Need help?
Contact us
Chat with Kin
AI assistant · trained on my blog
Spectral rules that apply to the API level, linting OpenAPI.
Publishing a license for the interface, client code, server code, and data to ensure consumers understand the legal implications of using the API, code, and data into their own applications and int...
A human and machine-readable schema of the common and agreed upon API lifecycle.
The details for how to authenticate with an API should always be part of the business and technical contracts for an API. Information on how to authenticate with an API should be readily available ...
Require details regarding how authentication is handled as part of API security.
Providing a valid URL to the base for an API that is designed for machines to use when making call to an API by an consumer.
A blog RSS or Atom feed provides a simple way to syndicate information and updates about APIs with producers and consumers, allowing it to be pushed out to where they are located and regularly cons...
The APIs.json business contract must have a link to the validator for each, providing the ability to run linting rules for each type of contract and see the details of rules as they are applied.
Provide access to business API guidance as part of API contract support.
Require a CSharp client SDK available with each API.
Requiring that OpenAPI components headers meet the policy standards.
Requiring that OpenAPI components headers meet the policy standards.
Provide the provenance of an API contract using regular certifications
Having a change log of anything added, updated, or removed for an API, but also for the other operational and supporting resources for each API, ensuring there is a easy to read manifest of what ha...
Requiring that there is a contact included in the OpenAPI info.
Providing the data in which an API contract was created, establishing the inception of a specific contract involving one or more APIs, which defines the age of the contract.
Require usage of date-base versioning for managing change.
Requiring that all operational descriptions meets the policy standards.
Requiring the info description property meets the policy standards.
Providing a robust description of each API, providing the right amount of information for consumers to understand what is possible and what the business use case is.
Providing a robust description of the API contract, as well as each API it contains, providing my context for stakeholders of the contract.
The description for the proposed API change in the road map.
The human-readable HTML, Markdown, or PDF representation of the technical surface area of each API, providing path, methods, summaries, description, examples, and the other resources consumers will...
Providing examples of request and responses, with as many variations as possible, helping demonstrate wide usage of an API.
Providing simple, clean, and intuitive paths as part of the documentation being published for consumers to use.
Including details and examples regarding the request bodies being submitted for POST, PUT, and other possible methods.
Making sure there is a complete example for each API response in documentation, including happy and unhappy responses.
Documenting all of the schema which are used as part of request bodies and responses, providing JSON SChema representations of each.
Offering other elements or features of an API that are included or not included within a plan to help API consumers understand scope of what is available.
The environments for development, staging, or production environments should be available to manually or automatically working with an API in any environment, providing a machine-readable way for n...
Providing feedback on the business and technical details of each API contract, helping facilitate feedback from consumers and other stakeholders, but also from the learnings across other private an...
Allow for teams to receive feedback on API contracts via Git issue.
The step by step walk-through for new API consumers, ensuring they have exactly what is needed to discover and onboard, but also help make sure the getting started steps are as simple, plain langua...
Provide a link and description to your API documentation, providing the entry point for API consumers to begin learning about what your API does.
Provide a link and description of where API consumers can learn more about authentication and how it will work when they use an API.
Employing actions as a pipeline to make sure that the deliver of each API is a repeatable process.
GitHub organization provide the ability to have a dedicated README, providing a single landing page for the API workspace of a domain, line of business, or domain, where all API contracts can be fo...
GitHub organizations provide teams with the ability to create repositories for managing API contracts, separating and organizing contracts by meaningful bounded contexts within a specific domain.
GitHub organizations allow for the management of people and teams to help define who has access to repositories, contracts, and other assets managed via this dedicated domain workspace.
A GitHub organization provides a dedicated workspaces for teams to produce APIs, organize all the API contracts in motion, and leverage source countrol, CI/CD, teams, and other resources provided b...
A GitHub repository for an API, providing the single source of truth for the API contract, OpenAPI, and other artifacts, as well as the road map, change log, support, feedback, and other elements o...
Require a Go client SDK available with each API.
Governance standardizes APIs across teams using a common platform and lifecycle, applying governance policies and rules, and keeping everyone moving in the same direction using common guidance.
Human and machine-readable policies that define an aspect of API operations, which are always kept in alignment with business objectives.
A formal vocabulary of words and phrases that can and cannot be used across operations.
