, test, monitor, and execute individual requests manually or as part of any automated process.  However, there are other ways to evolve these requests to ensure that they more closely resemble common business tasks, accomplishing everyday activities that technical and non-technical individual need to accomplish...

Peeling the OpenAPI-Driven API Life Cycle Collaboration Onion

03 March 2020
I am trying to better understand how we all work together to deliver and consume APIs. Fleshing out more meaning behind some of the common words we use in the space such as collaboration, platform, hubs, workspaces, feedback looks, comments, sharing, notifications, and other communication channels. I want push my thoughts forward on what the gears of API collaboration are, and how we can better work together to move many different APIs forward as provider and consumer. API collaboration isn’t very straightforward, and in my mind there are several layers to how things actually are playing out across the API landscape. This is my best attempt at breaking things out into different buckets for helping us make sense of how we are working together to move API infrastructure forward at the organizational and industry level...

The Technology, Business, and Politics of the OpenAPI Conversation

02 March 2020
I was pondering a tweet from Aidan Cunniffe (@aidandcunniffe) over at Optic they other day.  He was expressing what he says is a “controversial opinion that keeps getting backed up by conversations. Each version of OpenAPI and JSON Schema map to ~15 versions. All the implementations by vendors, cloud providers, and open source libs implement a useful (but not always the same subset.” I don’t think it is a controversial opinion at all, I think he points to a pretty critical deficiency in our belief around APIs and specifications like OpenAPI. Something that begins with the specification itself and how it evolves, but as Aidan points out, echoes out through API service and tooling providers, but then also across API providers themselves who put the OpenAPI specification as part of their own operations...

Design and Build API with Postman

25 February 2020
I am doing more talks and workshops within enterprise organizations educating teams about designing and building APIs, helping Postman customers be more successful in not just using Postman, but in defining, designing, delivering, supporting, and evolving high quality APIs using Postman. 90% of the teams I work with are still build-first when it comes to delivering API capabilities across the enterprise, so we are invested in helping bring that number down. Empowering teams to go API-first when it comes to designing and building their APIs, moving beyond the more costly approach of writing code first, and develop more healthy practices that involve business and technical stakeholders in the process...

Managing API Secrets Using Postman Environments

24 February 2020
Postman environments are machine readable definitions of design, development, staging, and production environments that can be used across API operations. When used properly they contain the keys, tokens, and other secrets needed for authorizing each individual, or collection of API requests. Making them an excellent place to begin getting more organized about how API secrets are applied, managed, and audited across teams. Secrets can also be littered throughout Postman collections, but when collections and environments are used properly, developers should be isolating secrets to environments, helping make sure Postman collections contain the technical details of the surface area of an API, but the unique values applied to each API is actually present as part of well defined Postman environments...

Content Negotiation for APIs and the Web

24 February 2020
APIs often seem like another one of those very technical acronyms that only the most technical people will care about. If you don’t aspire to be a software developer, why should you ever care about what application programming interfaces (APIs)? To push back on this notion I regularly push myself to make APIs more accessible to business users. I feel it is important that anyone who use the web daily as part of their professional career should possess a working understanding of the tool(s) they depend, and have a grip on how APIs aren’t some add-on to the World Wide Web we depend on each day--understanding that APIs and the web are one and the same. Over the last twenty years the web has became a fundamental aspect of how we do business online, and APIs are just the latest evolution of how the web is being put to use to use as part of the digital transformation businesses are going through across every business sector today...

The Caltech University API Landscape

19 February 2020
I regularly take a look at what different universities are up to when it comes to their APIs. I spent two days talking with different universities at the University API summit in Utah a couple weeks back, and I wanted to continue working my way through the list of schools I am speaking with, profiling their approach to doing APIs, while also providing some constructive feedback on what schools might consider doing next when it comes to optimizing API delivery and consumption across campus. Next up on m list is Caltech, who we have been having conversations with at Postman, and I wanted to conduct an assessment of what the current state of APIs are across the school. The university reflects what I see at most universities, meaning there are plenty of APIs in operation, but not any visible organized effort when it comes to bringing together all the existing APIs into a single developer portal, or centralizing API knowledge and best practices when it comes to the interesting API things going on across a campus, and with other partners and stakeholders...

