[{
"name": "Access",
"slug": "access",
"description": "Gaining the necessary access to effectively use an API is often more challenging than it appears. Intentional and unintentional barriers can create friction in discovering and onboarding with an API. Issues such as incomplete documentation and complex authentication processes frequently hinder adoption. These challenges often reflect the business dynamics and internal politics of making APIs available to teams, partners, and third-party developers.While API access may seem straightforward to the developers who created it—or to those accustomed to high-friction onboarding—it often overlooks critical steps that could simplify the process for others. Improving the API access experience can be as simple as providing clearer instructions, maintaining regular communication, and adopting the perspective of an API consumer. By walking through your own APIs or evaluating competitors’ offerings, you can identify opportunities to streamline access and improve usability.",
"image": "/images/access.png",
"tags": ["Availability","Discovery"],
"properties": ["Portals","SignIn","Signup","Website"]
},{
"name": "Alignment",
"slug": "alignment",
"description": "Achieving alignment between teams producing APIs and their consumers is a persistent challenge in API operations. Effective collaboration between business and technical stakeholders requires ongoing investment and adjustments. Similarly, aligning API producers and consumers depends on establishing feedback loops, enabling self-service options, and fostering direct engagement across all API stakeholders.Building community and establishing alignment among teams and consumers involve proven approaches, but the real challenge lies in maintaining that alignment over time. As APIs evolve through different versions and business priorities shift, sustaining alignment requires continuous effort—much like other aspects of API management, it is an ongoing and iterative process.",
"image": "/images/alignment.png",
"tags": ["Solutions"],
"properties": ["UseCases","Answers","Support","Forum","SupportGitHubIssues","SupportEmail","FeedbackGitHubIssues","FeedbackEmail","QuestionsGitHubIssues","Contributing","FAQs","StackExchange","ProfessinoalServices","Training","Partners","BestPractices","Cheatsheet","Checklist","Concepts","Contact","CustomerSuccess","Education","Experts","StackOverflow","Templates","Terminology","Guidelines","Help","ImplementationChecklist","Knowledge","KnowledgeCenter","Questions","Quickstarts","Ratings"]
},{
"name": "Applications",
"slug": "applications",
"description": "The experiencce of applying API resources and capabilities in desktop, web, mobile, device, and artificial intelligence applications. The design, delivery, and sustainment of APIs will define the experience of how they end up being used within applications by developers.Different types of applicaitons will have different needs of APIs, and the experience of developing applications will require perpetual alignment with developers to streamline. The experience of developing, but also using applications, will be downstream of functional or dysfunctional API lifecycles.",
"image": "/images/applications.png",
"tags": ["Web Applications","Desktop Applications","Device Applications","Mobile Applications","Artificial Intelligence Applications"],
"properties": ["ApplicationDirectory","ApplicationLoadBalancers","Devices","DeviceTester"]
},{
"name": "Automation",
"slug": "automation",
"description": "Automating business operations is a primary driver for adopting and governing APIs, enabling organizations to achieve the scale, speed, and quality needed to remain competitive in global markets. APIs can be automated through low-code platforms, custom scripts, CI/CD pipelines, event-driven orchestration, and increasingly, with artificial intelligence and AI agents.The biggest challenge for teams lies in distinguishing between automating business processes using APIs and automating the delivery and evolution of the APIs themselves. While automating tasks through APIs is well-established—with iPaaS and similar providers supporting both business and engineering stakeholders—the automation of API operations, platforms, lifecycles, and governance remains a less familiar domain that intersects with broader platform strategies.",
"image": "/images/automation.png",
"tags": ["Pipelines","Events","Real-Time","CRON Jobs"],
"properties": ["PostmanCollections","BrunoCollection","Pipelines","Scripts","Connectors","Bots","Plugins","Workers","Callbacks","CLI","CommandLineInterface","EventBus","EventTypes","Webhooks","Websockets"]
},{
"name": "Business",
"slug": "business",
