API Innovation
Tuesday, October 25, 2022
PRO Workshop (API): Building an API Layer for Blockchain Data using Scaffold-ETH and The Graph
In this talk we will showcase how to leverage the power of The Graph to index blockchain event data into an easy to use and flexible API built on Graph QL.
Attendees can easily follow along the workshop by building out their own development environment with only Git, Yarn and NodeJS. Come learn to build the future on Web3.
PRO Workshop (API): OpenAPI3 + Istio = Zero Overhead API Routing
API-as-a-Product is an emerging concept in the software development sphere. Speed in API development and delivery is becoming increasingly important. Open API 3 enables faster and collaborative API development and its custom extensions can be leveraged to augment API contracts with additional functionality. Here at Intuit we built a system that uses Open API spec, Istio Service Mesh and other extensions to dynamically generate the runtime and enable zero overhead routing for the orchestration APIs. Istio VirtualService is used to create the routing layer with zero overhead to enable faster API delivery. This zero overhead routing supports API patterns like aggregation, transformation and proxy and can be used uniformly across both north-south (via API Gateway on Service Mesh) and east-west traffic. Such an API orchestration runtime and routing will allow you to create and present new and elegant APIs on top of existing APIs while adhering to industry best practices. Come and learn how Intuit’s API Management Platform team built a low code / no code zero overhead routing for orchestration APIs using OpenAPI3 and Istio.
PRO Workshop (API): Testing Pyramid for Event-Driven Microservices
Event-Driven systems, being decoupled by definition, present a very different API from classic, endpoint-based microservices. This characteristic requires an evolution of the traditional approach to writing automated tests.
In this session, we will look at various ways to write these automated tests for these kinds of systems. The session will include a live code walkthrough in Kotlin.
Wednesday, October 26, 2022
PRO TALK (API): Integrationless: How APIs Can Unlock Entire Industries
This session will present the concept of integrationless. It represents a parallel with serverless, where the complexity of integrating with multiple sources will hide in a unique API that internally will orchestrate the connections with the multiple data sources. Leaf is a company of this type. We created an API for agriculture that hides the complexity of integrating multiple sources normally present in an AgTech application.
KEYNOTE (API): IBM -- Power Your Digital Business with a Comprehensive API Strategy: A Retailer’s Journey
API management is key to achieving digital transformation. Learn what's new with API management technologies and strategies and what's coming next. This session will include a fireside chat with a client about how they've achieved digital transformation with API management.
OPEN TALK (API): Effective API Security: API Discovery, Runtime Protection, Security Analytics, Active Testing
APIs are the glue that connects all of our software systems. But our knowledge and ability to track and secure APIs has not kept up with our rapid adoption of them. This API sprawl introduces significant operational and security risks, yet securing your APIs is different than everything we've been doing to secure our applications to date. WAFs don't help. API gateways aren't enough. DAST testing isn't enough. So what do we need to do differently?
In this session we will discuss why and how the approach to securing APIs needs to be different. We'll look at what you should consider through the software development lifecycle. And we'll share some real-world examples of organizations that have built and maintained robust API security strategies, with impressive outcomes related to reduced risk, lowered costs, and more secure API development practices.
OPEN TALK (API): Improving Developer Experience With OpenAPI
The OpenAPI spec is the most broadly adopted industry standard for describing modern APIs. Companies of all shapes and sizes are using OpenAPI specs to automatically generate documentation, SDKs, tests, and more.
In this talk, we’ll deep dive into our team's journey migrating to OpenAPI and explore how it’s used to automatically generate a delightful developer experience across documentation and SDKs. We’ll take a broad look at the OpenAPI ecosystem, discuss the challenges we faced during the migration, and the impact we have seen so far.
You’ll leave with a better understanding of the OpenAPI spec, the different types of tooling it unlocks, and why it’s worth considering for your own public API.
OPEN TALK (API): Evented API Gateways: Bringing the Productivity of Evented Systems to Synchronous Services and Systems
We all know that synchronous and asynchronous APIs can be a bit like oil and water. They’re completely different, operate on different protocols, and operate on different communication paradigms.
So, how are organizations supposed to manage, secure, and govern API ecosystems that have both synchronous and asynchronous APIs playing vital roles for the business?
Join this session to learn about how teams can implement an event-native API Management strategy to bring the productivity of evented backends and services to synchronous systems, make synchronous and asynchronous systems “shake hands” securely, and turn these APIs into revenue-generating products.
