The API Evangelist Blog - 2020

This blog is dedicated to understanding the world of APIs and exploring the technology, business, and politics of APIs.


I Am Speaking About Powering the API Lifecycle with Collections & Environments Tomorrow at @APIdaysGlobal INTERFACE

29 June 2020
I am speaking tomorrow at 1PM Pacific time about using Postman collections and environments to define and power the API lifecycle at apidays INTERFACE. I am stoked that I get to have a dream job where I get paid to push forward ideas at this level, and wanted to share some of the ways I am using OpenAPI in conjunction with Postman collections and environments to define then execute across the API lifecycle for a variety of APIs. My talk is going to walk through the relationship between an OpenAPI and collections, but also begin pushing forward the notion of what collections are for, while also demonstrating that environments can be used for much more than just a place to put your API tokens and keys...

API Examples, Schema, Mocks, Static, Synthetic, Dynamic, Data, Functions, Frameworks, Gateway, Deployment, Documentation, and Client

24 June 2020
My head is swirling from a flurry of exciting meetings around what different Postman features are being worked on currently. I can’t speak directly on the features until they are released, but I am keen on pushing forward my understanding of the stops along the API lifecycle being served so that I can be articulate in meetings, while also helping light the fire under my readers imagination about what is possible with APIs. Today my head is moving very rapidly across the types of APIs I am producing or seeing produced, as well as the variety of approaches employed to bring these APIs to life—spanning from simple mocking of an API to full blow deployment of APIs at scale across multiple platforms, frameworks, and languages...

The Stops Along a Multi-Protocol API Lifecycle

12 June 2020
I spent the last week looking through open source tooling built around leading API specifications. If you are tuned into the RSS or Twitter feed from this blog you probably saw the exhaust from my research. People who don’t understand what API Evangelist is about often see these as listicle posts, and are confused by my erratic scheduling and release of these posts. If you understand that API Evangelist isn’t a tech blog in the normal sense, and that it is my professional API workbench, then you understand I am often times working towards some sort of research goal with each post. Well, this post is the next step in that research, taking me 12 separate research sprints to look through the API specification layer of our industry...

The Open Source Community Tooling Built on Avro

11 June 2020
Continuing my march through the event-driven and message-driven world of API specifications I am workking my way through the open source tooling that is built on the Avro specification.  I am looking to better understand how the data serialization system is being put to work, and the relationship with the other layers of the API specification conversation. Here is the top tooling I'm tracking on when it comes to Avro, organized by group. Specification avro - (forks: 1066) (stars: 1594) (watchers: 1594) - apache avro is a data serialization system. Registries schema registry - (forks: 736) (stars: 1234) (watchers: 1234) - confluent schema registry for kafka schema registry ui - (forks: 88) (stars: 321) (watchers: 321) - web tool for avro schema registry | schemer - (forks: 3) (stars: 90) (watchers: 90) - schema registry for csv, tsv, json, avro and parquet schema...

The Open Source Community Tooling Built on API Blueprint

11 June 2020
Last on my list of API specifications to profile is API Blueprint. Once, one of the more promising API specifications leading the API design first charge, post acquisition there isn't a whole lot of forward motion. However, API Blueprint still provides a pretty compelling view of the landscape, and is worth tuning into to understand what is happening. Here are the API Blueprint open source tools I harvested from the GitHub API and organized by stop along the API life cycle they are serving. Specification api blueprint - (forks: 2095) (stars: 7969) (watchers: 7969) - api blueprint Generators aglio - (forks: 489) (stars: 4480) (watchers: 4480) - an api blueprint renderer with theme support that outputs static html laravel blueprint docs - (forks: 27) (stars: 204) (watchers: 204) - api blueprint renderer for laravel, customizable via blade templates Toolchains snowboard - (forks: 100) (stars: 641) (watchers: 641) - api blueprint toolkit Converters api spec converter - (forks: 91) (stars: 616) (watchers: 616) - convert api descriptions between popular formats such as openapi(fka swagger), raml, api blueprint, wadl, etc...

The Open Source Community Tooling Built on Protocol Buffers

11 June 2020
Moving on in my API specification research I am continuing beyond just gRPC and looking at how Protocol Buffers are used across the space. GitHub provides a pretty good way to pull a snapshot of the community around Protocol Buffers, by measuring the engagement with open source tooling being built on top of the specification. Here are the top open source tools I pulled from this round of research into Protocol Buffers, organized by what they deliver. Specification protobuf - (forks: 11358) (stars: 42046) (watchers: 42046) - protocol buffers - google's data interchange format Serialization flatbuffers - (forks: 2251) (stars: 14468) (watchers: 14468) - flatbuffers: memory efficient serialization library protostuff - (forks: 248) (stars: 1419) (watchers: 1419) - java serialization library, proto compiler, code generator openrtb - (forks: 155) (stars: 353) (watchers: 353) - openrtb model for java and other languages via protobuf; helper openrtb libraries for java including json serialization Language Libraries protobuf - (forks: 1260) (stars: 6714) (watchers: 6714) - go support for google's protocol buffers protobuf...

The Open Source Community Tooling Built on RAML

11 June 2020
I have made my way through the open source community around Postman, OpenAPI, Swagger, AsyncAPI, JSON Schema, GraphQL, gRPC, Protocol Buffers, and Avro. Next up is RAML. Looking at the open source tooling built around the API specification, providing another look at how enterprise organizations are defining their APIs. Here is the current listing of open source tools built on to of RAML, loosely broken down by the areas of API operations that they serve. Specification raml spec - (forks: 815) (stars: 3610) (watchers: 3610) - raml specification Code Generation autorest - (forks: 545) (stars: 2861) (watchers: 2861) - openapi (f.k.a swagger) specification code generator. supports c#, powershell, go, java, node...

The Open Source Community Tooling Built on Thrift

11 June 2020
Continuing my journey through all of the leading API specifications I pulled the top open source projects that I could find via via the GitHub API. Pulling the cream off the top of what is being built, allowing me to loosely organize them by stop along the API life cycle. Resulting in an interesting mix of open source tools in a variety of languages, and platforms. Framework finagle - (forks: 1352) (stars: 7638) (watchers: 7638) - a fault tolerant, protocol-agnostic rpc system fbthrift - (forks: 475) (stars: 1931) (watchers: 1931) - facebook's branch of apache thrift, including a new c++ server. zys - (forks: 278) (stars: 813) (watchers: 813) - high performance service framework based on yaf or swoole spring cloud microservice - (forks: 236) (stars: 364) (watchers: 364) - spring-cloud-microservice-examples hprose - (forks: 34) (stars: 326) (watchers: 326) - hprose is short for high performance remote object service engine...

The Open Source Community Tooling Built on AsyncAPI

11 June 2020
Continuing my dive into the open source tooling around leading API specification I am looking at AsyncAPI. The event-driven and message-driven API specification is sitll fairly new so the community isn't nearly the size of OpenAPI or Swagger, but there is plenty of insights to mine from what is being built. Here is the list I have compiled so far when it comes to AsyncAPI, something I've grouped, but will keep adding to and evolving as I continue this work. Specification asyncapi - (forks: 77) (stars: 1139) (watchers: 1139) - the asyncapi specification allows you to create machine-readable definitions of your asynchronous apis. Documentation widdershins - (forks: 208) (stars: 665) (watchers: 665) - openapi / swagger, asyncapi & semoasa definitions to slate / shins compatible markdown generator - (forks: 54) (stars: 113) (watchers: 113) - use your asyncapi definition to generate literally anything...

The Open Source Community Tooling Built on JSON Schema

11 June 2020
I am picking up my research into the open source tooling that is built around the common API specifications, and after looking at Postman collections, OpenAPI, Swagger, GraphQL, and gRPC, I wanted to look at JSON Schema. OpenAPI, AsyncAPI, and others use JSON Schema, and the ways in which JSON is used applies acros sthe API lifecycle. Here is the cream off the top of the open source tooling that I found being built on top of JSON Schema--providing another interesting dimension of what is happening. Normalization normalizr - (forks: 774) (stars: 19032) (watchers: 19032) - normalizes nested json according to a schema Forms react jsonschema form - (forks: 1365) (stars: 8497) (watchers: 8497) - a react component for building web forms from json schema...