API Interrogation

14 February 2020
I was doing some investigation into how journalists are using APIs, or could / should be using APIs. After some quick Googling, Binging, and DuckDuckGoing, I came across a workshop by  David Eads of ProPublica Illinois, called a A hitchhiker's guide To APIs. As I began reading, I was struck by how well it captured not only usage of Postman in journalism, but also how well it captures what Postman does in general in a single precise sentence, “In this hands-on session, you will use Postman to interrogate a web API.” That is how I use Postman. That is why 10 million developers use Postman.  APIs are how we can interrogate the digital world unfolding around us. It is increasingly how we can interrogate the digital world emerging across our physical worlds...

All of the Discussions from the BYU API University Workshop in Utah

12 February 2020
I went to Provo Utah a couple weeks ago and participated in the sixth annual Brigham Young University (BYU) University API Workshop. I was the keynote opener for the first edition of the conference, and I was the same for the sixth edition of the event bringing together many different universities together to talk about API usage across their campuses. When the event began it was primarily BYU staff, but it has expanded to include administrators and faculty from what I counted to be over twenty other universities from across the United States--making for a pretty interesting mix of conversation from higher education API practitioners looking to solve problems, and share their stories of how APIs have help make an impact at how universities serve students and the public...

Postman Governance as the Foundation for Wider API Governance

11 February 2020
This an overview of possible strategies for governing how Postman is used across a large organization. It is common for Postman to be already in use across an organization by individuals operating in isolation using a free tier of access. Governance of not just Postman, but also the end to end API life cycle begins with getting all developers using Postman under a single organizational team, working across master planned workspaces. If there are concerns about how Postman is being used across an enterprise organization, governance of this usage begins by focusing on bringing all enterprise Postman users together under a single license, and team, so that activity can be managed collectively. Postman Users Over the last five years Postman has become an indispensable tool in the toolbox of developers...

Conducting API Weaponization Audits

11 February 2020
I’ve been thinking about chaos engineering lately, the discipline of experimenting on a software system in production in order to build confidence in the system's capability to withstand turbulent and unexpected conditions. I listened to a talk by Kolton Andrus the CEO of Gremlin the other day, and my partner in crime at Postman Joyce (@petuniagray) is an avid evangelist on the subject. So I have been thinking about the concept, how it applies to your average enterprise organization, and the impact it could make on the way we operate our platforms. I don’t think chaos engineering is for every company, but I think there are lessons involved in chaos engineering that are relevant for every company...

Backend AWS API Gateway Integration OpenAPI Extensions

10 February 2020
I have spent a lot of time automating my AWS API infrastructure, working to make it so I can automatically deploy API infrastructure to AWS.  I am using AWS API Gateway as part of this suite of API deployments so I have been working hard to understand how AWS speaks OpenAPI as part of their implementation. As part of my work there are three distinct types of APIs I am deploying using AWS API Gateway, which have three distinct ways of extending OpenAPI to describe. The Pass Through Just passing what comes in to an HTTP host and path I give it and then passing the response back through without any transformations or other voodoo along the way. This is a basic OpenAPI extension for defining a pass through API using the AWS API Gateway...

The Basics of Working with the Postman API

10 February 2020
It is pretty easy to think of Postman as the platform where you engage with your internal APIs, as well as other 3rd party APIs. It doesn’t always occur to developers that Postman has an API as well. Most everything you can do through the Postman interface you can do via the Postman API. Not surprisingly, the Postman API also has a Postman collection, providing you with quick and easy access to your Postman collections, workspaces, teams, mocks, and other essential elements of the Postman platform and client tooling. Providing you with the same automation opportunities you have come to expect from other APIs. API access, integration, and automation should be the default with everything you do online—desktop, web, mobile, and device applications all use APIs...

API Links For Every UI Element

10 February 2020
I’ve showcased ClokudFlare's approach making their API available as part of their user interface several times now. It is a practice I want to see replicated in more desktop, web, and mobile applications, so I want to keep finding new ways of talking about, and introducing to new readers. If you sign up or use CloudFlare, and navigate your way to their SSL/TLS section, you will see a UI element for changing the levels of your SSL/TLS encryption, and below it you see some statics on the traffic that has been served over TLS over the last 24 hours. Providing you full control over SSL/TLS within the CloudFlare UI. At the bottom of the UI element for managing your SSL/TLS you will see an API link, which if you click you get three API calls for getting, changing, and verifying the SSL/TLS status of your domain...