Ensuring there is guidance for teams throughout their API journey, providing simple text and video guidance for all of the topics business and engineering teams will encounter as part of their regu...
How will consumers be putting API resources and capabilities, getting into the details of programming languages and frameworks.
Providing a valid URL to a landing page for the API that is designed for humans to use when learning more about an API.
Including images as part of the metadata for your APIs helps make APIs more visible as part of portals, documentation, and other resources.
Including images as part of the metadata for your APIs helps make APIs more visible as part of portals, documentation, and other resources.
Provide the provenance of an API contract using Git issues.
Require JWT usage meets standards set by authentication policies.
Require a Java client SDK available with each API.
Require a JavaScript client SDK available with each API.
Require the API key usage meets standards set by authentication policies.
Requiring the info license property meets the policy standards.
Providing a way to login and gain access to an API, offering a simple human-readable URL to the login page, or ideally some sort of automated login process that allows access with as few clicks and...
Unique identifier, name, description, tags, and other metadata for the API that defines the purpose of each individual API, and how it benefits API producer and consumers, establishing the base of ...
Unique identifier, name, description, tags, and other metadata for the contract that defines the purpose of the API Contract, and how it benefits API producer and consumers, establishing the base o...
Providing details regarding the metrics available for each plan, outlining how the usage of digital resources and capabilities are being measured.
Providing the data in which an API contract was last modified, tracking the change that occurs with each API contract, understanding the velocity as well as stagnation of APIs.
Providing a clear, descriptive, and concise name for each API, as well as the APIs it contains, properly defining the scope, with an intuitive first impression of an API.
Providing a clear, descriptive, and concise name for each API contract, as well as the APIs it contains, properly defining the scope.
Require that OAuth usage meets standards set by authentication policies.
Require that OWASP API security top ten has been applied as part of API security.
A machine-readable OpenAPI using the most recent version of the API specification, describing the surface area of each API, which is then used to render the human-readable documentation, and other ...
Using the OpenAPI specification to describe HTTP APIs.
The OpenAPI Components object enables the centralization of common technical details within an API, promoting modularity and reusability. Using the components object as a standard practice helps re...
Requiring that OpenAPI security meet the policy standards.
Requiring that all OpenAPI tags meet the policy standards.
Requiring there is the latest version of OpenAPI available.
Requiring that all operational security meets the policy standards.
Requiring that all operational summaries meets the policy standards.
Requiring that all operational tags meets the policy standards.
Spectral rules that apply to the operational level, linting APIs.json.
Require a PHP client SDK available with each API.
Requiring that all operational parameters descriptions meets the policy standards.
Requiring that all operational parameters enums meets the policy standards.
Requiring that all operational parameters in property meets the policy standards.
Requiring that all operational parameters names meets the policy standards.
Requiring that all operational parameters schema meets the policy standards.
Requiring that all operational parameters type property meets the policy standards.
Requiring that all operational parameters meets the policy standards.
Requiring API paths meets the policy standards that are set.
Provide access to people API guidance as part of API contract support.
Publishing details regarding the performance of APIs, complimenting status and uptime information, but drilling into more detail regarding speed, latency, and other performance related metrics that...
Plans are all about being explicit and transparent with all of the access for an API, breaking down the tiers, rate limits, features, and pricing that is available for API consumers, standardizing ...
Providing the machine-readable policies that link machine-readable rules with the business reasons why we are governing an API and the operations around it, helping organize rules based upon the bu...
Provide access to API policy guidance as part of API contract support.
A machine-readable Postman Collection describing the surface area of the API contract or providing more modular and executable representations of portions of the API contract. - Postman - Executable
A Postman Workspace provides a dedicated space to manage API contracts within a domain, complimenting other types of workspaces, allowing for private, partner, and public workspaces to exist for ma...
Publishing a privacy policy covering the producer and consumers of an API, as well as end-users of applications, adding to the legal resources that are available to 3rd party developers when puttin...
Requiring that errors use the Problem Details for HTTP APIs standard.
Helping curate the provenance of each API contract as it evolves over time, documenting change, and cataloging the reviews, validation, certification, and conversation that occurs as each API moves...
Requiring that all OpenAPI external documentation meet the policy standards.