The Open Source Community Tooling Built on gRPC

09 June 2020
I am getting time to map out the diverse API toolbox landscape I see unfolding lately. I am aggregating the most used open source projects across the leading API specifications in use. While gRPC is more of a style or pattern than it is a specification--it is a fast growing standard. I'll be doing a separate analytics of Protocol Buffers, but I wanted to look at the cream on top of what is being build within the gRPC community. Revealizing almost a hundred open source tools loosely organized by what they deliver as part of the API lifecycle. Specification grpc - (forks: 6625) (stars: 26420) (watchers: 26420) - the c based grpc (c++, python, ruby, objective-c, php, c#) Implementations grpc - (forks: 6625) (stars: 26420) (watchers: 26420) - the c based grpc (c++, python, ruby, objective-c, php, c#) rpcx - (forks: 772) (stars: 4675) (watchers: 4675) - a zero cost, faster multi-language bidirectional microservices framework in go, like alibaba dubbo, but with more features, scale easily...

The Open Source Community Tooling Built on GraphQL

09 June 2020
I have done several dives into the world of GraphQL. As part of some API specification work I am not getting another chance to look at what the open source community around GraphQL looks like. Along with other API specifications in our modern API toolbox, I am looking at how GraphQL is being leverage, and what the motivations are behind the open source tooling that has emerged. Resulting in the following list of the cream off the top of the open source tooling build on top of GraphQL, broken down by different stops along the API lifecycle. Formatting prettier - (forks: 2366) (stars: 36727) (watchers: 36727) - prettier is an opinionated code formatter. Server Code strapi - (forks: 3163) (stars: 25979) (watchers: 25979) - 🚀 open source node...

The Open Source Community Tooling Built on Postman

08 June 2020
I am finally finding time to pick up some old work quantifying the open source that has risen up around API specifications. I am pulling all of the open source tooling available on GitHub when you search for "Postman". A portion of this is open source by Postman, others are collections built by API providers helping developers on-board more quickly, but there is another set of tooling that builds on top of the concept of Postman collection as a specification. Providing an interesting look at what developers are wanting when it comes to integrating the Postman platform into their oeprations. I have a longer list of everything, but here is the cream off the top. Documentation postmanerator - (forks: 69) (stars: 470) (watchers: 470) - a http api documentation generator that use postman collections docgen - (forks: 52) (stars: 335) (watchers: 335) - transform your postman collection to html/markdown documentation docodile - (forks: 23) (stars: 54) (watchers: 54) - generate html api documentation from a postman collection docman - (forks: 18) (stars: 47) (watchers: 47) - a simple page to generate documentation from postman collections Postdown - (forks: 14) (stars: 36) (watchers: 36) - generate markdown api document from postman...

The Open Source Community Tooling Built on Swagger

08 June 2020
I am finally finding time to pick up some old work quantifying the open source that has risen up around API specifications. I just pulled all the GitHub repos when you search for "Postman" and "OpenAPI", and now I wanted to do "Swagger". I'm looking to evaluate the cream off the top of what is going on in each of these buckets, but also eventually evaluate the long tail of what is going on. I've been trying to understand the evolution of Swagger 2.0 to OpenAPI 3.0 from a tooling perspective for some time now--this is me getting a handle on what is happening. Here is the top repositories when you search for "Swagger" on GitHub, roughly broken down by the stops along the API lifecycle they are serving...

Setting Up API Broker Workspaces

08 June 2020
I had begun playing around with the concept of API brokers back in 2014, and it is something that is recurring and evolving in a handful of the conversations I am having in the Postman ecosystem lately. API brokering is the concept that instead of developers directly engaging with all of the public APIs they will ned for an application, that a professional API broker could discover, sign-up, setup applications, and aggregate documentation, client libraries, and other essential items for developers. So all an application developer has to do is fire up a workspace, and they have all the docs, code, keys, and other elements ready to go for them to just start building. Saving an organization time and money by outsourcing much of the tedious work involved with discovering APIs, on-boarding with them, and preparing to build an API, letting organizations focus on what they do best...

The Open Source Community Tooling Built on OpenAPI

08 June 2020
I am finally finding time to pick up some old work quantifying the open source that has risen up around API specifications. I am pulling all of the open source tooling available on GitHub when you search for "OpenAPI". I just published the same assessment of searching for "Postman", but since Postman's API builder is centered around OpenAPI, it makes sense to do the same for OpenAPI. I'm looking to develop a understanding with many of the tooling provider listed here, but I am also looking to understand what developers are needing when it comes to OpenAPI. I have gone through the cream off the top of the search for "OpenAPI" on GitHub and here is what I have come up with so far. Specifications OpenAPI Specification - (forks: 6456) (stars: 17676) (watchers: 17676) - the openapi specification repository Parser swagger parser - (forks: 96) (stars: 604) (watchers: 604) - swagger 2...

The Building Blocks of API Sharing and Collaboration

05 June 2020
I am tasked with defining what sharing and collaboration means when it comes to API operations at work. I have never had a tool like Postman to help me define how we work as a team across an organization. Normally, I just do a lot of hand waving and say, “you do it like this”, and call it good. With Postman, I now have an opportunity to anchor what I am talking about using the current state of the Postman platform, as well as help shape the future by influencing the Postman road map.  To help me prepare for more coherent storytelling on the Postman blog, and as part of other conversations, I want to work my way through what the core features of Postman are when it comes to sharing and collaboration...

Writing and Working in a COVID-19 #BlackLivesMatter Uprising Storm

05 June 2020
Business is anything but usual these days. I have a lot of time on my hands when it comes to writing and working online, but the reality in the chair is anything but easy. When I sit down to tackle even the most basic of tasks I can usually make it through about 50% of the work before I feel drained, and left with a blank screen for a brain. In addition to COVID-19 and the #BlackLivesMatter uprising, we also lost the kid this month. Making for a swirling emotional mess of a reality that really isn’t conducive to doing much beyond just reading a book or watching a movie. Looking through my notebook there are numerous half, or even complete stories about APIs I could be publishing, but my blank screen of a brain can’t even properly edit them, let along grock and finish many of the API stories I was pushing forward...

What Layer Are You Used to API Complexity Being At?

22 May 2020
I’d say one of the most controversial aspects of the world of APIs involves the places where people are used to and prefer to deal with API complexity at. After you look at thousands of APIs you begin to better understand where people introduce complexity into the design of an API, and as more people become familiar with any single approach they are much more likely to stick with it over time, bake it into their APIs, and passionately believe it is the normal pattern that everyone else is and should be using. You can see what I am talking about at the heart of the microservices debate, where the API complexity is dealt with at the API level, or in the number of APIs you have—something many increasingly are finding to be unacceptable...

Where is the API Value?

08 May 2020
I had some thoughts bouncing around in my head the last couple days about where the value in this whole API game actually resides. When it comes to the types of APIs I am seeing be deployed, and where I see things head in the near future, I wanted to try and map out where the different moving parts of an API are, and assigning value to each component. At first I just wanted to think more deeply about how Claude Shannon the father of information theory would see (or not see) the value in APIs. In 1948 Claude Shanno wrote in his Mathematical Theory of Communication: The fundamental problem of communication is that of reproducing at one point either exactly or approximately a message selected at another point...

API Spec-First Development

07 May 2020
I am fleshing out ideas from a couple of recent conversations around API life cycle religion and philosophy. We’ve made our way through several lofty ideologies around how you should or shouldn’t do APIs, and next up in the queue is API specification first, or API spec first development. I like the phrase. I like it a lot. However, I am afraid if we aren’t being precise in what we mean by it we might be sacrificing a more meaningful usage of it for delivering a certain class of API that is meant for reuse. This is another one of my pedantic API definition stories, but since it is meant to help me use my words better in these conversations I am having, and secondarily for a wider reading here on the blog, you are going to have to bear with me as I work through my feels about API spec first development (should there be any dashes in there?) To help guide me in my work, I am using my API reference implementation “Union Fashion” as a foundation for this narrative...