Standardizing My API Life Cycle Governance

10 February 2020
I am working on redesigning all of my base APIs, as well as produce a mess of new ones. As part of the process I am determined to be more thoughtful and consistent in how I design and deliver the APIs. API governance always begins with using API definitions, as you can't govern something you can't measure and track, so having machine readable artifacts is essential. After that, the design of the API is the first place to look when it comes to standardizing each of the APIs coming off the assembly line. Then I am looking to do my best to begin defining, measuring, and standardizing how I do many other areas of API operations, hleping me keep track of the many moving parts of doing microsservices...

An Introduction to API Authentication

27 January 2020
APIs operate using the web, but like web applications, many API require some sort of authentication or authorization before you can access the valuable resources available within each API path. When you open up your APIs on the web you aren’t just giving away access to your resources to anyone who comes along. API providers employ a number of different authentication mechanisms to ensure only the applications and systems who should have access are actually able to make a successful API call. To help refresh the types of authentication available across the API landscape, while also demonstrating the reach of Postman as an API client, I wanted to take a fresh look at authentication to help my readers understand what is possible...

Secrets and Personally Identifiable Information (PII) Across Our API Definitions

27 January 2020
As API providers and consumers we tend to have access to a significant amount of credentials, keys, tokens, as well as personally identifiable data (PII). We use this sensitive information throughout the API integration and delivery life cycles. We depend on credentials, keys, and tokens to authorize each of our API requests, and we potentially capture PII as part of the request and response for each the individual API requests we execute regularly. Most developers, teams, and organizations I’ve spoken with do not have a strategy for addressing how secrets and PII are applied across the internal and external API landscape. API management over the last decade has helped us as API providers better manage how we define and manage authentication for the APIs we are providing, but there hasn’t been a solution emerge that helps us manage the tokens we use across many internal and external APIs...

Profiling Adobe APIs

23 January 2020
As I was profiling APIs on my list of APIs I found myself profiling Adobe. I am moving through the list of companies alphabetically, so you can see how far along I am. Anyways, like any other large company I need to make a decision about how I am going to manage the profiling of different API products and lines of business. Companies like Amazon, Google, Azure, and Adobe have large numbers of APIs and I always know I will need to have some sort of plan for documenting everything that is going on. With Adobe, I am going to track everything in a single GitHub repository, but will be working to create separate API definitions (OpenAPI and Postman collections) for each of the individual APIs being offered...

Help Defining 13 of the AsyncAPI Protocol Bindings

22 January 2020
I have been evolving my definition of what my API toolbox covers, remaining focused on HTTP APIs, but also make sure I am paying attention to HTTP/2 and HTTP/3 APIs, as well as those that depend on TCP only. My regular call with Fran Méndez (@fmvilas) of AsyncAPI reminded me that I should be using the specification to ground me in the expansion of my API toolbox, just as OpenAPI has defined much of it for the last five years. For this particular multi-protocol API toolbox research, the AsyncAPI protocol bindings reflect how I am looking to expand upon my API toolbox. Here are the 13 protocols being defined around the AsyncAPI specification: AMQP binding - This document defines how to describe AMQP-specific information on AsyncAPI...

The State of California Doing APIs The Right Way By Starting Simple

22 January 2020
I got introduced to the CA.gov Alpha Team by my fellow government change maker Luke Fretwell (@lukefretwell) the other day, and I am beginning to tune into what they are up to in similar ways to how I’ve done with other city, state, and federal government entities over the years. We kicked off a conversation around their approach to delivering APIs, and what was possible with Postman. After we were done kicking things off they shared some links with me to help me get up to speed on what they have been doing with their new approach to delivering technology across the State of California. As far as first impressions go I am super stoked with their approach. They are starting small, and working hard to be as public with how they are doing everything...

