Need help with your APIs? I offer API discovery, governance & evangelism services. Explore services →
API Evangelist API Evangelist
Learnings
Guidance
Toolbox
Alignment
API Evangelist LLC

Stories from 2026

Stories about the technology, business, policies, and people of APIs.

search

VCs Screwed Themselves by Restricting Interoperability

It is a common tactic in the VC playbook of the startups I’ve worked with over the years: limit the interoperability of the platforms they invest in. You can import OpenAPI, but you can’t export Op...

What Actually Goes Into Profiling Stripe for API Evangelist and APIs.io

When I tell people I “profiled” an API provider, they picture me grabbing an OpenAPI file and calling it a day. That is not what profiling means anymore, and Stripe is a good place to show why. A m...

A Registry of Adoptable, Provenanced Governance Rulesets

I have been walking through the governance tools I am building under API Commons one a day, and today’s is the one that answers a question the others eventually raise. If governance is just Spectra...

OpenAPI Overlays for Adding Tool-Specific Content Without Polluting the Spec

I keep running into the same slow-motion mess. Somebody hands me an OpenAPI definition that is supposed to be the single source of truth, and when I open it up half the operations are wearing three...

Gravitee Gets Closer Than Most to Programmatic API Onboarding

I keep coming back to the same wall. Every company on earth is telling me they are all in on AI, that agents are the future, that software will soon be writing software and calling APIs on its own....

From a Prose Style Guide to a Grounded Spectral Ruleset

I am still working my way through the governance tools I have been building under API Commons, a different one each day, and today I want to talk about the one that goes after the hardest problem i...

Turning Spectral Output Into a Report People Actually Read

I am still working my way through the governance tools I have been building under API Commons, one a day, and today’s is the one that finally makes a Spectral run legible to somebody who did not wr...

Forging the Agent Layer of Your API

An OpenAPI tells a developer what your API can do. An agent needs more than that. It needs to know which operations are worth turning into tools, what each of those tools is honestly allowed to do,...

Scoring the Reusability of Your API Estate

I have been working my way through the governance and discovery tools I keep building under API Commons, writing one up a day, and today’s is the one that answers a question almost every organizati...

Postman Sells API Tooling but Still Makes You Click Generate API Key

I keep coming back to the same wall, and this week it has Postman’s name on it. I have spent years saying that onboarding is the part of an API that breaks first under load, and now we have agents ...

Standalone API Documentation Generated From APIs.json

This is the next stop in my daily walk through the API Commons tools, and it is one I have wanted for a long time: a way to hand somebody a single APIs.json and have it turn into real, readable doc...

OpenAPI Overlays for Translating and Localizing One Canonical Spec

Translation is where a lot of teams quietly fork their API contract, and they don’t even notice they’re doing it. Someone in the German office needs the docs in German, so they copy the OpenAPI fil...

Stedi and EDI as Modern API Workflows

Stedi has taken one of the oldest, crustiest corners of healthcare—X12 EDI—and wrapped it in a modern API. That is genuinely useful work, because the X12 transaction sets that govern eligibility, c...

What Programmatic Onboarding Looks Like Inside MuleSoft Anypoint Platform

I keep coming back to the same wall. Every time I want to get a piece of software talking to an API, I find out that the part everyone treats as a formality, getting credentials, is the part that d...

Most Teams Just Turned Spectral On and Stopped There

For two years I have been saying in print that “just turn on Spectral” is a seduction and a trap — that flipping on a linter’s default ruleset in your pipeline and waiting to wake up governed is no...

A Browser-First Registry for the API Artifacts You Depend On

Yesterday I kicked off this run through the API Commons tools with a validator you keep open in a tab, and today I want to keep the daily thread going with the tool I reach for one step earlier — b...

Put Governance Where the Agent Can Reach It

I made the case last week that you should govern in the IDE, where the work happens — get the ruleset in front of the engineer while they’re still typing, instead of waiting for a red CI build to t...