The Basics of Postman Role Based Access Control (RBAC)

05 May 2020
I am working up towards a loftier piece on the importance of RBAC to the API life cycle, and as part of my research I was going through all of the documentation postman has for roles and permission at the team, workspace, api, and collection levels. RBAC is one of those layers of the API discussion that touches on almost every other layer, making it an area you have to not just think about at the microscopic levels within workspaces, but also at the macro level thinking about organizational and team level impact. I’m feeling like I am going to need to flesh out several dimensions of what is RBAC here on the blog, as well as the other critical factors of what influences RBAC across operations...

Blog Posts to Work Through My API Task List

05 May 2020
I would say today reflects the purpose of API Evangelist in my world. Helping me get through the work I have on the table, while expanding my awareness of what is going on in the world of APIs. Most people think my blog is for them, and it is, but first and foremost it is about me working through my ideas and projects. I haven’t been feeling like writing much during the current situation we find ourselves in, but this morning I was needing some help getting to some items on my task list that have been sitting a little to long. Resulting in three posts here on the blog, and me remember why I do this, which always helps me find renewed energy in my work. I have about 10 different items I was looking to accomplish today, but three of them made for pretty worthy stories that helped me better understand what is going on while also pushing me to articulate my ideas to other people...

Learn by API

05 May 2020
I was playing around with my co-worker Sue Smith’s Learn by API project today, and found it to be a pretty powerful usage of Postman for not just teaching users about Postman, but also teach them about healthy practices when it comes to API design. The Learn by API Postman collection provides an interesting building block for development of other introductory API concepts, but also API design concepts in service of a formal API governance strategy across an organization. I recommend you just click on the Run in Postman button for the Learn by API to collection to better understand the potential, but I’d also like to break down what she did to help illustrate how it could be used as an API education and training blueprint...

HHS and CMS Finalizes Rules to Provide Patients More Control of Their Health Data Using APIs

05 May 2020
I have had a pretty massive API story in my notebook for a couple of weeks now that I just didn’t have the emotional bandwidth to process, but eventually I’m finding the energy to think about APIs at this scope. The TL;DR is that the US Health & Human Services (HHS) finalized a historic rule to provide patients more control of their health care using APIs--from the HHS announcement: “ONC’s final rule establishes secure, standards-based application programming interface (API) requirements to support a patient’s access and control of their electronic health information. APIs are the foundation of smartphone applications (apps). As a result of this rule, patients will be able to securely and easily obtain and use their electronic health information from their provider’s medical record for free, using the smartphone app of their choice...

The Quickest Way To Make An Idea for an API Usable By Others

04 May 2020
I have used Postman in a handful of webinars and takes recently to demonstrate how you can quickly go from idea to a tangible usable API. My goal is to equip myself with a way to I can quickly demonstrate an API I have in my head to someone else in five minutes or less. This is a walkthrough of that process, hopefully showing you a quick way to be more effective in how you share and collaborate around APIs. Allowing anyone, even non-developers to make their abstract ideas a little more tangible and real for others. Oakland Restaurants JSON To demonstrate how you can quickly deploy an API using Postman I’ve compiled a list of some of the restaurants in Oakland (where I live) that are still open for take-out and delivery...

Using Postman Workspaces and GitHub Repositories Together

01 May 2020
I find that it helps to have defined boundaries for your APIs. If you have the resources and interest I recommend studying subjects like domain driven design. Investment in properly defining the boundaries of your organization and lines of business is a very worthy endeavor—if you have the time. However, if you already have a lot on your plate, and are just looking for incremental changes that can help make your life easier when it comes to the API sprawl we’ve introduced into our worlds, I recommend just spending a few moments thinking about how you can better use Postman workspaces to dive and conquer your API landscape. I have begun using Postman workspaces in similar ways that I use GitHub repositories...

An API Deployment Narrative

01 May 2020
This is the narrative from one of the last webinars I did for Postman oin my API-first e-commerce reference implementation Union Fashion. I always try to write what I am going to be saying furing a webinar so that it is loaded up in my brain in a natural way---think Neo learning Kung Fu before sparring with Morpheus. Anyways, here is the narrative, with accompanying video embedded below, helping share the narrative behind how I am building Union Fashion, trying to learn, grow, and expand how I use APIs out in the open, so that others can learn along the way. Jeff Jones the VP of Engineering at Union Fashion has been working to get more organized about how they deliver applications using APIs at the company...

API Deployment Collections - AWS API Gateway, Lambda, and RDS

21 April 2020
After over a decade of API evolution, API deployment is still much more of a dark art than it is something that ever sees the light of day. Sure you can setup a pipeline for an API, making a known pattern a repeatable process, but there isn’t much consistency out there when it comes to repeatable patterns for use across many different APIs. Certain vendors are working on optimizing the API deployment cycle within the context of their platforms, but I’ve always wanted to see more open blueprints for how APIs can be deployed, designed for applying across a mix of APIs which are defined using OpenAPI. To push this conversation forward I began exploring what the common patterns for API deployment on the leading cloud providers would look like, and if it was something I could accomplish using API infrastructure, which mean that I can do using Postman...

API Deployment Collections - AWS API Gateway and DynamoDB

21 April 2020
After over a decade of API evolution, API deployment is still much more of a dark art than it is something that ever sees the light of day. Sure you can setup a pipeline for an API, making a known pattern a repeatable process, but there isn’t much consistency out there when it comes to repeatable patterns for use across many different APIs. Certain vendors are working on optimizing the API deployment cycle within the context of their platforms, but I’ve always wanted to see more open blueprints for how APIs can be deployed, designed for applying across a mix of APIs which are defined using OpenAPI. To push this conversation forward I began exploring what the common patterns for API deployment on the leading cloud providers would look like, and if it was something I could accomplish using API infrastructure, which mean that I can do using Postman...

Running and Organizing AWS Lambdas with Postman Collections

20 April 2020
I am auto-generating and manually producing a number of Postman collection lately. I am creating a Postman collection that autogenerates AWS Lambdas from an OpenAPI stored in the Postman API builder, as well as a handful of infrastructure AWS Lambdas that accomplish bigger picture items like creating a database in RDS, or zipping up AWS Lambda packages to deploy APIs. So, I have a lot more AWS Lambdas laying around that I am needing to organize and put to use. I find the first rule of AWS Lambda club is remembering you created the thing in the first place and remember to actually put the thing to use—when you have so many of them laying around, you need a way to make them more discoverable, browsable, and usable in your everyday lives, something Postman excels at...

The Layers of the API Specifications, Definitions, and Schema Onion

18 April 2020
I struggle with using the right words in my API storytelling. Striking a blend between what people are saying across the sector, and what people should be saying. There are many words and phrases in the space that help describe what it is they do, while there are others that confuse more than they describe anything in particular. Mostly I struggle because all of this API stuff can be complicated and very abstract, but also because I can be a little dyslexic at times, seeing some words as interchangeable, depending on what day it is. To help me (once again) think through the world of API definitions, I wanted to riff off of my talk from AsyncAPI virtual conference this week and peel back the layers of the API specifications, definitions and schema onion...

We Should Have Built an API First

15 April 2020
It has been a while since I wrote a simple breakdown of why APIs matter, but also why API-First matters. I went down the API-First rabbit hole with API-First [Design || Code] and API-First [Business], but I haven’t just made the basic case of why we should have built an API in the first place. It really isn’t a concept you full grasp until you’ve made the very costly mistake of being API-Last several times over, so it makes sense to break things down into a single blog post to help folks [hopefully] learn from without going down the same paths I’ve been in my application development career. To help on-board folks with what I mean when I say API-First, let’s recap how we got here with a simple finctional product API story...

Growth in the Number of API Collections Over the Last Five Years

15 April 2020
There are surprisingly few meaningful API numbers to showcase across the API sector. There are few API or API service providers who have a view of the landscape that can produce meaningful numbers, and most prefer to keep their numbers close to their chests for a variety of reasons. Over the last decade we've all grown accustom to the Programmable Web hockey stock chart showing the number of public APIs added to the PW directory, due to the ubiquitous graphic being used in conference talks and blog posts since before 2010. I've always been a big advocate of API service providers developing and sharing their data, something that hasn't diminished at Postman. Postman has a pretty unique view of the API landscape, possessing many interesting data points...