Provide the provenance of an API contract using Git pull requests.
Using pull requests to submit changes to business or technical artifacts.
Empowering teams to ask questions via issue or discussion via Git repository, or directly via email about the API lifecycle, governance, as well as the business or technical elements of producing a...
Allow for teams to ask questions and get answers via Git Issues.
Providing details of rate limits being applied as part of each plan, and what is available to consumers as part of their application usage.
Providing regional details available for access API resources and capabilities in different geographical regions as part of API plan usage.
Requiring that all operational request bodies meets the policy standards.
Requiring that all operational request body examples meets the policy standards.
Requiring that all operational request body media types meets the policy standards.
Requiring that all operational request body schema meets the policy standards.
Requiring that all 2xx responses meets the policy standards.
Requiring that all 4xx responses meets the policy standards.
Requiring that all 5xx responses meets the policy standards.
Requiring details regarding the regular response time for each available API.
Provide the provenance of an API contract using API governance reviews.
Providing the machine-readable rules used to govern an API that can be used as part of pipelines or other automation to lint an API, making sure the baseline for each API and the operations around ...
Offering software development kits, or SDKs for an API, handling authentication, and working across all available API operations in a variety of relevant programming languages to the targeted consu...
Provide a link and description of where API consumers can get access to SDKs, libraries, and the code that will jumpstart their integration with an API.
Requiring that all schema descriptions meets the policy standards.
Requiring that all schema names meets the policy standards.
Requiring that all schema properties meets the policy standards.
Requiring that all schema property descriptions meets the policy standards.
Requiring that all schema property names meets the policy standards.
Requiring that all schema property shapes meets the policy standards.
Requiring that all schema property types meets the policy standards.
Requiring that all schema type meets the policy standards.
Require Oauth scopes meets standards set by authentication policies.
Providing an overview of security practices for an API, including details covered as part of authentication and access management, but also security testing and certifications that matter to API co...
Require usage of major, minor, and patch Semantic Versioning for managing change.
Internet, industry, market, and government standards help make APIs more consistent, but also save time and money for both producer and consumer, while keeping APIs better aligned with existing ind...
Making an API status page, monitoring reports, or other real-time updates regarding the uptime and availability of an API, providing current, but also the historical status of API, helping maintain...
Require a link to as well as results from a status dashboard for an API.
Require a link to as well as results from a status history for an API.
Outline what support is available for API consumers, including email, tickets, forums, and paid support services, making it easy for API consumers to understand how they can get the help they need ...
Require that an API is supported using email.
Require that an API is supported using Git issues.
Tags provide a bounded context for your APIs, providing keywords that help organize APIs by domains, and make them more discoverable.
Tags provide a bounded context for your APIs, providing keywords that help organize APIs by domains, and make them more discoverable.
The OpenAPI technical contract must have a link to the validator for each, providing the ability to run linting rules for each type of contract and see the details of rules as they are applied.
Provide access to technical API guidance as part of API contract support.
Making sure that terms of service are front and center for API consumers, ensuring that the legal side of using API resources and capabilities in applications and integrations by 3rd party consumer...
Requiring the info terms of service property meets the policy standards.
Require that security testing has occurred and publishing results for API security.
Break down usage for for consumers based upon second, minutes, days, weeks, months, or other relevant time-frame for them to understand their usage.
The title for the proposed API change in the road map.
Requiring the info title property meets the policy standards.
Providing the valid URL for the APIs.json contract, identifying the source of the contract which may or may not be where it is found, helping make contract authoritative.
Providing unique identifiers for API apis, as well as the APIs that are indexed as part of an API, providing a key reference for discovery and automating around a contract.
Providing unique identifiers for API contracts, as well as the APIs that are indexed as part of a contract, providing a key reference.
Requiring that all operational unique identifiers meets the policy standards.
Using JSON Path to identify properties of a schema.
The version of the proposed API change in the road map.
Requiring the info version property meets the policy standards.
Providing semantic or date-based versioning for an API, offering an overview of what is adopted for an API and why, letting consumers know that their is change management in place and how they can ...
What will consumers be building with the resources and capabilities being made available via APIs.
Who is using an API, focusing on the people who will be putting an API to work in their applications.
What are the reasons an API consumer will be putting APIs to work in their applications and integrations as part of their business.