"description": "Every aspect of API operations should ultimately be evaluated through the lens of cost and value—both the expenses incurred to develop and maintain APIs and the direct or indirect revenue generated from their use. While API access may not always be directly metered or billed, understanding the financial investment required to deliver an API and the business value it drives is essential. Framing API operations in financial terms helps clarify priorities and justify decisions.Although financial considerations are the primary driver of API operations, they’re not always fully understood at the operational level. After nearly 25 years of API proliferation, enterprises are becoming more focused on justifying expenditures related to building and maintaining HTTP API infrastructure, as well as the growing costs of consuming third-party APIs—which now form a significant part of the enterprise digital supply chain.",
"image": "/images/revenue.png",
"tags": ["Solutions"],
"properties": ["Plans","Pricing","Partners","Products","Billing","Analysts","BrandKit","BuyerGuide","Careers","ComputePricing","CostManagement","CostOptimization","CustomerAgreement","Customers","ExecutiveInsights","FreeTier","Gallery","Industries","Branding","Sponsorship"]
},{
"name": "Change",
"slug": "change",
"description": "Managing and effectively communicating changes across one or more APIs is a leading cause of instability and friction in enterprise operations. While these changes often surface in applications used by end-users, the root cause is frequently minor or breaking updates that could be mitigated through versioning, testing, and machine-readable artifacts—validated using JSON Schema during design or runtime.Change is inevitable in enterprise environments, but the real challenge lies in the lack of visibility and communication surrounding it. Issues often arise not from the changes themselves, but from their sudden, unannounced implementation. Effective API change management starts with source control and CI/CD pipelines and extends to consistent strategies for notifying stakeholders about both minor and major updates.",
"image": "/images/change.png",
"tags": ["Solutions"],
"properties": ["RoadMap","ChangeLog","Versioning","Deprecation","Versions"]
},{
"name": "Communication",
"slug": "communication",
"description": "Consistent communication about the production and consumption of APIs is critical for effective enterprise governance. APIs are inherently difficult to visualize, making it essential to invest in messaging, blog posts, videos, case studies, and other forms of content to enhance their visibility. This communication should cover internal teams, first-party applications, external partnerships, and public third-party developers.Every stage of the API lifecycle offers an opportunity to share updates, tell stories, and keep stakeholders informed. Each API integration presents a chance to shape future versions and inspire new use cases. Communication isn’t just an extra layer of API governance—it’s the driving force behind governance, support, and feedback loops, ensuring API operations continue to evolve and improve.",
"image": "/images/communication.png",
"tags": ["Solutions"],
"properties": ["Teams","Blogs","Blog","BlogFeeds","Videos","News","Resources","WhitePapers","Webinars","CaseStudies","Events","LinkedIn","Reddit","Discord","Newsletter","Announcements","Articles","Community","Facebook","Featured","Forums","WhatsNew","Twitch","Twitter","Mastodon"]
},{
"name": "Consistency",
"slug": "consistency",
"description": "Achieving consistency in the design, delivery, and maintenance of HTTP APIs across an enterprise is a significant challenge—one that often complicates API operations. Small differences, such as variations in HTTP status codes or authentication methods, can lead to added costs and delays during integration. However, this also presents an opportunity to introduce incremental changes at scale, making APIs more consistent and easier to manage.Consistency can mean different things to different teams, which is why a policy- and rule-driven approach is essential for defining, prioritizing, and evolving standards. These policies and rules can be adopted flexibly across domains and teams, aligning with broader business and governance objectives. The goal isn’t to enforce 100% uniformity but to establish a clear and consistent framework for common patterns and practices, while addressing anti-patterns in HTTP API delivery.",
"image": "/images/consistency.png",
"tags": ["Governance","Design","Patterns","Anti-Patterns"],
"properties": ["OpenAPI","Policies","OperationalRules","ApiRules","Lifecycle","Vocabulary","Compliance","Extensions","Governance"]
},{
"name": "Discovery",
"slug": "discovery",
"description": "The average enterprise maintains approximately 0.5 APIs per employee, making it a constant challenge to track the growing inventory of HTTP APIs being produced and consumed. Enterprises often address this challenge by publishing catalogs, marketplaces, and portals to facilitate API discovery. Standards like APIs.json are also emerging to support centralized discovery while enabling more federated, distributed, and ad hoc approaches.API discovery can be partially addressed by publishing APIs to a catalog or marketplace when they are deployed via an API gateway. However, this approach primarily focuses on produced APIs. Ideally, both produced and consumed APIs should be actively indexed, aggregated, and made searchable and browsable. API distribution and discovery should not only be a core aspect of producing APIs but also an integral part of integrating any API into applications or systems.",