Real Time Email Notifications About API Deprecations Down the Road

13 April 2020
I got an email from GitHub after firing up an older Postman collection I had. The collection was originally engineered to just pass in a GitHub token using a query parameter, which historically has been accepted, but is something that will be going away soon. It makes sense, and while query parameters are much easier for authentication, using headers is just a more logical and secure way to pass your tokens in with each API call. The token usage itself isn't what caught my attention, what gave me pause was the usage of real time email to notify users of features they are currently using which will be going away in the future. Here is the amil I got my GitHub about my usage of the deprecating access token query parameter: Hi @kinlane,On March 24th, 2020 at 03:55 (UTC) your personal access token ([TOKEN NAME) using [USER AGENT] was used as part of a query parameter to access an endpoint through the GitHub API:https://api...

Establishing an API-First Reference Implementation

06 April 2020
I do a lot of API blah blah blah’ing about abstract technical concepts. Sometimes I am able to craft a coherent narratives around some complex technology goings on, but most of the time I am just practicing. Workshopping different concepts until I find one that will make an impact on the way folks see APIs. One of the challenges I face in my storytelling is that I operate too far into the abstract, and not making the rubber meet the road enough. Another challenger I face is going too far down the rabbit hole with a particular companies implementation, which usually turns down the volume significantly on my storytelling, because most companies, organizations, institutions, and government agencies aren’t equipped to be 100% transparent about what they are doing...

Crowdsourcing COVID-19 Testing Location Data

03 April 2020
I have been heads down working on resources for Postman's COVID-19 response, pulling together a variety of COVID-19 data and information that developers (and non-developers) can put to use when trying to make sense of what is going on around us. Identifying existing API resources that were available, while shining a light on the hard work of others was the first wave of our response, but along the way we identified some areas where there were no existing APIs, and felt there was an opportunity to step in. So I got to work on developing a couple of proof of concepts (POCs) that we could rally around as a company, and further contribute to the COVID-19 / Coronavirus fight. One of the POCs that came out of this work was an idea for crowdsourcing COVID-19 testing location data, resulting in a pretty interesting blueprint for making data available as APIs, which could be used for a variety of open data efforts—not just COVID-API testing locations...

COVID-19 Data and Information

26 March 2020
When it comes to coping with the stressful world unfolding around us I like to lose myself in my work. Data and APIs is a great way to tune out the world and keep myself busy while in isolation. Like most other technosolutionists I want to do some good in this crazy time, even if I don’t quite fully know what that means. So, to help me define what that means I sat down and began scratching at what was already occuring across the landscape. Identifying what sources of data were available out there, and what types of information was available which would truly make a difference in everyones world--not make it worse. Informational API Collections To begin I wanted to better understand where the top sources of information were, so I began documenting who the most relevant government agencies were in the COVID-19 conversation, going directly to the source of information at the highest levels...

A Proof of Concept API Service Tier

12 March 2020
If you  have followed me over the years you know that I get very frustrated by the access or lack of access to APIs, as well as the services and tooling that target the sector. As someone who is perpetually kicking the tires of API providers and service providers, not being able to on-board at all, on-board without my credit card, or one of the many other ways companies introduce friction, I find myself regularly pissed off. So anytime someone makes my world easier, and accommodates my need, desire, and obsession with playing with every damn API tool out there I have to say something. Today’s example is from my partner in crime Tyk, with their proof of concept option  Tyk acknowledges that most of us might not be ready for pro status—we just need to kick the tires a bit...

The Official Cloudflare API Postman Collection

12 March 2020
I use Cloudflare for my DNS. I like the threat protection they offer, the dead simple DNS management, and their robust API. I automate the management of a handful of my domains. Providing maintenance on 100 of my API life cycle, couple hundred API landscape sites, and the range of tooling, APIs, and other side projects I have. I’ve written several times about how Cloudlare weaves their API into their UI, so I am happy to write about their new Postman collection for the complete Cloudflare API. The Clouflare API Postman collection provides 447 individual API requests organized into different folders, making the entire surface area of the API much easier to navigation and make sense of what is going on...

API-First [Business]

10 March 2020
I am working my way through defining a more precise definition of what API-first means which I can use across my API storytelling and conversations. I workshopped the widest definition possible of what API-First means to me yesterday, and be the end of the day I posted another more precise definition of what API-First means to a more technical crowd which I dubbed API-First [Design || Code]. Today, I’m once again thinking more about the business side of the conversation, and focusing on what I would like to eventually be a more precise definition of what API-First means to business stakeholders, which I am dubbing as API-First [Business]. As I said in my broader definition of API-First, if these conversations aren’t including business stakeholders we are doing it wrong...

API-First [Design || Code]

09 March 2020
I worked through my thoughts on what API first is, which I consider to be the outer layers of what is going on when we use this phrase. I wanted to focus on the technical and business rift that exists in this discussion first, now I want to dive into the more technical core of this phrase, and get to the heart of how developers are going to see this phrase. Depending on the type of developer you are, and your exposure to different aspects of the API industry or API operations within your organization you are going to make different assumptions about what API first is or isn’t. Some will feel it is more just about doing APIs before you build applications, while others are going to see it as being more about going API design first, before you ever write any code...

What Is API First?

09 March 2020
I really struggled with this piece on API-first. It is one of those holistic API advice pieces I am very conflicted about. API-first feels like yet another marketing phrase or latest trend like microservices. So as I am writing down my thoughts over the last couple weeks on this, my bullshit-o-meter kept going off. Honestly it still is, but I still feel like there is enough value here that I can move forward with a story. As my co-worker Joyce rightfully pointed out in a meeting recently, API-first is one of those phrases we regularly throw out there without much assessment, agreement, or real definition of what it means. That is one reason it feels so wrong at times, because I feel like it is one of those feel good things we throw out there, but never really think too deeply about while doing, or after it fails and we’ve moved on to the next thing...

What Is My API Network

06 March 2020
I am working on the vision for the Postman Network. As I do with everything, I want to start with the basics human aspects of what is going on, and then relate them to the more technical and then business aspects of it all. Right now, the Postman Network is a listing of teams and individuals who have published Postman collections under a handful of categories. While visiting the network you can browse collections by category or search by keyword, and view the team or individual profile, select the “Run in Postman” button, or view the documentation. My goal is to brainstorm what is next for the Postman network, but also help define what network means in a world of API collaboration...

The Building Blocks of API Partner Programs

04 March 2020
I’m doing a deep dive into partner API research, taking a fresh look at how API providers and service providers are operating their partner programs. I looked through around a hundred partner programs I have indexed, and listed a few of the notable ones below. It can be difficult to study partner API programs because many organizations consider their API program a type of partner program by itself, and then there are also a lot of partner APIs, providing actual services involving partners, providing programmatic access to a variety of partner resources. I’ll be rolling up this research into several other more formal strategies and guides that I will publish as part of API Evangelist, but like I do with all my work I wanted to publish my notes and research here as I’m working through...

Postman API Reference and Capability Collections

04 March 2020
Postman collections are a great way to document every detail of an API, defining the host, path, parameters, headers, and body of each API request. Allowing any single API request to be captured as a machine and human readable Postman collection that can be shared and used by any technical or non-technical user. The most common approach to defining a Postman API collection is to document the requests across all available APIs, providing a complete collection of all API requests that can be made, then using that reference to mock, document, test, monitor, and execute individual requests manually or as part of any automated process.  However, there are other ways to evolve these requests to ensure that they more closely resemble common business tasks, accomplishing everyday activities that technical and non-technical individual need to accomplish...

Peeling the OpenAPI-Driven API Life Cycle Collaboration Onion

03 March 2020
I am trying to better understand how we all work together to deliver and consume APIs. Fleshing out more meaning behind some of the common words we use in the space such as collaboration, platform, hubs, workspaces, feedback looks, comments, sharing, notifications, and other communication channels. I want push my thoughts forward on what the gears of API collaboration are, and how we can better work together to move many different APIs forward as provider and consumer. API collaboration isn’t very straightforward, and in my mind there are several layers to how things actually are playing out across the API landscape. This is my best attempt at breaking things out into different buckets for helping us make sense of how we are working together to move API infrastructure forward at the organizational and industry level...