Three Ways to Use Postman and Azure DevOps

22 January 2020
I set out to understand the role that Postman can play in an Azure DevOps powered API life cycle. I was fully prepared to crash course Azure Dev Ops, and begin mapping out the role that Postman can play, but before I got started I began Googling Postman + Azure DevOps. I was happily surprised to find a number of rich walk throughs written by the passionate Postman community--surpassing anything I could have put together for a version 1.0 of my Azure DevOps Postman guidance. I will still work to pull together my own official Azure DevOps Postman walkthrough, but to prepare I wanted to publish a summary of what I have found while thinking about how Postman and Azure DevOps can work together.  The Postman Basics Before we get going with what I have found, I wanted to point to a couple of key concepts readers will need to be familiar with before they set out trying to use Postman with Azure DevOps, helping set the tone for any integration...

Looking at Electronic Data Interchange (EDI) Reminds Me that the API Economy is Just Getting Started

21 January 2020
I am neck deep in the expansion of what I consider to be my API toolbox, and I have been spending time mapping out the world of EDI. If you aren’t familiar with  the Electronic Data Interchange (EDI), it “is the electronic interchange of business information using a standardized format; a process which allows one company to send information to another company electronically rather than with paper. Business entities conducting business electronically are called trading partners.”  EDI is the original API by providing a, “technical basis for automated commercial "conversations" between two entities, either internal or external. The term EDI encompasses the entire electronic data interchange process, including the transmission, message flow, document format, and software used to interpret the documents”...

I Think We Will Have To Embrace Chaos With the Future of APIs

21 January 2020
I like studying APIs. I like to think about how to do APIs well. I enjoy handcrafting a fully fleshed out OpenAPI definition for my APIs. The challenge is convincing other folks of the same. I see the benefits of doing APIs well, and I understand doing the consequences of not doing them well. But, do others? I never assume they do. I assume that most people are just looking to get an immediate job done, and aren’t too concerned with the bigger picture. I think people have the perception that technology moves too fast, and they either do not have the time to consider the consequences, or they know that they will have moved on by the time the consequences are realized. I’m pretty convinced that most of our work on API design, governance, and other approaches to try and standardize how we do things will fall on deaf ears...

My Upcoming Talk with the UK Government Digital Services (GDS): The API Life Cycle Is For Everyone

21 January 2020
I am heading to London in February to talk to the UK government about APIs. They invited me out to talk about my history of work with government in the US and EU, and share my views of the API life cycle. To help share my view of the API landscape I pulled together a talk titled, "The API Life Cycle Is For Everyone". I am hoping to share my view of the fundamentals of a modern API life cycle, as well as emphasize the importance of both developers and non-developers having a place at the table. Here is what I've pulled together for my time with the GDS in London. APIs are widely considered to be something that is exclusively in the domain of software developers. While it is true that APIs are often a very technical and abstract concept which requires a more technically inclined individual to engage, APIs are something that impacts everyone across todays digital landscape, impacting both business users and developers, making the API development life cycle something all parties should be educated on, made aware of, and equipped to participe in...

Expanding My API Toolbox for the Next Decade

21 January 2020
I am continuing to iterate on what I consider to be a modern API toolbox. API Evangelist research is born out of the SOA and API worlds colliding, and while I have been heavily focused on HTTP APIs over the years, I have regularly acknowledged that a diverse API toolbox is required for success, and invested time in understanding just what I mean when I say this. Working to broaden my own understanding of the technologies in use across the enterprise, and realistically map out what I mean when I say API landscape. I am still workshopping my new API toolbox definition for 2020, but I wanted to work on some of the narrative around each of the items in it, helping me learn along the way, while also expanding the scope of what I am talking about...

DevOps Azure Style

17 January 2020
I am spending time thinking more deeply about how APIs can be delivered via Azure. I spent much of the holidays looking at how to deliver APIs on AWS, but only a small amount of time looking at Azure. I'm looking at how Azure can be used for the development and delivery of APIs, trying to understand the different ways you can use not just Azure for managing APIs, but also use Azure APIs for managing your APIs. Next up is Azure DevOps, and learning more about the nuts and bolts of how the orchestration solution allows you to streamline and stabilize the delivery of your API infrastructure using Azure. First, I want to just break down what the core elements of Azure Devops. Learning more about how Azure sees the DevOps workflow and how they have provided a system to put their vision to work...

