It is easy for API governance to become the bottleneck in API operations, especially when an API review is a face-to-face gate that is required before someone can move their API beyond any development stage. Depending on the scope of an API and the skills and preparedness of the team developing the API, but also the maturity of your API governance program, your API governance and specifically the concept of the API review can become a serious bottleneck that will give API governance a bad reputation within your enterprise. There are multiple ways you can work to mitigate your API governance becoming a bottleneck with teams depending on the shape and culture of your enterprise, but we recommend beginning with investing in the following.
- Self-Service - Keep as much of your API governance guidance and tooling as self-service and accessible to teams as possible.
- Ongoing Reviews - Offer the possibility for in-person reviews but invest heavily in reviews being a rolling ongoing thing over time.
- Shift Left - Establish triggers early on in the API development lifecycle that trigger API governance feedback loops with teams.
- Evangelism - Turn every policy and rule and their application to APIs into a quick chat or other snackable message to share.
- Experience - Introduce and talk to teams about governance in terms of its impact on tangible experiences they will encounter.
- Leadership - Educate the bosses of people who will face governance reviews about what the process involves to prepare them.
We recommend avoiding the common practice of instituting a final API design review before teams can move from development to a more advanced stage. We encourage you to make API governance a self-service, ongoing, and shared experience that happens out in the open over time. Teams will learn from each other’s work out in the open as things happen, and won’t be expected to always have read the documentation and be 100% prepared for a review at some milestone in the future. The best way you can avoid making API governance a bottleneck is to spread it out over time, but more importantly you need to keep leadership aware of the process for when teams who insist on not being prepared or doing the work tell their superiors that you are in the way of them getting into production.