The Technology, Business, and Politics of the OpenAPI Conversation

02 March 2020
I was pondering a tweet from Aidan Cunniffe (@aidandcunniffe) over at Optic they other day.  He was expressing what he says is a “controversial opinion that keeps getting backed up by conversations. Each version of OpenAPI and JSON Schema map to ~15 versions. All the implementations by vendors, cloud providers, and open source libs implement a useful (but not always the same subset.” I don’t think it is a controversial opinion at all, I think he points to a pretty critical deficiency in our belief around APIs and specifications like OpenAPI. Something that begins with the specification itself and how it evolves, but as Aidan points out, echoes out through API service and tooling providers, but then also across API providers themselves who put the OpenAPI specification as part of their own operations...

Design and Build API with Postman

25 February 2020
I am doing more talks and workshops within enterprise organizations educating teams about designing and building APIs, helping Postman customers be more successful in not just using Postman, but in defining, designing, delivering, supporting, and evolving high quality APIs using Postman. 90% of the teams I work with are still build-first when it comes to delivering API capabilities across the enterprise, so we are invested in helping bring that number down. Empowering teams to go API-first when it comes to designing and building their APIs, moving beyond the more costly approach of writing code first, and develop more healthy practices that involve business and technical stakeholders in the process...

Managing API Secrets Using Postman Environments

24 February 2020
Postman environments are machine readable definitions of design, development, staging, and production environments that can be used across API operations. When used properly they contain the keys, tokens, and other secrets needed for authorizing each individual, or collection of API requests. Making them an excellent place to begin getting more organized about how API secrets are applied, managed, and audited across teams. Secrets can also be littered throughout Postman collections, but when collections and environments are used properly, developers should be isolating secrets to environments, helping make sure Postman collections contain the technical details of the surface area of an API, but the unique values applied to each API is actually present as part of well defined Postman environments...

Content Negotiation for APIs and the Web

24 February 2020
APIs often seem like another one of those very technical acronyms that only the most technical people will care about. If you don’t aspire to be a software developer, why should you ever care about what application programming interfaces (APIs)? To push back on this notion I regularly push myself to make APIs more accessible to business users. I feel it is important that anyone who use the web daily as part of their professional career should possess a working understanding of the tool(s) they depend, and have a grip on how APIs aren’t some add-on to the World Wide Web we depend on each day--understanding that APIs and the web are one and the same. Over the last twenty years the web has became a fundamental aspect of how we do business online, and APIs are just the latest evolution of how the web is being put to use to use as part of the digital transformation businesses are going through across every business sector today...

The Caltech University API Landscape

19 February 2020
I regularly take a look at what different universities are up to when it comes to their APIs. I spent two days talking with different universities at the University API summit in Utah a couple weeks back, and I wanted to continue working my way through the list of schools I am speaking with, profiling their approach to doing APIs, while also providing some constructive feedback on what schools might consider doing next when it comes to optimizing API delivery and consumption across campus. Next up on m list is Caltech, who we have been having conversations with at Postman, and I wanted to conduct an assessment of what the current state of APIs are across the school. The university reflects what I see at most universities, meaning there are plenty of APIs in operation, but not any visible organized effort when it comes to bringing together all the existing APIs into a single developer portal, or centralizing API knowledge and best practices when it comes to the interesting API things going on across a campus, and with other partners and stakeholders...

API Interrogation

14 February 2020
I was doing some investigation into how journalists are using APIs, or could / should be using APIs. After some quick Googling, Binging, and DuckDuckGoing, I came across a workshop by  David Eads of ProPublica Illinois, called a A hitchhiker's guide To APIs. As I began reading, I was struck by how well it captured not only usage of Postman in journalism, but also how well it captures what Postman does in general in a single precise sentence, “In this hands-on session, you will use Postman to interrogate a web API.” That is how I use Postman. That is why 10 million developers use Postman.  APIs are how we can interrogate the digital world unfolding around us. It is increasingly how we can interrogate the digital world emerging across our physical worlds...

All of the Discussions from the BYU API University Workshop in Utah

12 February 2020
I went to Provo Utah a couple weeks ago and participated in the sixth annual Brigham Young University (BYU) University API Workshop. I was the keynote opener for the first edition of the conference, and I was the same for the sixth edition of the event bringing together many different universities together to talk about API usage across their campuses. When the event began it was primarily BYU staff, but it has expanded to include administrators and faculty from what I counted to be over twenty other universities from across the United States--making for a pretty interesting mix of conversation from higher education API practitioners looking to solve problems, and share their stories of how APIs have help make an impact at how universities serve students and the public...

Postman Governance as the Foundation for Wider API Governance

11 February 2020
This an overview of possible strategies for governing how Postman is used across a large organization. It is common for Postman to be already in use across an organization by individuals operating in isolation using a free tier of access. Governance of not just Postman, but also the end to end API life cycle begins with getting all developers using Postman under a single organizational team, working across master planned workspaces. If there are concerns about how Postman is being used across an enterprise organization, governance of this usage begins by focusing on bringing all enterprise Postman users together under a single license, and team, so that activity can be managed collectively. Postman Users Over the last five years Postman has become an indispensable tool in the toolbox of developers...

Conducting API Weaponization Audits

11 February 2020
I’ve been thinking about chaos engineering lately, the discipline of experimenting on a software system in production in order to build confidence in the system's capability to withstand turbulent and unexpected conditions. I listened to a talk by Kolton Andrus the CEO of Gremlin the other day, and my partner in crime at Postman Joyce (@petuniagray) is an avid evangelist on the subject. So I have been thinking about the concept, how it applies to your average enterprise organization, and the impact it could make on the way we operate our platforms. I don’t think chaos engineering is for every company, but I think there are lessons involved in chaos engineering that are relevant for every company...

Backend AWS API Gateway Integration OpenAPI Extensions

10 February 2020
I have spent a lot of time automating my AWS API infrastructure, working to make it so I can automatically deploy API infrastructure to AWS.  I am using AWS API Gateway as part of this suite of API deployments so I have been working hard to understand how AWS speaks OpenAPI as part of their implementation. As part of my work there are three distinct types of APIs I am deploying using AWS API Gateway, which have three distinct ways of extending OpenAPI to describe. The Pass Through Just passing what comes in to an HTTP host and path I give it and then passing the response back through without any transformations or other voodoo along the way. This is a basic OpenAPI extension for defining a pass through API using the AWS API Gateway...

The Basics of Working with the Postman API

10 February 2020
It is pretty easy to think of Postman as the platform where you engage with your internal APIs, as well as other 3rd party APIs. It doesn’t always occur to developers that Postman has an API as well. Most everything you can do through the Postman interface you can do via the Postman API. Not surprisingly, the Postman API also has a Postman collection, providing you with quick and easy access to your Postman collections, workspaces, teams, mocks, and other essential elements of the Postman platform and client tooling. Providing you with the same automation opportunities you have come to expect from other APIs. API access, integration, and automation should be the default with everything you do online—desktop, web, mobile, and device applications all use APIs...

API Links For Every UI Element

10 February 2020
I’ve showcased ClokudFlare's approach making their API available as part of their user interface several times now. It is a practice I want to see replicated in more desktop, web, and mobile applications, so I want to keep finding new ways of talking about, and introducing to new readers. If you sign up or use CloudFlare, and navigate your way to their SSL/TLS section, you will see a UI element for changing the levels of your SSL/TLS encryption, and below it you see some statics on the traffic that has been served over TLS over the last 24 hours. Providing you full control over SSL/TLS within the CloudFlare UI. At the bottom of the UI element for managing your SSL/TLS you will see an API link, which if you click you get three API calls for getting, changing, and verifying the SSL/TLS status of your domain...