A View of the API Delivery Life Cycle from the Azure Getting Started Page

17 January 2020
I am working my way through doing more work around the multi-cloud deployment of APIs and spending some more time on the Azure platform here in 2020, and I found their getting started page pretty reflective of what I'm seeing out there when it comes to delivering the next generation of software. When landing on AWS home page it can be overwelming to make sense of everything, and I thought that Azure organized things into a coherent vision of how software is being delivered in the cloud. Infrastructure Providing the fundamental building blocks of compute for all of this. Linux virtual machines  Windows virtual machines  I never thought I"d see Linux and Windows side by side like this...

What Is Your API Development Workflow?

16 January 2020
I am going to invest in a new way to tell stories here on API Evangelist—we will see if I can make this stick. I enjoy doing podcasts but I am not good at the scheduling and reliable repetition many expect of a podcast. Getting people to join me on a podcast takes a lot of work (I know from experience) to do reliably. People usually want to talk, but finding slots in both of our schedules and getting them to jump online and successfully record an episode isn’t easy to do on a regular basis. However, I still want to be able to craft audio narratives around specific topics that are relevant to the API sector, while also allowing many different voices to chime in. So I’ve come up with a formula I want to test and and see if I can build some momentum...

My Eventbrite API Keys Were Easy To Find

16 January 2020
If you read my blog regularly you know I rant all the time about having to sign up for new APIs and then find my API keys and tokens. API providers excel at making it extremely difficult to get up and running with an API, even once you have read their documentation and figured out what their API is all about. So when I come across API providers doing it well, I have to showcase here in a blog posts. Today’s shining example of how to make it easy to find your API keys comes from the Eventbrite API. I was crafting a Postman API capability collection for my boss the other day, and I needed to find me an API key to get the data I needed out of the Eventbrite API. Finding the API paths we needed to get the event and registration data needed had already taken us some time, so I was fully expected the usual friction when it came to finding my API key...

API Life Cycle Governance Beyond Just API Design

16 January 2020
When you hear enterprise organizations talk about API governance they usually mean the governance of API design practices across the organization. This is the place where everyone starts when it comes to standardizing how APIs are delivered. It makes sense to start here because this is where the most pain is experience at scale when you try to put APIs to work across a large enterprise organization. Even if all APIs and micro services are REST(ish), there are so many different ways you can deliver the details of an API--you might as well be using APIs from different companies when trying to put APIs developed across different teams to use in a single application. Making API design the first stumbling block teams consider when planning API governance, and something that would make a meaningful impact on how APIs are delivered...

Eventbrite Events with Order Count and Capacity Using the API

15 January 2020
My boss asked me if I could build a Postman collection that would pull our future events from Evenbrite and display ticket counts for each individual event. So I got to work hacking on the Eventbrite API, learning each of the events API paths, stitching together what I needed to pull together my Postman collection for this new API capability. I’m a big fan of not just creating reference collections for different APIs like the Eventbrite API, but also creating individual capability collections that use one or many API requests to deliver on a specific business objective. I was able to craft my Postman API capability collection using two Eventbrite APIs, getting me the data I need to satisfy what my boss needed to get the updates he needed...

Why Hasn’t There Been Another Stripe or Twilio?

13 January 2020
Stripe and Twilio are held up as shining examples of how to do APIs in our world. This shining blueprint of how to do APIs has been around for a decade for others to follow. It isn’t a secret. So, why haven’t we seen more Stripes or Twilios emerge? Don’t get me wrong, there are other well done APIs that have emerged, but none of them have received the attention and level of business that Stripe and Twilio have enjoyed. These things always get me thinking and wondering what the reality really is, and if the narrative we are crafting is the one that fits with reality on the ground—pushing me to ask the questions that others aren’t always prepared to ask. I am going to spend some time flagging some of the new APIs who do rise the to the occasion, but while I am working on that I wanted to pose some questions about why we haven’t seen the Twilio and Stripe being modeled by more API providers...