Availity and the X12 Administrative Workflows

For all the attention FHIR gets, an enormous share of healthcare’s actual money and paperwork still moves over X12 EDI. Eligibility checks, claim status, prior authorization—these are the administr...

A Browser-First Governance Validator for Your API Specs

I keep telling teams that governance should be something you can reach for in the moment, not a service you file a ticket against. So I am spending this stretch walking through the governance tools...

Ribbon Health and the Provider Directory Workflow

Provider directories are the unglamorous backbone of healthcare. Finding a doctor who has the right specialty, in the right location, who actually accepts a given insurance plan is a deceptively ha...

OpenAPI Overlays for Filtering One Spec Into Public, Partner, and Internal Audiences

Here is the problem that eventually finds every team that runs an API for more than one kind of consumer. You have a single OpenAPI definition, but you do not actually have a single audience. The p...

IBM API Connect Governs the Whole Lifecycle With Spectral

I’ve spent this whole series arguing that governance shouldn’t be a single gate you slam into at the end, but something that shows up at every stage of the lifecycle — in the editor while you’re au...

Building the Tooling for Consumer API Governance

A couple of weeks ago I wrote about consumer API governance in an agentic world, and I keep making the argument from stage — APIDays New York, Amsterdam, and Munich next month. Arguments only go so...

What Programmatic Onboarding Looks Like When the App Is Really a Subscription

I keep coming back to the same wall. Every company tells me they are all in on AI, that agents are the future, that software will provision and consume software without a human in the loop. And the...

DrChrono and the Clinical Day as Workflows

DrChrono is a full EHR with a sprawling REST API—over three hundred operations covering everything from scheduling to billing. An API that large is exactly where workflows earn their keep, because ...

API Governance Is 75% People Work

Everything I’ve written about in this series up to now — landscape mapping, OpenAPI, JSON Schema, policies, Spectral rules, design-first, Git, the IDE, the pipeline, shifting left, reviews and prov...

We Governed APIs for the Builders. Now Govern Them for the Consumers.

I have spent this whole series making the case for governance the way we have practiced it for a decade: lint the OpenAPI, enforce a style guide, shift it left, put it in the IDE, and put it where ...

Medplum and FHIR as a Developer Backend

Medplum treats FHIR R4 as a developer backend, exposing the RESTful API as a generic create, read, update, search, and history surface parameterized by resource type. That generality is powerful, b...

Bringing Legacy Standards Into the Modern API Age

A lot of the standards that quietly run our world were written before the API era. They are thorough, hard-won, and often decades deep, but they live as PDFs, XML schemas, and prose test scripts. T...

AWS API Gateway and the Self-Serve Onboarding It Refuses to Offer

I keep coming back to the same wall. Every company tells me they are all in on AI, that agents are the future, that machines will soon be doing the integration work humans used to do by hand. And t...

API Reviews and Provenance: Accountability Over Enforcement

Here is the reframe that finally made governance work for me, after years of getting it wrong. For a long time I thought the job was to make people comply. Get the teams to follow the rules, hit th...

One Button, Every MCP Client

If you publish an MCP server today, the last mile to your users is a mess. You write out install instructions for Claude Desktop, then a different set for Cursor, then a deep link for VS Code, then...

When a Capability Stays Too Close to the Interface

I have been stewing on Daniel Kocot’s newsletter on capabilities for a week or more now. It reflects the journey I have been on since leaving Bloomberg, and honestly it is why I left Postman to go ...

Shifting Left Is the Whole Game

If you pull back and look at the last several fundamentals in this series — design-first versus code-first, Git as your source of truth, the IDE, the CI/CD pipeline — there’s a single principle org...

OpenAPI Overlays for Improving Developer Experience: Enriching a Thin, Code-Generated Spec

You know the spec I am talking about. It was generated from code by a framework annotation scanner, and it is technically correct in every dimension and useful to nobody. The GET /products operatio...