Standardizing My API Life Cycle Governance

10 February 2020
I am working on redesigning all of my base APIs, as well as produce a mess of new ones. As part of the process I am determined to be more thoughtful and consistent in how I design and deliver the APIs. API governance always begins with using API definitions, as you can't govern something you can't measure and track, so having machine readable artifacts is essential. After that, the design of the API is the first place to look when it comes to standardizing each of the APIs coming off the assembly line. Then I am looking to do my best to begin defining, measuring, and standardizing how I do many other areas of API operations, hleping me keep track of the many moving parts of doing microsservices...

An Introduction to API Authentication

27 January 2020
APIs operate using the web, but like web applications, many API require some sort of authentication or authorization before you can access the valuable resources available within each API path. When you open up your APIs on the web you aren’t just giving away access to your resources to anyone who comes along. API providers employ a number of different authentication mechanisms to ensure only the applications and systems who should have access are actually able to make a successful API call. To help refresh the types of authentication available across the API landscape, while also demonstrating the reach of Postman as an API client, I wanted to take a fresh look at authentication to help my readers understand what is possible...

Secrets and Personally Identifiable Information (PII) Across Our API Definitions

27 January 2020
As API providers and consumers we tend to have access to a significant amount of credentials, keys, tokens, as well as personally identifiable data (PII). We use this sensitive information throughout the API integration and delivery life cycles. We depend on credentials, keys, and tokens to authorize each of our API requests, and we potentially capture PII as part of the request and response for each the individual API requests we execute regularly. Most developers, teams, and organizations I’ve spoken with do not have a strategy for addressing how secrets and PII are applied across the internal and external API landscape. API management over the last decade has helped us as API providers better manage how we define and manage authentication for the APIs we are providing, but there hasn’t been a solution emerge that helps us manage the tokens we use across many internal and external APIs...

Profiling Adobe APIs

23 January 2020
As I was profiling APIs on my list of APIs I found myself profiling Adobe. I am moving through the list of companies alphabetically, so you can see how far along I am. Anyways, like any other large company I need to make a decision about how I am going to manage the profiling of different API products and lines of business. Companies like Amazon, Google, Azure, and Adobe have large numbers of APIs and I always know I will need to have some sort of plan for documenting everything that is going on. With Adobe, I am going to track everything in a single GitHub repository, but will be working to create separate API definitions (OpenAPI and Postman collections) for each of the individual APIs being offered...

Help Defining 13 of the AsyncAPI Protocol Bindings

22 January 2020
I have been evolving my definition of what my API toolbox covers, remaining focused on HTTP APIs, but also make sure I am paying attention to HTTP/2 and HTTP/3 APIs, as well as those that depend on TCP only. My regular call with Fran Méndez (@fmvilas) of AsyncAPI reminded me that I should be using the specification to ground me in the expansion of my API toolbox, just as OpenAPI has defined much of it for the last five years. For this particular multi-protocol API toolbox research, the AsyncAPI protocol bindings reflect how I am looking to expand upon my API toolbox. Here are the 13 protocols being defined around the AsyncAPI specification: AMQP binding - This document defines how to describe AMQP-specific information on AsyncAPI...

The State of California Doing APIs The Right Way By Starting Simple

22 January 2020
I got introduced to the CA.gov Alpha Team by my fellow government change maker Luke Fretwell (@lukefretwell) the other day, and I am beginning to tune into what they are up to in similar ways to how I’ve done with other city, state, and federal government entities over the years. We kicked off a conversation around their approach to delivering APIs, and what was possible with Postman. After we were done kicking things off they shared some links with me to help me get up to speed on what they have been doing with their new approach to delivering technology across the State of California. As far as first impressions go I am super stoked with their approach. They are starting small, and working hard to be as public with how they are doing everything...

Three Ways to Use Postman and Azure DevOps

22 January 2020
I set out to understand the role that Postman can play in an Azure DevOps powered API life cycle. I was fully prepared to crash course Azure Dev Ops, and begin mapping out the role that Postman can play, but before I got started I began Googling Postman + Azure DevOps. I was happily surprised to find a number of rich walk throughs written by the passionate Postman community--surpassing anything I could have put together for a version 1.0 of my Azure DevOps Postman guidance. I will still work to pull together my own official Azure DevOps Postman walkthrough, but to prepare I wanted to publish a summary of what I have found while thinking about how Postman and Azure DevOps can work together.  The Postman Basics Before we get going with what I have found, I wanted to point to a couple of key concepts readers will need to be familiar with before they set out trying to use Postman with Azure DevOps, helping set the tone for any integration...

Looking at Electronic Data Interchange (EDI) Reminds Me that the API Economy is Just Getting Started

21 January 2020
I am neck deep in the expansion of what I consider to be my API toolbox, and I have been spending time mapping out the world of EDI. If you aren’t familiar with  the Electronic Data Interchange (EDI), it “is the electronic interchange of business information using a standardized format; a process which allows one company to send information to another company electronically rather than with paper. Business entities conducting business electronically are called trading partners.”  EDI is the original API by providing a, “technical basis for automated commercial "conversations" between two entities, either internal or external. The term EDI encompasses the entire electronic data interchange process, including the transmission, message flow, document format, and software used to interpret the documents”...

I Think We Will Have To Embrace Chaos With the Future of APIs

21 January 2020
I like studying APIs. I like to think about how to do APIs well. I enjoy handcrafting a fully fleshed out OpenAPI definition for my APIs. The challenge is convincing other folks of the same. I see the benefits of doing APIs well, and I understand doing the consequences of not doing them well. But, do others? I never assume they do. I assume that most people are just looking to get an immediate job done, and aren’t too concerned with the bigger picture. I think people have the perception that technology moves too fast, and they either do not have the time to consider the consequences, or they know that they will have moved on by the time the consequences are realized. I’m pretty convinced that most of our work on API design, governance, and other approaches to try and standardize how we do things will fall on deaf ears...

My Upcoming Talk with the UK Government Digital Services (GDS): The API Life Cycle Is For Everyone

21 January 2020
I am heading to London in February to talk to the UK government about APIs. They invited me out to talk about my history of work with government in the US and EU, and share my views of the API life cycle. To help share my view of the API landscape I pulled together a talk titled, "The API Life Cycle Is For Everyone". I am hoping to share my view of the fundamentals of a modern API life cycle, as well as emphasize the importance of both developers and non-developers having a place at the table. Here is what I've pulled together for my time with the GDS in London. APIs are widely considered to be something that is exclusively in the domain of software developers. While it is true that APIs are often a very technical and abstract concept which requires a more technically inclined individual to engage, APIs are something that impacts everyone across todays digital landscape, impacting both business users and developers, making the API development life cycle something all parties should be educated on, made aware of, and equipped to participe in...

Expanding My API Toolbox for the Next Decade

21 January 2020
I am continuing to iterate on what I consider to be a modern API toolbox. API Evangelist research is born out of the SOA and API worlds colliding, and while I have been heavily focused on HTTP APIs over the years, I have regularly acknowledged that a diverse API toolbox is required for success, and invested time in understanding just what I mean when I say this. Working to broaden my own understanding of the technologies in use across the enterprise, and realistically map out what I mean when I say API landscape. I am still workshopping my new API toolbox definition for 2020, but I wanted to work on some of the narrative around each of the items in it, helping me learn along the way, while also expanding the scope of what I am talking about...

DevOps Azure Style

17 January 2020
I am spending time thinking more deeply about how APIs can be delivered via Azure. I spent much of the holidays looking at how to deliver APIs on AWS, but only a small amount of time looking at Azure. I'm looking at how Azure can be used for the development and delivery of APIs, trying to understand the different ways you can use not just Azure for managing APIs, but also use Azure APIs for managing your APIs. Next up is Azure DevOps, and learning more about the nuts and bolts of how the orchestration solution allows you to streamline and stabilize the delivery of your API infrastructure using Azure. First, I want to just break down what the core elements of Azure Devops. Learning more about how Azure sees the DevOps workflow and how they have provided a system to put their vision to work...