The State of Simple CRUD API Creation

09 January 2020
With all the talk of APIs you think it would be easier to publish a simple Create, Read, Update, and Delete (CRUD) API. Sure, there are a number of services and open source solutions for publishing a CRUD API from your database, but for me to just say I want a CRUD resource, give it a name, push a button, and have it—there isn’t much out there. I should be able to just write the word “images”, and hit go, and have a complete images API that I can add properties to the schema, and query parameters to each method. After ten years of doing this I am just amazed that the fundamentals of API deliver are still so complicated and verbose.  We even have the vocabulary to describe all of the details of my API (OpenAPI), and I still can’t just push a button and get my API...

A Postman API Governance Collection

09 January 2020
You can use Postman to test your APIs. With each request you can include a test script which evaluates each incoming response and validates for specific elements, displaying the test results along with each response. However, you can also use the same mechanisms to evaluate the overall design of any API you are managing with Postman. One of the new beta features of Postman is being able to manage your APIs, allowing you to define each API using OpenAPI 3.0, then generate collections, mocks, docs, and tests with Postman. This got me thinking—why can’t we use the new Postman API manager, plus the Postman API, and script testing for governing the design of an API. To explore the possibilities I created a Postman collection for applying some basic API design governance to any API you have defined in a Postman workspace...

Deploy, Publish or Launch An API?

08 January 2020
I’m always fascinated by the words we use to describe what we do in a digital world. One dimension of the API life cycle that perpetually interests me is the concept of deploying an API, or as some might call it publishing or launching. I am fascinated by how people describe the act of making an API available, but I’m even more interested in how shadows exist within these realities. Meaning, within a 30 minute Googling session for publish, deploy, and launch an API, I come across many real world examples of delivering an API, but how few of them will deliver the actual tangible, functional, nuts and bolts of the API. After searching for publish API, here is what stood out: Apigee SwaggerHub Postman Oracle Broadcom Azure MuleSoft WSO2 SAP Socrata After searching for deploy API, here is what stood out: AWS API Gateway Firebase Google Serverless Stack Mendix API Platform API Evangelist GitHub Heroku After searching for launch API, here is what stood out: Adobe Launch SpaceX Apple Launch Services RapidAPI 80% of these will not actually deliver the API, it will just take an existing and make it available...

Postman Tutorials are Common but the Postman Collection is Often Missing

08 January 2020
I am amazed at the number of blog posts I come across for API providers explaining how their API consumers can use Postman with their API, but do not actually share a complete Postman collection for developers to use. API providers obviously see Postman as a tool for making API calls, but do not fully grasp the ability to document an API with a Postman collection, save, publish, and share this collection with documentation or the Run in Postman button. As part of this realization I am not looking to shame API providers for not understanding what is possible, I am more looking to acknowledge how much work we (Postman) have to to when it comes to helping folks understand what is possible with the Postman platform, moving folks being the notion that Postman is just an HTTP client...

Dead Simple Real World API Management

08 January 2020
I began API Evangelist research almost a decade ago by looking into the rapidly expanding concept of API management, so I think it is relevant to go into 2020 by taking a look at where things are today. In 2010, the API management conversation was dominated by 3Scale, Mashery, and Apigee. In 2020, API management is a commodity that is baked into all of the cloud providers, and something every company needs. In 2010 there were not open source API management provider, and in 2020 there a numerous open source solutions. While there are forces in 2020 looking to continue moving the conversation forward with service mesh and other next generation API management concepts, I feel the biggest opportunity in tackling the mundane work of just effectively managing our APIs using simple real world API management practices...

Spreading API Collections From My Personal Workspaces Across Multiple Workspaces

08 January 2020
As a Postman user for a number of years I have several hundred random collections littering my personal workspace. I had noticed that workspaces emerged a while back, but really hadn’t ever put much thought into how I organize my collections. As the number of collections grows I’m noticing performance issues within Postman, and general chaos because I work primarily fro within my personal workspace. Pushing me to step back and think more holistically in how I create, store, organize, and share my API collections within the Postman platform and beyond using AWS S3 and GitHub. Forcing a little organization and structure on how I move APIs forward across thier own API life cycle trajectory...