Metriport and the Asynchronous Document Query

Metriport is an open-source take on health data interoperability, and like most of the record-retrieval platforms its API is fundamentally asynchronous. You do not ask for a patient’s documents and...

Making API Reusability Measurable

In almost every enterprise I walk into, the same capability has been built three, four, five times — customer lookup, payment processing, document storage, notification sending — by teams who were ...

What 36 Providers Taught Me About Programmatic API Onboarding

A couple of months ago I wrote that we standardized the API but we didn’t standardize the application. Then SoundCloud showed me what the fix looks like from a provider’s side: one file, no depende...

If You're Using Spectral, It Is Now Gathering Data About You — Opt Out

I spend a lot of time telling you to run Spectral, so I owe you the other half of the story. On June 30th a pull request landed in the Spectral repository with the entirely unremarkable title chore...

Health Gorilla and the Lab Order to Result Loop

Lab ordering is one of those healthcare workflows that looks simple from the outside and is anything but. You do not just call an endpoint and get a result back; you place an order, it routes to a ...

CI/CD Pipelines Make Governance Consistent

The pipeline is where governance becomes non-optional, and more importantly, where it becomes consistent. The same Spectral ruleset that lives in your developers’ editors runs in CI on every pull r...

What Programmatic Onboarding Looks Like When the Door Is the Cloud Console — Apigee

I keep coming back to the same wall. Every company I talk to is “all in on AI,” wiring up agents that are supposed to go discover an API, register themselves, and get to work. And then I go look at...

The Consumer Decides the Gateway: API Governance at the Consumption Layer

I am giving a talk at APIDays Munich about the layer of API governance our industry keeps pretending does not exist. We have spent a decade obsessing over two of the three layers. There is design-t...

MCP for Spectral Governance: Make Your API Rules Conversational

If you have done the work of API governance, you have a Spectral ruleset. It lints your OpenAPI, it catches the naming drift, it blocks the request body on a GET, it flags the operation nobody both...

Arazzo Workflows Are Your New Integration

I have spent a lot of years watching companies build the same integration over and over again. Someone at HubSpot builds the Salesforce connector. Someone at Salesforce builds the HubSpot connector...

Govern in the IDE, Where the Work Happens

The earliest place you can govern an API is the editor, and it is also the place with the best return on the effort, because it’s where the engineer is actually working and most open to help. Spect...

Cerner Oracle Health and the SMART on FHIR Sequence

The Cerner Millennium platform, now Oracle Health, is one of the EHRs that a huge slice of the country’s clinical data actually lives behind, so its FHIR R4 API is worth understanding as a sequence...

The Linux Foundation Is the Home of Our API Specifications, and They Should Work Together

I spent some time this week walking the entire Linux Foundation umbrella to inventory the API specifications it stewards, and the projects underneath it that actually have APIs. I expected a long, ...

Kong Konnect Has Two Front Doors and Neither One Is the One I Want

I keep coming back to the same wall. Every company tells me they are all in on AI, that agents are the future, that the API economy is about to be run by software talking to software. And then I go...

Git Is Your Governance Source of Truth

Here is a hill I will happily die on: treat your governance artifacts as code, and put all of them in Git. Your OpenAPI specs, your JSON Schemas, your policies, your Spectral rules — every one of t...

Canvas Medical and the Shape of an EHR FHIR Workflow

When an EHR exposes a clean FHIR R4 API, it is tempting to think the integration problem is solved. Canvas Medical has one of the better developer-first FHIR surfaces I have looked at—a write-capab...

Understanding the Way Things Are

A common mistake I see technologists make is that we don’t always take the time to understand the way things are before we plow forward with something new. I regularly suffer from this condition, b...

Mapping Particle Health Record Retrieval as Arazzo Workflows

Most of the healthcare APIs I profile describe themselves one endpoint at a time, but nobody actually integrates one endpoint at a time. The real work is a sequence: authenticate, register a patien...

Design-First or Code-First: Pick, and Know the Cost

Every governance program eventually hits this fork in the road, and you have to be honest with yourself about which side of it you’re on, because it determines when governance is even possible. Des...