A View of the API Delivery Life Cycle from the Azure Getting Started Page

17 January 2020
I am working my way through doing more work around the multi-cloud deployment of APIs and spending some more time on the Azure platform here in 2020, and I found their getting started page pretty reflective of what I'm seeing out there when it comes to delivering the next generation of software. When landing on AWS home page it can be overwelming to make sense of everything, and I thought that Azure organized things into a coherent vision of how software is being delivered in the cloud. Infrastructure Providing the fundamental building blocks of compute for all of this. Linux virtual machines  Windows virtual machines  I never thought I"d see Linux and Windows side by side like this...

What Is Your API Development Workflow?

16 January 2020
I am going to invest in a new way to tell stories here on API Evangelist—we will see if I can make this stick. I enjoy doing podcasts but I am not good at the scheduling and reliable repetition many expect of a podcast. Getting people to join me on a podcast takes a lot of work (I know from experience) to do reliably. People usually want to talk, but finding slots in both of our schedules and getting them to jump online and successfully record an episode isn’t easy to do on a regular basis. However, I still want to be able to craft audio narratives around specific topics that are relevant to the API sector, while also allowing many different voices to chime in. So I’ve come up with a formula I want to test and and see if I can build some momentum...

My Eventbrite API Keys Were Easy To Find

16 January 2020
If you read my blog regularly you know I rant all the time about having to sign up for new APIs and then find my API keys and tokens. API providers excel at making it extremely difficult to get up and running with an API, even once you have read their documentation and figured out what their API is all about. So when I come across API providers doing it well, I have to showcase here in a blog posts. Today’s shining example of how to make it easy to find your API keys comes from the Eventbrite API. I was crafting a Postman API capability collection for my boss the other day, and I needed to find me an API key to get the data I needed out of the Eventbrite API. Finding the API paths we needed to get the event and registration data needed had already taken us some time, so I was fully expected the usual friction when it came to finding my API key...

API Life Cycle Governance Beyond Just API Design

16 January 2020
When you hear enterprise organizations talk about API governance they usually mean the governance of API design practices across the organization. This is the place where everyone starts when it comes to standardizing how APIs are delivered. It makes sense to start here because this is where the most pain is experience at scale when you try to put APIs to work across a large enterprise organization. Even if all APIs and micro services are REST(ish), there are so many different ways you can deliver the details of an API--you might as well be using APIs from different companies when trying to put APIs developed across different teams to use in a single application. Making API design the first stumbling block teams consider when planning API governance, and something that would make a meaningful impact on how APIs are delivered...

Eventbrite Events with Order Count and Capacity Using the API

15 January 2020
My boss asked me if I could build a Postman collection that would pull our future events from Evenbrite and display ticket counts for each individual event. So I got to work hacking on the Eventbrite API, learning each of the events API paths, stitching together what I needed to pull together my Postman collection for this new API capability. I’m a big fan of not just creating reference collections for different APIs like the Eventbrite API, but also creating individual capability collections that use one or many API requests to deliver on a specific business objective. I was able to craft my Postman API capability collection using two Eventbrite APIs, getting me the data I need to satisfy what my boss needed to get the updates he needed...

Why Hasn’t There Been Another Stripe or Twilio?

13 January 2020
Stripe and Twilio are held up as shining examples of how to do APIs in our world. This shining blueprint of how to do APIs has been around for a decade for others to follow. It isn’t a secret. So, why haven’t we seen more Stripes or Twilios emerge? Don’t get me wrong, there are other well done APIs that have emerged, but none of them have received the attention and level of business that Stripe and Twilio have enjoyed. These things always get me thinking and wondering what the reality really is, and if the narrative we are crafting is the one that fits with reality on the ground—pushing me to ask the questions that others aren’t always prepared to ask. I am going to spend some time flagging some of the new APIs who do rise the to the occasion, but while I am working on that I wanted to pose some questions about why we haven’t seen the Twilio and Stripe being modeled by more API providers...

The State of Simple CRUD API Creation

09 January 2020
With all the talk of APIs you think it would be easier to publish a simple Create, Read, Update, and Delete (CRUD) API. Sure, there are a number of services and open source solutions for publishing a CRUD API from your database, but for me to just say I want a CRUD resource, give it a name, push a button, and have it—there isn’t much out there. I should be able to just write the word “images”, and hit go, and have a complete images API that I can add properties to the schema, and query parameters to each method. After ten years of doing this I am just amazed that the fundamentals of API deliver are still so complicated and verbose.  We even have the vocabulary to describe all of the details of my API (OpenAPI), and I still can’t just push a button and get my API...

A Postman API Governance Collection

09 January 2020
You can use Postman to test your APIs. With each request you can include a test script which evaluates each incoming response and validates for specific elements, displaying the test results along with each response. However, you can also use the same mechanisms to evaluate the overall design of any API you are managing with Postman. One of the new beta features of Postman is being able to manage your APIs, allowing you to define each API using OpenAPI 3.0, then generate collections, mocks, docs, and tests with Postman. This got me thinking—why can’t we use the new Postman API manager, plus the Postman API, and script testing for governing the design of an API. To explore the possibilities I created a Postman collection for applying some basic API design governance to any API you have defined in a Postman workspace...

Deploy, Publish or Launch An API?

08 January 2020
I’m always fascinated by the words we use to describe what we do in a digital world. One dimension of the API life cycle that perpetually interests me is the concept of deploying an API, or as some might call it publishing or launching. I am fascinated by how people describe the act of making an API available, but I’m even more interested in how shadows exist within these realities. Meaning, within a 30 minute Googling session for publish, deploy, and launch an API, I come across many real world examples of delivering an API, but how few of them will deliver the actual tangible, functional, nuts and bolts of the API. After searching for publish API, here is what stood out: Apigee SwaggerHub Postman Oracle Broadcom Azure MuleSoft WSO2 SAP Socrata After searching for deploy API, here is what stood out: AWS API Gateway Firebase Google Serverless Stack Mendix API Platform API Evangelist GitHub Heroku After searching for launch API, here is what stood out: Adobe Launch SpaceX Apple Launch Services RapidAPI 80% of these will not actually deliver the API, it will just take an existing and make it available...

Postman Tutorials are Common but the Postman Collection is Often Missing

08 January 2020
I am amazed at the number of blog posts I come across for API providers explaining how their API consumers can use Postman with their API, but do not actually share a complete Postman collection for developers to use. API providers obviously see Postman as a tool for making API calls, but do not fully grasp the ability to document an API with a Postman collection, save, publish, and share this collection with documentation or the Run in Postman button. As part of this realization I am not looking to shame API providers for not understanding what is possible, I am more looking to acknowledge how much work we (Postman) have to to when it comes to helping folks understand what is possible with the Postman platform, moving folks being the notion that Postman is just an HTTP client...

Dead Simple Real World API Management

08 January 2020
I began API Evangelist research almost a decade ago by looking into the rapidly expanding concept of API management, so I think it is relevant to go into 2020 by taking a look at where things are today. In 2010, the API management conversation was dominated by 3Scale, Mashery, and Apigee. In 2020, API management is a commodity that is baked into all of the cloud providers, and something every company needs. In 2010 there were not open source API management provider, and in 2020 there a numerous open source solutions. While there are forces in 2020 looking to continue moving the conversation forward with service mesh and other next generation API management concepts, I feel the biggest opportunity in tackling the mundane work of just effectively managing our APIs using simple real world API management practices...

Spreading API Collections From My Personal Workspaces Across Multiple Workspaces

08 January 2020
As a Postman user for a number of years I have several hundred random collections littering my personal workspace. I had noticed that workspaces emerged a while back, but really hadn’t ever put much thought into how I organize my collections. As the number of collections grows I’m noticing performance issues within Postman, and general chaos because I work primarily fro within my personal workspace. Pushing me to step back and think more holistically in how I create, store, organize, and share my API collections within the Postman platform and beyond using AWS S3 and GitHub. Forcing a little organization and structure on how I move APIs forward across thier own API life cycle trajectory...

Postman Open Source

07 January 2020
I get asked a lot if Postman is open source. I get told ocasionally that people wish it was open source. I have to admit I didn't fully grasp how open Postman was until I helped work on the new open source philosophy page for Postman. While the Postman application itself isn't open source (it is built on open source), the core building blocks of Postman are open source, shifting my view of how you can use the application across operations. Expanding Postman usage beyond just being a solitaire desktop applicaton, and turning it into a digitally scalable gear on the API factory floor. Postman as a desktop application is not open source, but here are the core components that are open source, making Postman something you can run anywhere: Postman Runtime - The core runtime of Postman that allows you to run collecctions, including requests, scripts, etc anywhere, extending the work that gets done within the application to anywhere the runtime can be installed and executed...