Postman Open Source

07 January 2020
I get asked a lot if Postman is open source. I get told ocasionally that people wish it was open source. I have to admit I didn't fully grasp how open Postman was until I helped work on the new open source philosophy page for Postman. While the Postman application itself isn't open source (it is built on open source), the core building blocks of Postman are open source, shifting my view of how you can use the application across operations. Expanding Postman usage beyond just being a solitaire desktop applicaton, and turning it into a digitally scalable gear on the API factory floor. Postman as a desktop application is not open source, but here are the core components that are open source, making Postman something you can run anywhere: Postman Runtime - The core runtime of Postman that allows you to run collecctions, including requests, scripts, etc anywhere, extending the work that gets done within the application to anywhere the runtime can be installed and executed...

Challenges Binding APIs Deployed Via Gateway To Backend Services

07 January 2020
I spent some of the holidays immersed in the backend integrations of the top three cloud providers, AWS, Azure, and Google. Specifically I was studying the GUI, APIs, schema, mapping, and other approaches to wiring up APIs to backend systems. I am looking for the quickest API-driven way to deploy an API, and hooking it up to a variety of meaningful resources on the backend, beginning with SQL and NoSQL data stores, but then branching out discovering the path of lest resistance for more complex backends. Maybe it is because of my existing experience with Amazon, but I found the AWS approach to wiring up integrations using OpenAPI to be the easiest to follow and implement, over what Azure and Google offered...

Academic or Street API Tooling

07 January 2020
There always seems like there are two separate types of tools in my world, the academic tools that consider the big picture and promise to steer me in the right direction, and then there is the street tooling that helps me get my work done on a day to day basis. After going to work for a street tooling vendor who has some academic tooling aspirations, it has gotten me thinking more about the tools I depend on, and learning more about what people are using within the enterprise to get their work done each day. I have used different academic tooling over my life as the API Evangelist. I’d say every API management tool I’ve adopted has been very academic until recently. From my view API management started as academic and then became a factory floor commodity...

A Dynamic Salesforce REST API Postman Collection Builder Collection

06 January 2020
I have been working on developing new ways to make the Salesforce API more accessible and easier to onboard with over the last couple of months, helping reduce friction every time I have to pick up the platform in my work. One of the next steps in this work is to develop a prototype for generating a dynamic Postman collection for the Salesforce REST API. I had created a Postman collection for the API earlier, but the Salesforce team pointed out to me that the available APIs will vary from not only version to version, but also user account to user account. With this in mind I wanted to develop a tool for dynamically generating a Postman collection for the Salesforce API, and as I got to work building it I realized that I should probably just make the tool a Postman collection itself (mind blown)...

The Fundamentals: Deploying APIs From Your Databases

06 January 2020
You know, I tend to complain about a lot of things across the API space while focusing on the damage caused by fast moving technology startups and the venture capital that fuels them. Amidst all of this forward motion I easily forget to showcase the good in the space. The things that are actually moving the conversation forward and doing the hard work of connecting the dots when it comes to APIs. I easily forget to notice when there are real businesses chugging along delivering useful services for for all of us when it comes to APIs. One of my favorite database to API businesses out there, and one of the companies who have been around for a significant portion of my time as the API Evangelist, working hard to help people deploy APIs from their databases, is SlashDB...

My Levels of Postman API Environment Understanding To Date

06 January 2020
I have been a pretty hardcore Postman user since the beginning. Over the years I felt like I understood what Postman was all about, but one of the first concepts that blew up my belief around what Postman could do was the concept of the Postman environment. Like other Postman features, environments are extremely versatile, and can be used in many different ways depending on your understanding of Postman, as well as the sophistication of the APIs and the workflow you are defining using Postman. My Postman environments awakening has occurred in several phases, consistently blowing my mind about what is possible with Postman and Postman collections. Postman environments are already one of the edges I have given Postman collections over a pure OpenAPI definition—it just provides more environmental context than you can get with OpenAPI alone...

Postman Collections For Pulling My Twitter Friends And Followers

06 January 2020
I have been cranking out the Twitter API capabilities lately, crafting single request Postman collections that focus on a specific capability of the popular social API. I use the API for a number of different things around API Evangelist, and as I assess how I use the social media API I wanted to be engineering my integrations as Postman collections so I can better organize and execute using Postman, while also adding to the list of API capabilities I’m sharing with my audience of developers and non-developers. Today I cranked out two individual Twitter API capabilities helping me better manage my Twitter followers and friends: Twitter Followers - Pulls your Twitter followers 200 at a time, saves them within an environment, then allows you to increment through each page of followers, eventually pulling and storing all of your followers...