"image": "/images/discovery.png",
"tags": ["Solutions"],
"properties": ["Portals","Search","Marketplaces","Catalogs","Products","APIs.json","GitHubRepository","PostmanWorkspaces","Discovery"]
},{
"name": "Integration",
"slug": "integration",
"description": "Integrating digital resources and capabilities into other systems using HTTP APIs is commonplace in any enterprise. However, the experience, skills, time, and cost required for successful integrations can vary significantly depending on the API. This variability has driven companies to centralize their API efforts and adopt an 'API-as-a-product' approach—making integrations more seamless, efficient, and cost-effective.The API integration experience begins with onboarding but is also shaped by factors such as the availability and quality of SDKs, the ease of use within low-code or no-code platforms, and the initial design of the API itself. By fine-tuning these aspects, organizations can reduce friction, better meet the needs of API consumers, and ensure API resources and capabilities are readily accessible where and when they are needed.",
"image": "/images/integration.png",
"tags": ["ETL","iPaaS","Low-Code","No-Code","Connectors","Plugins","SDKs","Connections","Frameworks","Go SDK","Integrations","Go SDK","Java","JavaScript","Kotlin","NET","Node.js SDK","PHP SDKs","Rust SDKs","Ruby SDKs","Swift SDK","SDK","Python SDK"],
"properties": null
},{
"name": "Legal",
"slug": "legal",
"description": "The legal aspects of producing and consuming APIs can quickly derail even the best-laid plans for API producers and disrupt the roadmaps of developers building applications and integrations. Terms of service and privacy policies should always be prominently displayed wherever an API is distributed and included as part of supporting artifacts for documentation, onboarding, and discovery.While terms of service and privacy policies are the foundation of API legal considerations, other elements—such as licensing, codes of conduct, copyright, deprecation policies, and service level agreements—are becoming increasingly important. Legal requirements for APIs should always be reviewed by legal teams and ideally revisited with the release of any new API to ensure compliance and clarity.",
"image": "/images/legal.png",
"tags": ["Solutions"],
"properties": ["TermsOfService","PrivacyPolicy","InterfaceLicense","CodeOfConduct","CopyrightLicense","CopyrightPolicy","DeprecationPolicy","ServiceLevelAgreement","Patents","AcceptableUsePolicy","Accessibility","Copyright","ServiceLevelAgreements","License","Legal","Privacy","Trademark","TrustAndSafety"]
},{
"name": "Onboarding",
"slug": "onboarding",
"description": "Transitioning from API discovery to integration as a consumer requires a well-defined and streamlined API onboarding process. Onboarding begins with discovery and relies heavily on clear documentation. However, other factors—such as account creation, authentication, SDK availability, and supporting resources—also play a critical role. API producers should regularly adopt the perspective of their consumers to experience onboarding through their customers eyes.Refining the API onboarding experience takes effort. It’s easy to either overlook critical steps or introduce unnecessary complexity. Ideally, the process should be self-service and require as few steps as possible to move from discovery to a 'hello world' first API call. Lessons about what works—or doesn’t—can often be drawn from the onboarding experiences of competitors and complementary services within your industry.",
"image": "/images/onboarding.png",
"tags": ["Solutions"],
"properties": ["Portals","About","Documentation","GettingStarted","Guides","PostmanCollection","StagingEnvironment","Environments","BrunoEnvironment","Console","Sandbox","Pagination","Glossary","Sign-Up","Login","Applications","OpenSource","C Plus SDKs","CodeSnippets","CommunitySDKs","Enumerators","ErrorCodes","Explorer","README","InsomniaCollection"]
},{
"name": "Products",
"slug": "products",
"description": "APIs should be designed to solve business problems, not just technical ones. Over time, API products should become increasingly standardized and include feedback loops with consumers to continuously improve. Treating APIs as products makes them more visible and tangible to business stakeholders, helping to bridge the gap between product and engineering teams and ensuring alignment on business needs.Approaching APIs as products also creates a tailored experience around each set of digital resources and capabilities delivered via HTTP APIs. This approach simplifies API design and delivery, ensuring APIs resonate with a broader audience and meet expectations within specific business sectors. Aligning product and engineering teams to manage the delivery and evolution of APIs remains a key challenge for enterprise organizations today.",