Challenges Binding APIs Deployed Via Gateway To Backend Services

07 January 2020
I spent some of the holidays immersed in the backend integrations of the top three cloud providers, AWS, Azure, and Google. Specifically I was studying the GUI, APIs, schema, mapping, and other approaches to wiring up APIs to backend systems. I am looking for the quickest API-driven way to deploy an API, and hooking it up to a variety of meaningful resources on the backend, beginning with SQL and NoSQL data stores, but then branching out discovering the path of lest resistance for more complex backends. Maybe it is because of my existing experience with Amazon, but I found the AWS approach to wiring up integrations using OpenAPI to be the easiest to follow and implement, over what Azure and Google offered...

Academic or Street API Tooling

07 January 2020
There always seems like there are two separate types of tools in my world, the academic tools that consider the big picture and promise to steer me in the right direction, and then there is the street tooling that helps me get my work done on a day to day basis. After going to work for a street tooling vendor who has some academic tooling aspirations, it has gotten me thinking more about the tools I depend on, and learning more about what people are using within the enterprise to get their work done each day. I have used different academic tooling over my life as the API Evangelist. I’d say every API management tool I’ve adopted has been very academic until recently. From my view API management started as academic and then became a factory floor commodity...

A Dynamic Salesforce REST API Postman Collection Builder Collection

06 January 2020
I have been working on developing new ways to make the Salesforce API more accessible and easier to onboard with over the last couple of months, helping reduce friction every time I have to pick up the platform in my work. One of the next steps in this work is to develop a prototype for generating a dynamic Postman collection for the Salesforce REST API. I had created a Postman collection for the API earlier, but the Salesforce team pointed out to me that the available APIs will vary from not only version to version, but also user account to user account. With this in mind I wanted to develop a tool for dynamically generating a Postman collection for the Salesforce API, and as I got to work building it I realized that I should probably just make the tool a Postman collection itself (mind blown)...

The Fundamentals: Deploying APIs From Your Databases

06 January 2020
You know, I tend to complain about a lot of things across the API space while focusing on the damage caused by fast moving technology startups and the venture capital that fuels them. Amidst all of this forward motion I easily forget to showcase the good in the space. The things that are actually moving the conversation forward and doing the hard work of connecting the dots when it comes to APIs. I easily forget to notice when there are real businesses chugging along delivering useful services for for all of us when it comes to APIs. One of my favorite database to API businesses out there, and one of the companies who have been around for a significant portion of my time as the API Evangelist, working hard to help people deploy APIs from their databases, is SlashDB...

My Levels of Postman API Environment Understanding To Date

06 January 2020
I have been a pretty hardcore Postman user since the beginning. Over the years I felt like I understood what Postman was all about, but one of the first concepts that blew up my belief around what Postman could do was the concept of the Postman environment. Like other Postman features, environments are extremely versatile, and can be used in many different ways depending on your understanding of Postman, as well as the sophistication of the APIs and the workflow you are defining using Postman. My Postman environments awakening has occurred in several phases, consistently blowing my mind about what is possible with Postman and Postman collections. Postman environments are already one of the edges I have given Postman collections over a pure OpenAPI definition—it just provides more environmental context than you can get with OpenAPI alone...

Postman Collections For Pulling My Twitter Friends And Followers

06 January 2020
I have been cranking out the Twitter API capabilities lately, crafting single request Postman collections that focus on a specific capability of the popular social API. I use the API for a number of different things around API Evangelist, and as I assess how I use the social media API I wanted to be engineering my integrations as Postman collections so I can better organize and execute using Postman, while also adding to the list of API capabilities I’m sharing with my audience of developers and non-developers. Today I cranked out two individual Twitter API capabilities helping me better manage my Twitter followers and friends: Twitter Followers - Pulls your Twitter followers 200 at a time, saves them within an environment, then allows you to increment through each page of followers, eventually pulling and storing all of your followers...

Pricing Comparison for Screen Capture APIs

03 January 2020
There is a pricing comparison between 33 separate screen capture APIs halfway down the page on this interesting piece about how to choose the right screen capture service. This type of comparison should exist across every business sector being impacted by APIs, as well as new ones emerging to introduce entirely new digital resources for use in our desktop, web, mobile, device, and network applications. Sadly, right now these types of machine readable, let alone human readable lists do not exist across the sector. Assembling these types of comparisons takes a lot of time and energy, and aren’t always possible in a special API snowflake of a world where seemingly similar APIs are actually very different beasts—sometimes intentionally, but usually unintentionally...

Not Just An API Provider But Also An API Matchmaker

03 January 2020
Your API is always the best. Of course it is. However, not everyone will see the value your API delivers without a little enlightenment. Sometimes the value of an API is missed in isolation when you are just looking at what a single API can do. To help developers, as well as business users understand what is possible it can help to connect the dots between your API and other valuable 3rd party APIs. This is something you see from API providers who have integration pages showcasing the different integrations that are already available, and those who have invested in making sure their API is available on integration platform as a service (iPaaS) providers like IFTTT and Zapier. If a new user isn’t up to speed on what your API does, it can help to put it side by side with other APIs they are already familiar with...

The Many Differences Between Each API

03 January 2020
I’m burning my way through profiling, updating, and refreshing the listings for about 2K+ APIs in my directory. As I refresh the profile of each of the APIs in my index I am looking to make sure I have an adequate description of what they do, that they are well tagged, and I always look for an existing OpenAPI or Postman collection. These API definitions are really the most valuable thing I can find for an API provider, telling me about what each providers API delivers, but more importantly it does the same for other consumers, service and tooling providers. API definitions are the menu for each of the APIs I’m showcasing as part of my API research. As I refresh the profile for each API I re-evaluate how they do their API, not just the technical details of their API, but also the business and on-boarding of their API...

What Is The API Life Cycle?

02 January 2020
I regularly struggle with the words and phrases I use in my storytelling. I’m never happy with my level of word-smithing, as well as the final output. Ultimately I don’t let it stop me, I just push myself to constantly re-evaluate how I speak, being forever critical and often pedantic about why I do things, and why I don’t. One word I struggle with is lifecycle. First I struggle with it being a word, or two words. Historically I have been team word, but more recently I’ve switched to two words. However, this round of anxiety over the phrase is more operational, and existential, over it being about how I use the word in my storytelling. I am more interested in if we should even be using the phrase, and if we are, how do we get more formal about quantifying exactly what we mean by the API life cycle...

Deploying My Postman OpenAPI To AWS API Gateway

02 January 2020
I created a bunch of different Postman collections for AWS services leading up to re:Invent this year, and now I’m using individual requests to deliver on some different Postman AWS API life cycle workflows. To flesh out the scaffolding for how I define and deliver APIs throughout their API life cycle I got to work on a Postman collection for defining and executing every single stop in my API life cycle in a way that I could consistently apply across many different APIs. I am using Postman to define the central truth of each of my APIs with OpenAPI, and I want to use Postman to deliver and execute on that truth across every single stop along the API life cycles. One of the more critical stops I wanted to provide a solution for was API deployment, providing me with a simple way to immediately deploy an API from an OpenAPI definition...

A Postman Collection for Managing the Life Cycles Of My APIs

02 January 2020
I had grown weary of just researching, talking, and teaching about the API lifecycle over the last ten years as the API Evangelist. This was one of the major motivators for me to join the Postman team. I want to take my knowledge of the API life cycle and work to make sure the rubber meet the road a little more when it comes to actually realizing much of what I talk about. I began investing in this vision over the holidays by crafting a Postman collection that isn't for defining a single API, it is meant to define the life cycle of a single API. I can manage multiple stops along the API life cycle already with Postman--I just wanted to bring it all together into a single machine readable collection that uses the Postman API, but also other APIs I use to orchestrate my world each day...

2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 |