Spectral Rules: Machine-Readable Enforcement

Now we get to the part everyone thinks is the whole thing. Spectral is the open-source linter that runs rules against your OpenAPI, AsyncAPI, JSON Schema, or honestly any JSON or YAML artifact you ...

Revisiting OpenAPI Extensions Alongside APIs.json

Five years ago I wrote a post about evaluating APIs.json property types alongside OpenAPI extensions, and back then I was working with a sample of about fifty extensions from fourteen providers. It...

Policies and Style Guides: The Why Above Your Rules

This is the fundamental that most governance programs skip, and skipping it is exactly why most of them fail. Here is the pattern I have watched play out over and over: a team builds a Spectral rul...

Building the Tooling for Consumer API Governance

A few days ago I wrote about consumer API governance in an agentic world, and as I keep giving versions of that talk — Munich is next — the most common response I get in the hallway afterward is so...

Tyk and the Quiet Superpower of Extending OpenAPI

Extending the OpenAPI specification is a widely used, but seldom talked about superpower of the specification. People who aren’t in the know hit the wall with what the specification can’t do, and t...

The Many Use Cases for OpenAPI Overlays

After rounding up the open-source and commercial tooling support for OpenAPI Overlays, the next question I keep getting is simpler and more important: what are people actually using overlays for? A...

JSON Schema Governs the Shape of Your Data

Underneath your API contract is the data, and the data has a shape, and that shape is described by JSON Schema. This is the layer where the real fights happen. OpenAPI’s schema object is JSON Schem...

OpenAPI Overlays Tooling Support Across Open-Source and Commercial Services

The OpenAPI Overlay Specification reached a stable 1.0.0 release, and the tooling has been steadily catching up ever since. Overlays give you a clean, repeatable way to apply a list of actions to a...

OpenAPI Is the Unit of API Governance

If landscape mapping is where governance starts, OpenAPI is where it lives. It is the center of gravity for everything I do when I govern REST APIs, and the reason is simple and worth saying out lo...

I Do Not Believe There Is One Tool or Approach to Solve API Governance

I know that many in the tech world believe there is always a universal approach to doing software, and that all business processes scale. For some processes this may hold true, but when it comes to...

Start by Mapping Your API Landscape

When I walked into the most serious governance job I’ve ever held, the first thing I did was not write a single rule. I went and reviewed every published OpenAPI across the entire portfolio. Before...

Standalone JSON Schemas, Overlaid for Every Purpose

Yesterday I wrote about localizing the Products API with OpenAPI overlays, treating the whole API description as one document to be translated four ways. Today I want to go down a level, because th...

Consumer API Governance in an Agentic World

I am preparing to give the third iteration of my talk on consumer API governance, this time in Munich next month. I’ve given versions of it at APIDays NYC and Amsterdam, and I keep iterating on the...

The Fundamentals of API Governance

I’ve been doing API governance work for quite some time now, and I spent a a year on the ground standing a governance program up from scratch. So when people ask me what API governance actually is,...

OpenAPI Overlays Let One Products API Speak Four Languages

I keep a small, deliberately boring API around for teaching: a Products API. It does exactly what you’d expect — list products, create a product, fetch one, update it, delete it, cancel it — and no...

There is a Real Bill Associated With Offloading API Design This Round

When API design first emerged in 2012, and grew in popularity over the next decade, some folks embraced, while others revolted, and the rest just sat with the usual blank stare they have for work e...

The Real API Design Struggle Continues with MCP

I’ve been studying the way API providers publish their public MCP servers, beginning with the big three: Amazon, Microsoft, and Google. Each of these providers have their own approach to delivering...

Google Makes the Interactions API the Front Door to Gemini

Google moved the Gemini Interactions API to general availability, and I want to pay attention to it not because it is another model endpoint, but because of what it says about where API design is h...