"image": "/images/contracts.png",
"tags": ["Solutions"],
"properties": ["Products","Feedback","Pricing","Plans","Appliance"]
},{
"name": "Provenance",
"slug": "provenance",
"description": "Failing to understand your API history increases the risk of repeating past mistakes in future API development. Establishing provenance for each API helps track changes over time and ensures new owners and stakeholders can quickly get up to speed. Architectural decision records for API operations provide stability and a shared understanding among teams, supporting both the creation of new APIs and the maintenance of legacy APIs.In the age of artificial intelligence, API provenance is becoming even more critical for governing enterprise operations. Maintaining clear records of which APIs models have been trained on, which APIs can be used within each model, and which models are accessed via APIs will be essential for meeting future regulatory and compliance requirements. Without proper API provenance, the cost and complexity of delivering APIs are likely to increase significantly.",
"image": "/images/provenance.png",
"tags": ["Solutions"],
"properties": ["ChangeLogs","Licensing","Issues","DataProviders"]
},{
"name": "Quality",
"slug": "quality",
"description": "The quality of HTTP APIs powering an enterprise tends to decline as the number of ungoverned APIs grows across internal, partner, and public landscapes. Low-quality APIs lead to poor downstream experiences—for developers onboarding and integrating with APIs, as well as for end-users relying on applications powered by those APIs. API quality impacts business operations in numerous ways, making it a critical factor for success.Testing, monitoring, tracing, and observability all play a vital role in improving API quality. However, the design and broader operational properties of APIs also influence the overall quality discussion. HTTP APIs should be simple, effective, and focused on doing one thing reliably well. While tactical improvements can enhance the API experience incrementally, achieving higher levels of quality requires addressing strategic challenges across the API lifecycle.",
"image": "/images/quality.png",
"tags": ["Solutions"],
"properties": ["GitHubRepository","Testing","Monitoring","Design","Traceability","ErrorLogs","Linter","MockServer"]
},{
"name": "Reliability",
"slug": "reliability",
"description": "If an API isn’t reliable, consumers will eventually look for alternatives. Reliability starts with the platform and infrastructure where the API is deployed, but it also depends heavily on the pace of change and the communication surrounding those changes. At its core, API reliability is more about trust than technical specifications, and each API producer may define reliability slightly differently.A clear understanding of how consumers use an API in their applications can greatly influence what reliability means in practice. While reliability often comes down to uptime and availability, it can also include perceived performance and the quality of digital resources and capabilities. Reliability is built over time, as trust with consumers grows and careful decisions are made to guide the API’s evolution.",
"image": "/images/reliability.png",
"tags": ["Solutions"],
"properties": ["GitHubActions","OperationalValidation","Performance","APIValidation","Status","Headers","Issues","Errors","RateLimits","Communication","Testing","Pipelines","Architecture","BetaProgram","BreakingChanges","BreakingChangesPolicy","Dashboard","HealthDashboard","TestingData","TestUserProfiles","StatusCodes","StatusHistory","NetworkLoadBalancers"]
},{
"name": "Reuse",
"slug": "reuse",
"description": "The reuse of APIs in applications and integrations, but also in the producing of APIs plays an important part in the overall experience of teams who are producing and consuming APIs. The reuse of APIs might be componetizing what is used to build an API, or it might look like making APIs plug and playable in low-code-or no-code solutions.The experience of reuse will impact business when it comes to taking the digital resources and capabilities of an enterprise and effectively and efficiently applying to generate new revenue and expand customer's usage of APIs. Focusing on the reusability of APIs from design through production will pay off when it comes to making applying APIs a seamless and robust experience.",
"image": "/images/reuse.png",
"tags": ["Reusability"],
"properties": ["Components","Connections","DockerContainer","Downloads","Embeddable","Widgets"]
},{
"name": "Security",
"slug": "security",
