OAuth 2.0 and adjacent technologies, such as the JWT format, have been been extraordinarily successful in providing a viable mechanism for authorizing API calls in a wide variety of scenarios. The lax nature of the specification, however, left a lot as exercise for the reader- which resulted in many insecure and non interoperable deployments. The standard group worked to fill the gaps by r...

As APIs are adopted in more and more organizations, the need for successful API design and implementation becomes more pressing. Companies that adopt a single API definition format (OpenAPI, AsyncAPI, Schema Definition Language, Protobuff, etc.) are likely to find their options limited as their API ecosystem grows and matures over time. In order to avoid forcing the entire company to adopt...

The OpenAPI specification is open — really open. From the beginning, the specification allowed specification extensions (properties prefixed by "x-" ) just about anywhere. This feature adds extensibility, yes, but also great power. At Apiture, we embrace the API First design process and use specification extensions to augment our APIs, automate much of our build pipeline, and improve our d...

API Design Reviews can be a total nightmare when it comes to check API Design Guidelines conformance. Hopefully, this can be automated using the OpenAPI Specification and Spectral, a JSON/YAML lintern and so you'll be able to focus on other more interesting tasks. But that will only work if you know how to build and use Spectral rulesets. During this session you'll discover the basics of S...

The OpenAPI Specification is shaped over time by the community. If you want to get involved, what should you know? This panel includes active members of the governing board, the technical steering committee, spec contributors, tooling authors, and community facilitators. Topics will include, How improvements to webhooks went from concept to reality in the 3.1.0 effort? Where, when, and how...

In this talk, I’ll explore the good, bad, and awesome aspects of building Async API into our open data hub. As advocates of open source tools, it is our mission to simplify the collection and distribution of streaming data by taking care of everything under the hood, including business-to-business exchange of data and “last mile” delivery to end consumers. Beginning with a discussion on op...