PRO TALK (API): Happy Agents = Happy Customers: Empower Your Customer Service Team to Lead the Way
Keeping on top of your organization’s technical platforms as well as customer experience is a daunting task, and it can't be done by siloed teams. Your Customer Service team and the insight they gain from users is critical to the incident identification and response process, and your development teams can use this insight as data to speed up their ability to resolve the problem. As the team closest to the customer, incorporating your customer service team into the DevOps lifecycle will reduce silos, shorten feedback loops, empower agents, grow careers and delight your customers.
Come to this session to learn about bringing customer service teams in line with development teams, organizational goals, and improving agent experience to improve the customer experience. In this talk, you will learn the importance of aligned customer service ops, and how to help your customer service and dev teams establish strong practices of collaboration as one team in service of your customers.
[#VIRTUAL] PRO TALK (API): Navigating the Murky Waters of API-First
Everyone is jumping on the API-first bandwagon. For most organizations, an API-first approach is the key to scaling software development. But the journey to API-first is not always smooth sailing.
In 2022, I interviewed five well-known organizations for a sneak peek at how they implemented an API-first workflow among their teams. We’ll uncover why they began their transition, their biggest hurdles, and what is next on their roadmap. Learn from these shared experiences and recommendations to pave the way in your own API-first journeys. This is a session about managing organizational change.
PRO TALK (API): Travelport :: 7 Lessons Learned from a 50 Year Journey into APIs
This talk will share 7 lessons learned from our 50 year journey. A journey that started with mainframes and moved into APIs empowering the travel industry. The complexities that exist in the world of travel are unique and are solved in interesting ways. Those unique challenges and moving a large company into the interconnected world of APIs included its own fun problems to solve. I will share 7 things we learned along the way so you can learn without growing old learning the lessons yourselves.
OPEN TALK (API): Creating Unique Virtual Card Payment Experiences with U.S. Bank Card as a Service APIs
This session will share how U.S. Bank and TravelBank are using U.S. Bank Card as a Service APIs to create user experiences that reshape the payment experience - reducing friction, focusing actions on user objectives and speed them through the travel purchase process.
PRO TALK (API): API as Products: Best Practices for Using APIs to Achieve your Digital Business Goals
Organizations that want to create internal momentum and adoption around their APIs, offer APIs externally to third-parties, or create new revenue streams through monetization, you need to think about your APIs as products. This talk examines the key guidelines needed to define your APIs as products, build the framework to operationalize your API program, and design and execute an implementation plan. Specifically, the presenters will cover:
- Best practices for assessing and resourcing the people and tooling to support API products.
- Strategies for establishing objectives for your internal and external API programs and the metrics to evaluate them.
- Guidance on building and implementing internal rollout and external GTM plans.
WORKSHOP (API): Protecting GraphQL with Effective Governance & Security
GraphQL is a new approach to expose your services to application developers. There are many advantages which come with new challenges to security and governance. In this session you can learn how to protect and enforce governance for your GraphQL server endpoints from these unique GraphQL threats with a low-code approach. You'll see demoes of numerous approaches such as cost analysis, graph filtering, and much more.
KEYNOTE (API): Gravitee -- Beyond Cloud-Native: The Need for Event-Native API Management
While not new, event-driven architectures and event-driven APIs are taking the world by storm (again). And, while this is great, it presents issue after issue for teams trying to properly manage, secure, and govern these APIs. The solution in a nutshell? A new kind of API Management that we call “Event-native.” Join this discussion to learn more about what we mean by “Event-native” API Management and how you can successfully use API Management to ease and propel your organization's modernization initiatives.
OPEN TALK (API): Is Your App Security Scalable?
This discussion focuses on building durable, scalable access control systems for you and your clients’ database/app architectures. We will review three access control systems (Access Control Lists (ACLs), Role-Based Access Controls (RBAC), and Policy-Based Access Controls (PBAC (or ABAC))) and then, in a thought experiment, compare the development and maintenance effort of each when fulfilling the authorization requirements for one software app. The goal of this discussion is to offer you a system selection guide for your apps and present the case for why we chose PBAC for Devii.
PRO TALK (API): Transitioning to an API First Approach: Refactoring a Museum Interactive Platform
New to API design and development, I decided to start small in order to gain experience (this is what the experts advise). I decided to tackle a low-ish priority project: the redesign of the in-gallery interactive platform.