SoundCloud Shows What Programmatic API Onboarding Should Look Like

I keep coming back to the problem of scaling the onboarding, the setting up of applications, and the obtaining of API keys across many different APIs. The differences in how every API provider hand...

Ory Talos Puts API Key Management Back in Your Hands

I spend a lot of my time on the consuming end of API keys—banging my head against the wall of how every API provider handles the issuing, verifying, and managing of credentials differently. So when...

MCP Discovery & Governance

I am working through research on “MCP governance”—meaning, what others out there are calling MCP governance. As with APIs, there is a wide mix of smoke, mirrors, and concrete practices around what ...

The Architecture Behind 10,000 API Providers

When I started API Evangelist in September 2010, I was writing stories from a one-bedroom apartment in Eugene, Oregon, trying to make sense of what Twitter, Twilio, and Stripe were doing to softwar...

Your Diverse API Toolbox

I have been writing about this since March 2017, kept expanding it through 2018 with a diagram that I brought to talks and workshops, and reinforced it again in 2020. Coming back from APIDays Amste...

History of API Evangelist

One story I’ve told many times, but couldn’t find in my own historical archives of API Evangelist, is the origin story of API Evangelist itself. I am learning that the stories I’ve told over the ye...

API Value Exchange

I have been writing about API monetization since 2011. Not consistently, but in recurring waves — whenever the business reality of APIs forces itself back to the surface. Early on I was fascinated ...

The Business and Politics of Platform Status Page Details

I like GitHub’s recent blog post on transparency around their status page. Status pages are human and machine-readable properties I’ve tracked on for API providers as part of my APIs.json work for ...

Learning About Standards via Cloudflare Radar AI Insights

I am learning from the AI Insights updates on Cloudflare Radar. I have long been a champion of how we’ll be automating the onboarding of clients, bots, agents, and other non-human users of the web....

That List of 1000 APIs Does Not Do Me Much Good When I Just Need To Be Capable of Doing Something

There is something that haunts me every time I am doing the market research I need for Naftiko. Every integration provider always has thousands of icons for the integrations they support on their w...

The Next Wave of API Investments Will Be All About Experience

I was publishing the Naftiko Capabilities I had generated from the 36 Palo Alto Networks OpenAPIs. Before I generated these capabilities I generated a standardized set of Spectral rules based upon ...

An API Consumer Interoperability Mindset

It is difficult to think like an API consumer when you are an API producer. When I talk to anyone about what I am building at Naftiko, which is extremely API consumer centric, almost everyone I kno...

Questioning Our API Governance Reality

Questioning how I see the technology, business, and politics of APIs is the foundation of API Evangelist. I’ve changed my opinions on a lot of things over the years, as my awareness expands on diff...

You See a Spec, I See a Common Language, and a Common Understanding

Many engineers I’ve worked with over the years see OpenAPI and AsyncAPI as a configuration for whatever tooling outcome they desire. I see OpenAPI, AsyncAPI, and JSON Schema that defines them as a ...

My /me API Using Naftiko

For years I’ve been writing on API Evangelist about the idea of a personal API footprint — the idea that every individual should have a single, coherent surface representing themselves across the d...

Not a Single API Evangelist Post in March

I did not write a single post on API Evangelist in March. I have gone months before without writing a story, but this month is primarily due to artificial intelligence. I am all in on using Claude ...

The Promise of a New Specification

Starting a new specification is exciting. You have a vision. You flesh out the vision. You distill it down into some documentation, schema, blog post, and a social media post. You don’t have the ba...

What Is Your Beef With JSON Schema?

I recently purchased the Radiohead record, OK Computer. I’m in a phase where I am investing in my vinyl record collection, and doing the work to get out of my comfort zone. This means challenging a...

Where Is Governance (Guidance) Going?

I had a fascinating conversation Anna Daugherty on Wednesday, which will be published as a podcast shortly. If you don’t know Anna, she is a super smart and down to earth product marketer who works...

