Federated Convergence With Mastodon, Enterprise API Governance, and Government Regulation

I’ve mentioned lately on social media that there was a federated convergence occurring right now. Not just across the Mastodon explosion that has happened recently, but also enterprise customers I am talking with in my work at Postman, and regulation I see emerging from governments. While at different levels, and possessing very different motivations behind these movements, they share a lot of common patterns I think we need to pay attention to.

Let’s start with Mastodon. It is an open source social networking application you can install on any server, which comes with a standardized API. Every Mastodon instance has the same API, and employs a common set of protocols, allowing instances to work together, share information, and anyone can build an application or integration on top of the API. Mastodon, and other platforms who’ve adopted this approach are widely seen by their communities as being federated, instead of following the centralized platform approach of Twitter. I consider Mastodon to be the very theatrical version of API federation occurring in this story.

Next, I am seeing a significant shift in how enterprise organizations are delivering APIs, and embracing more of a federated approach to how they make digital resources and capabilities available across the enterprise. Large enterprise organizations end up with many lines of business, geographic locations, tribal factions, and acquisitions who have different systems, applications, and infrastructure in place—resisting many years of centralized governance. The savvier business and technology leadership at enterprises are realizing how futile it is to mandate everyone use the same tools, and is beginning to mandate a common interface across not just the instances like Mastodon, but also the implementation as well—centralizing policy management, as well as API interfaces centrally, while enabling a federated approach to governance across operations.

Lastly, we come to the government regulation dimension of this conversation, where you have API regulation like FHIR out of the US and PSD2/PSD3 in EU. Like Mastodon, these provide a federated set of APIs that banks and service providers are supposed to follow. The US and EU governments do not provide the software to deliver instances, but are defining the APIs themselves, and after watching the friction with rollout of these regulations, I predict they will be to also regulate the implementation as well. PSD2 and FHIR just represent the top industries where we are seeing this type of regulation, which is something we’ll see emerge across other sectors, shaping instances as well as implementation of APIs to enable interoperability and help make business sectors more competitive.

There is still a lot of distance between each of these federated universes, and the approaches implemented across them. However, I see enough of a convergence at a federated level to take notice, and begin learning from each layer of how our digital and increasingly physical world works. There is a lot to learn across these spectrums. We’ll see more enterprise organizations adopt federated API instances and implementations, not because they are interested in being open or supporting interoperability outside their firewall, but are interested in interoperability within their own operations. The Mastodon community will also learn a lot in coming years about the realities of protocols vs. platforms, while the federal government is also learning hard lessons regarding how you will have to govern implementations as well as the interfaces driving interoperability across leading industries. I am going to be spending a lot of time this year mapping out financial and healthcare spaces as part of my work, and continuing to drive enterprise federated API governance approaches. I will also being investing a lot of cycles on my own time into the Mastodon world, and keep telling stories about what I learn, as this federated convergence continues.