I mean - I read all the right books and attended the industry conferences (and took notes). I followed this up by watching the appropriate four (4) plus star-rated tutorials AND my task lists worked as designed. I'm the jump-in kinda person and really, how hard could this be?
Find out as I share the joys and challenges of taking the baby-steps to transition our way of thinking to an API-First approach.
PRO TALK (API): A New Architecture for APIs
APIs are great. However, API architectures have not significantly evolved. With GraphQL, designed for stitching data together, a new way of forming a graph of graphs is emerging. This architecture leads to a simpler design, better performance, simpler governance and graceful migration to the cloud. It is the way forward.
I will be drawing from my over a decade of experience as the CTO of Apigee, and seeing the impact of GraphQL, I will demonstrate how evolving your API architecture with a layer of GraphQL leads to leveraging your years of REST investment into a more flexible future proof architecture.
PRO TALK (API): Modern API Design
Design principles for modeling API contract. Best practices for API security. How to address scaling challenges like latency, fault tolerance and throughput. When to use rest, gRPC or GraphqL.
Thursday, October 27, 2022
PRO TALK (API): APIs in the wild
With the expansion of the cloud towards the end user, some common issues emerge: unreliable internet connection, fewer hardware resources, unreliable power available, metered connection …
In most of those use cases though the devices out there still need some way to communicate with the cloud, to let it know they are still alive at the very least. But what is the quickest and most efficient way to do that?
In this session we will explore and compare different API protocols in terms of resource usage and we will examine different mechanisms that are usually available at the API gateway level and at the device level, to optimize communication and respond to failures at the different levels of the stack.
We will conclude with some industry best practices when building services at the edge.
PRO TALK (API): Build Resilient Applications Using Orchestration
As we move towards an exciting future of more distributed systems, we are bound to encounter microservices written in different languages and infrastructures.
The resiliency of different applications only makes sense if they come together beautifully to create one invincible application.
In this session, we will talk about how companies like Netflix, Tesla, etc. used orchestration to build robust and scalable applications that inspire innovation.
PRO TALK (API): Virtual Spaces Are More than Just the Metaverse
We’ve all heard about the hype around the “metaverse”, but what about Virtual Spaces? A step closer than the metaverse, the concept of Virtual Spaces are where real-time interactions and experiences happen online.
Over the past few years, we’ve witnessed the rise of online communities enabled by real-time technologies – and the concept of Virtual Spaces – an online space where people or devices can collaborate together – has never been more appealing than in today’s pandemic-induced reality.
Tracking the delivery status of your latest ecommerce purchase? That happens in a Virtual Space. Want to look up where you rank in the mobile game you play every day? That live leaderboard is a Virtual Space. Hit a wall and need some real-time tech chat support? You guessed it, that’s a Virtual Space too.
PRO TALK (API): Cloud Databases, ELT, and APIs – A Perfect Storm?
The data landscape is changing rapidly. The explosion of Cloud database platforms on to the scene the past few years has paved the way for a new class of data innovation. The ease at which data can be collected, stored, shared, and manipulated is driving a new breed of Analytics, AI/ML, Data Science, and other data-driven applications that will have a major impact on the economy. These trends have enabled the emergence of ELT as an alternative to ETL, which in turn is enabling a whole new way of thinking about warehousing data and how to make use of that data, creating new opportunities that will help organizations increase the value of the strategic data assets that drive their business. APIs are the ideal mechanism to accelerate and expand these trends even further, leading to the long-sought-after golden age of APIs. This talk will discuss the future of Cloud Databases and ELT, and how the combination will drive a substantial wave of API adoption.
OPEN TALK (API): A Case for API and Event Management
As the event management and streaming and API Management worlds move closer and closer together with the implementation of event-driven and AsyncAPIs, a natural question arises:
Are Event Management & Streaming solutions and API Management solutions competing solutions? Or are they compliments?
Attend this session to hear our case for the two solutions as “friends,” and learn how you can implement a top-class API and Event Management strategy within your organization.
OPEN TALK (API): Build with Zoom Video SDK, Zoom's Core Technology
Zoom has opened up its core technology for developers alike to build custom video, audio, screen share, and chat experiences. Learn how to use the Zoom Video SDK and witness just how simple, yet powerful it is.