Pricing Comparison for Screen Capture APIs

03 January 2020
There is a pricing comparison between 33 separate screen capture APIs halfway down the page on this interesting piece about how to choose the right screen capture service. This type of comparison should exist across every business sector being impacted by APIs, as well as new ones emerging to introduce entirely new digital resources for use in our desktop, web, mobile, device, and network applications. Sadly, right now these types of machine readable, let alone human readable lists do not exist across the sector. Assembling these types of comparisons takes a lot of time and energy, and aren’t always possible in a special API snowflake of a world where seemingly similar APIs are actually very different beasts—sometimes intentionally, but usually unintentionally...

Not Just An API Provider But Also An API Matchmaker

03 January 2020
Your API is always the best. Of course it is. However, not everyone will see the value your API delivers without a little enlightenment. Sometimes the value of an API is missed in isolation when you are just looking at what a single API can do. To help developers, as well as business users understand what is possible it can help to connect the dots between your API and other valuable 3rd party APIs. This is something you see from API providers who have integration pages showcasing the different integrations that are already available, and those who have invested in making sure their API is available on integration platform as a service (iPaaS) providers like IFTTT and Zapier. If a new user isn’t up to speed on what your API does, it can help to put it side by side with other APIs they are already familiar with...

The Many Differences Between Each API

03 January 2020
I’m burning my way through profiling, updating, and refreshing the listings for about 2K+ APIs in my directory. As I refresh the profile of each of the APIs in my index I am looking to make sure I have an adequate description of what they do, that they are well tagged, and I always look for an existing OpenAPI or Postman collection. These API definitions are really the most valuable thing I can find for an API provider, telling me about what each providers API delivers, but more importantly it does the same for other consumers, service and tooling providers. API definitions are the menu for each of the APIs I’m showcasing as part of my API research. As I refresh the profile for each API I re-evaluate how they do their API, not just the technical details of their API, but also the business and on-boarding of their API...

What Is The API Life Cycle?

02 January 2020
I regularly struggle with the words and phrases I use in my storytelling. I’m never happy with my level of word-smithing, as well as the final output. Ultimately I don’t let it stop me, I just push myself to constantly re-evaluate how I speak, being forever critical and often pedantic about why I do things, and why I don’t. One word I struggle with is lifecycle. First I struggle with it being a word, or two words. Historically I have been team word, but more recently I’ve switched to two words. However, this round of anxiety over the phrase is more operational, and existential, over it being about how I use the word in my storytelling. I am more interested in if we should even be using the phrase, and if we are, how do we get more formal about quantifying exactly what we mean by the API life cycle...

Deploying My Postman OpenAPI To AWS API Gateway

02 January 2020
I created a bunch of different Postman collections for AWS services leading up to re:Invent this year, and now I’m using individual requests to deliver on some different Postman AWS API life cycle workflows. To flesh out the scaffolding for how I define and deliver APIs throughout their API life cycle I got to work on a Postman collection for defining and executing every single stop in my API life cycle in a way that I could consistently apply across many different APIs. I am using Postman to define the central truth of each of my APIs with OpenAPI, and I want to use Postman to deliver and execute on that truth across every single stop along the API life cycles. One of the more critical stops I wanted to provide a solution for was API deployment, providing me with a simple way to immediately deploy an API from an OpenAPI definition...

A Postman Collection for Managing the Life Cycles Of My APIs

02 January 2020
I had grown weary of just researching, talking, and teaching about the API lifecycle over the last ten years as the API Evangelist. This was one of the major motivators for me to join the Postman team. I want to take my knowledge of the API life cycle and work to make sure the rubber meet the road a little more when it comes to actually realizing much of what I talk about. I began investing in this vision over the holidays by crafting a Postman collection that isn't for defining a single API, it is meant to define the life cycle of a single API. I can manage multiple stops along the API life cycle already with Postman--I just wanted to bring it all together into a single machine readable collection that uses the Postman API, but also other APIs I use to orchestrate my world each day...

2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 |