Governance often brings to mind rigid, strict, and heavy-handed enforcement of rules and processes that are internally focused to remove inefficiencies. IT organizations are now moving to a lightweight API governance approach that includes:
- Guidelines that produce consistency,
- Coaching to establish self-sufficient teams, and
- Flexibility to adapt as the organization changes.
Let’s look at each of these areas to better understand how you can establish and grow your API program in a lightweight and effective manner.
Step 1: Produce API Consistency
Strive to produce API consistency through the adoption of a style guide alongside an API design first approach. This will eliminate waste from poorly designed, inconsistent, or insecure APIs
Creating API consistency starts with a style guide that outlines the expected standards, naming conventions, and protocols for any API in the organization’s digital portfolio. Effective style guides also include common error strategies, common design patterns, and shared insights that help teams new to APIs become more effective faster. Often, a style guide is supplemented with common practices for deploying and protecting APIs in production.
Additionally, many organizations suffer from shadow APIs that were built and deployed without any consideration for proper design and security precautions. Organizations must recognize that APIs combine business value with technology and product thinking, thus benefiting from a lightweight design and delivery process.
An API design first approach blends the concerns of business and technology into a lightweight process that moves APIs through the ideation, design, and delivery phases efficiently. This approach provides a simple and clear process each API producing team must follow and helps to ensure a consistent delivery workflow while avoiding shadow APIs that can be exploited by malicious individuals.
Step 2: Establish Self-Sufficient Teams
Organizations that centralize the creation of APIs will develop the same kind of siloed culture that reduces velocity and limits innovation. Instead, developer teams in each line of business must have API expertise. API programs must be prepared to coach teams in proper API design techniques, as well as shift the culture from a code-first to adopt-first approach.
Coaching will need to cover the fundamentals of APIs and the HTTP protocol. Surprisingly, 25% of developers have never seen HTTP, the language of the web, in action. Instead, they have only worked with libraries that abstract away HTTP. Developers, product managers, and executives should all understand HTTP fundamentals, as it will help everyone to make more informed decisions when it comes to the API program.
Teams that will be producing APIs should also be familiar with API modeling and design techniques. For organizations that are new to web APIs, this may start as side-by-side coaching during the API design process. Over time, educational material, training, and other resources may be offered that help onboard new hires as well as reinforce key concepts to teams starting their API journey. The goal is to produce self-sufficient delivery teams that, over time, depend less upon the API experts in the organization as they become experts themselves.
For every team that produces an API, there are two or more teams that will use the API as part of their solution development. Empower solution teams to discover and consume existing APIs before they decide to code the solution from scratch. It takes time, but by shifting the focus from code-first to adopt-first, organizations are able to achieve greater velocity while delivering a consistent customer experience.
Step 3: Adapt API Governance to Organizational Change
Governance processes that fail to adapt to organizational change will fail. Those involved in stewarding API governance must continually listen and adjust processes and recommendations as the organization adapts to the changing marketplace. The emergence of new APIs styles, technologies that drive increased efficiencies, and learnings in the field may all contribute to the need to adapt your existing governance process. Conduct frequent reviews of the current process, gather feedback from API producer and solution teams, and adjust your governance processes as necessary.
Additionally, organizations with a large number of development teams, or teams that are distributed across multiple regions or countries, will find that a centralized governance model doesn’t scale efficiently. A federated governance model helps to distribute knowledge and processes to the edge of the organization.
In a federated governance model, a centralized API governance team establishes the core processes and standards by which the organization will operate. Representatives from a specific business unit or region are trained as delegates that can provide context-specific guidance and coaching. The centralized API governance team works with federated API coaches to gain insight into emerging needs, suggested improvements, and any clarifications required to maintain consistency across the organization.
By introducing a federated governance approach, organizations gain the speed and flexibility they need to scale governance across a large-scale organization, while supporting the varying needs of different business units and regions.
With the shift toward lightweight API-driven IT departments, the way we approach API governance must adapt as well. By encouraging your organization to produce consistently designed APIs, we eliminate waste from poorly designed and inconsistent or redundant APIs. We then seek to coach teams to become self-sufficient in producing and consuming APIs quickly and easily, eliminating any bottlenecks in our delivery process. Finally, we must structure our API governance to adapt to changes in the organization, otherwise teams will circumvent established processes and best practices that benefit the entire organization.
LaunchAny provides training and consulting services to help organizations establish and mature their API program. Find out more at https://launchany.com/services/.