There is a Lot of Knowledge and Wisdom Packed Into Speakeasy's Agent Skills

I saw Speakeasy publish their agent skills. It caught my attention, not because I care about agents, but because I care deeply about the knowledge expressed in these agent skills. Honestly, I don’t...

How Does a Capability Come to Life?

As I work to define Naftiko, and specifically what a capability is, I wanted to explore how a capability comes to life. But let’s start with my current definition of what a capability is. A capabi...

What is the Diff Between Bruno Collection and OpenCollection

Bruno has been slow rolling their release of their new OpenCollection format to augment the Bruno Collection, and continue grabbing mindshare from Postman Collections, while simultaneously embracin...

Why Do I Need Agents When I Have Requests, CRON Jobs, and Events?

I am genuinely trying to understand the essence of the agentic wave of artificial intelligence. I am always frustrated when I don’t understand something. Unfortunately, much of popular life and cap...

Dispatches From The Frontlines at Moltbook

I am an expert in programmatic interfaces as they are used in a variety of applications. I don’t build desktop, web, mobile, device, network, or AI applications — I enable them. I have to keep sayi...

Organizing Signals Into a Platform Definition with Operations Organized by Role

I have been gathering signals about what enterprises are invested in as part of my Naftiko Signals work. As I do, I am working out in the open to make sense of the services I am profiling as part o...

MCP Server for Microcks Mocking and Testing

The Microcks team is proposing adding an MCP server for the mocking and testing platform, arguing that every tool needs one. I definitely support every API service and tool having an API, so this l...

Weekly API Evangelist Conversations

I had a really energizing webinar with Nordic APIs last week, hosted by Bill Doerrfeld, and with Lorna Jane Mitchell, Kevin Swiber, and myself in attendance. The questions were good, the conversati...

A 3rd-Party Notion API Sandbox to Provide a Safer Agent Sandbox

I am creating a series of 3rd-party Notion API sandbox for my team to develop against, and provide safe spaces for Naftiko customers to develop agents against. The foundation of my Notion API sandb...

Agents. It Is All APIs. Nothing Has Changed

I love people waking up to the importance of APIs. I have to work hard not diminish people’s excitement for each wave of “application” of the value in which APIs deliver. People get very attached t...

Governance Rules as Guardrails in a Strongly Typed Journey

I am always fascinated by how the same people who are TypeScript believers often become advocates against using a schema-driven approach anywhere beyond “the code”. I am a big fan of having a schem...

Baseline OpenAPI Rules For Governance of 3rd-Party APIs

API governance using Spectral or Vacuum rules changes when you go from governing APIs you are producing to governing 3rd-party APIs you are consuming. It is a simple, but pretty radical shift in ho...

Exploring What Schema Tools Are Available

My Naftiko team asked me for more information on what schema tools are available. Well, more specifically they asked schema explorers there were, but I thought it was an opportunity to take a fresh...

What Are the Application and Interface Specification Priorities?

I am deep diving into the properties of interface and application specifications to understand the overlaps across the standards in use within both of these domains. I pulled the JSON Schema for fi...

My Rabbit Warren of JSON Expressions, References ($ref), Queries, or Pointers

I’ve been down each of these rabbit holes before. I’ve paid really smart people to go down these rabbit holes. But honestly, what I am talking about is actually a “rabbit warren”. I know we all lik...

My Avalara API Review Provides a Benchmark for Modern API Operations

I enjoy reviewing APIs. I’m good at it. Over 15 years, I’ve developed a rich and proven API discovery and profiling process. Recently, folks at Avalara reached out to me about my API Evangelist Pos...

I Am Proud To Introduce You To Naftiko

I’d like to introduce you to my new startup, called Naftiko. You’ve probably heard me talking about it, but as of 2026, we are a real company with funding and a team. It’s real. Naftiko is focused ...

A New Year for API Evangelist

I have to manually roll the blog for my website over each year. The primary link for my blog goes to whatever the most recent year is, which is a static page. I like it this way. It forces me to ma...