"description": "API security is a top priority for any enterprise, with even higher standards for externally available APIs. However, security doesn’t end with the APIs an enterprise produces—it also applies to consuming APIs, including managing authentication, encryption, and other security practices. Building a strong API security posture requires ongoing investment and effort.The overall tone of API operations is shaped by security practices, and it becomes much harder to enforce security effectively if addressed only when APIs are exposed via gateways. Shifting security practices left—embedding security early in the design and development process—ensures product and engineering stakeholders are actively involved. API security depends not only on authentication, encryption, and endpoint scanning but also on thoughtful design and development, requiring a balanced, lifecycle-wide approach.",
"image": "/images/security.png",
"tags": ["Solutions"],
"properties": ["Authentication","Authorization","Bounties","OAuthScopes","Certificates","Encryption","HMAC","SCIM","CORS","Credentials","DynamicClientRegistration","OAuth20AuthorizationFramework","OAuth20AuthorizationServerMetadata","OAuth20DynamicClientRegistrationProtocol","OAuth20PushedAuthorizationRequests","OAuth20RichAuthorizationRequests","OpenID","OpenIDConnect","Security","Scopes"]
},{
"name": "Simplicity",
"slug": "simplicity",
"description": "Simplicity is a hallmark of well-designed HTTP APIs, but achieving simplicity requires effort. The likelihood that a partner or third-party developer will abandon an API increases as cognitive load grows—with each additional path, parameter, schema, or property adding complexity. Clear design and development policies, combined with strong governance practices, help prevent unnecessary complexity and ensure that simple HTTP APIs are prioritized over more complicated solutions.As technologists, it’s easy to view complexity as a necessary feature of APIs, but in reality, the opposite is true. Simple, intuitive HTTP APIs enhance usability and improve the experience for both producers and consumers. API producers often overwhelm consumers with too many paths, parameters, and properties, when in many cases, a single, focused API resource or capability would suffice.",
"image": "/images/simplicity.png",
"tags": ["Simple","Intuitive","Easy"],
"properties": ["OpenAPI","Documentation","Examples","Authentication","Features","Tags","GettingStarted","Standards"]
},{
"name": "Standardization",
"slug": "standardization",
"description": "The standardization of APIs will shape the overall experience producing and consuming APIs. The number of and types of standardizations will shape the design of the API itself, as well as the onboarding, authentication, and other downstream aspects of consuming an API by developers.The experience of teams producing APIs will be streamlined with standards and help immediately reduce friction and save time for consumers of an API. Internet and industry standards will help align enterprise resources and capabilities with what is expected by consumers of APIs, ensuring that interfaces already speak the language of a busienss sector, or the World Wide Web.",
"image": "/images/standardization.png",
"tags": ["Solutions"],
"properties": ["FAPI","FDX"]
},{
"name": "Trust",
"slug": "trust",
"description": "Establish trust with API consumers will evolve and build over time, and is something that can be lost in a very short period of time. Trust will depend on other experiences like quality and reliability, or even communicaiton, but trust should be focused on as it's own experience, accumulating bits from other experiences.Trust centers are becoming common place for companies to provide a single source of truth for all legal, regulatory, and compliance for a platform. APIs overlap with this evolution, and the legal experience, as well as security, reliability, and communication will no doubt shape what trust and trust centers look like.",
"image": "/images/trust.png",
"tags": ["Regulatory","Compliance"],
"properties": ["Certifications"]
},{
"name": "Workspaces",
"slug": "workspaces",
"description": "Establishing common workspaces for producing, onboarding, and consuming APIs helps standardize and stabilize the API experience in numerous ways. Platforms like GitHub and GitLab increasingly offer dedicated workspaces for managing API operations, leveraging repositories and Git to shape how teams produce, consume, and automate APIs. Git and CI/CD pipelines are defining the modern API experience by enabling collaborative, consistent, and repeatable workflows.Git allows API workspaces to be shared online while also supporting local development in personal environments. API infrastructure and service providers have embraced Git-based workflows, further enriching the workspace landscape with tools like Postman Workspaces, portal publishers, and other local or cloud-based solutions. While cloud-based workspaces offer scalability and accessibility, localized workspaces provide undeniable advantages for optimizing performance and ensuring maximum impact.",
"image": "/images/workspaces.png",
"tags": ["Solutions"],
"properties": ["GitHubOrganization","PostmanPublicWorkspace","GitHubRepository","PostmanWorkspace","Workspaces"]
}]