PRO TALK (API): Make Content Queryable: How to Build a Real-Time Document Store That Scales Globally
Customer-facing applications are increasingly integrated across the business, driven by a host of workflows spanning departments and even organizations. From marketing to e-commerce and all the way into the heart of product, content is powering all of our customer interactions, yet it is so often treated as an afterthought, handled by an amalgam of disconnected databases, isolated systems and, god forbid, a patchwork of spreadsheets.
There is a better way. In this talk, I'll outline how to build a modern, scalable content infrastructure, then walk you through the important steps you need to take to build that resilient, collaborative, global content store. I'll introduce the concept of a “Content Lake", similar to a data lake, and discuss the specifics of the Sanity Content Lake, a turn-key system for content orchestration that provides a single source of truth. We also invented GROQ, a flexible query for schemaless JSON documents, that's used to power GraphQL and other APIs. This lets you integrate content across internal tools and systems so applications run smoothly with the right content at the right time.
PRO TALK (API): A Bridge Too Far? Creating APIs for Some of the World’s Most Challenging Platforms
We all know that creating APIs for modern platforms can be a vexing experience without the right set of tools, processes, and people. But how do you create APIs for mission-critical legacy platforms that were never designed to be integrated with in the first place? How do you unlock the decades of investment your organization has made in these workhorse systems? Integrating with “green screen” applications? Seriously, is that even a thing anymore??? (Yeah, it totally is…)
Best case, this usually this entails dealing with uncommon security protocols, complex systems programming, ungainly architectural workarounds, and a lot of time and resources – the latter two of which are almost always scarce commodities. So many organizations just avoid the topic and try to work around it, or they hire armies of consultants who just end up adding to their already burgeoning legacy technical debt.
Can these APIs actually be built quickly and cost-effectively without disrupting the business - or is this simply “a bridge too far” for most organizations? In this session we’ll show you how to create sophisticated, scalable, and secure legacy APIs in a matter of minutes, rather than the weeks or months it normally takes, without writing a single line of code.
KEYNOTE (API): Foursquare -- Breaking Down the Monolith
The easiest APIs to use are the ones built for your use case. If your customers are all doing the same thing, and you're not adding new functionality very often, you can fine-tune your product to be perfect. The hardest APIs to use are those built for the wrong use case. If you're trying to get value from something that is designed from the ground-up for something else entirely, you're going to have a bad time. Is there a middle ground?
Microservices is a well-established pattern in service architecture, but the concept is not often applied to data and analytics. In Breaking Down the Monoloth, Ankit Patel will take us through Foursquare's decomposition of its location data and APIs, in building "location primitives'' that continue to support easy-to-use purpose-built APIs, but also allow rapid remixing and new use cases of the underlying components.
PRO TALK (API): How to Autogenerate Awesome GrapQL Documentation with SpectaQL
Having accurate and complete documentation for your APIs is necessary, but can also be quite challenging and time consuming. GraphQL, however, with its schema definition and the variety of tools that can access and explore that schema, does not have to be. See how our open-source project SpectaQL can help you keep your documentation complete, current and beautiful with the least amount of pain possible.
KEYNOTE (API): Marqeta -- Bringing Crypto to Real-World Payments with APIs
46 million Americans said they’d like to use cryptocurrencies to make retail purchases, and new APIs can help make that happen. Cryptocurrency platforms have come a long way in the last decade and new APIs are helping make crypto more accessible for the average person. Randy will discuss how flexible APIs help cryptocurrency platforms simplify how cryptocurrency holders make purchases, accelerating innovation in the space. He’ll share examples, such as how Coinbase created a customizable debit card that makes it easy for its users to spend from their crypto balances where Visa debit cards are accepted.
OPEN TALK (API): Pivoting from Consumer to Enterprise with APIs: Learn, Build, Optimize
Picsart built a 150M monthly creators strong consumer business with its app that offers hundreds of individual tools for fast editing. And now the company is exploring new territory with their new API program designed to make their most popular consumer creative tools available to enterprises and platforms via API. Learn how Picsart’s API team built a new revenue stream from existing tech but with a completely new business approach.
PRO TALK (API): Bitloops Language (BL): Giving API developers DDD/BDD superpowers
BL is an open-source, high-productivity, fourth generation (4GL), DDD/BDD focused, programming language that transpiles into mainstream programming languages such as TypeScript and Java and helps developers build and maintain complex APIs faster and better than ever before.
Domain Driven Design (DDD) and Behavior Driven Development (BDD) are proven ways to increase developer productivity and a sure way to improve the probability of a product or project succeeding. Nonetheless, DDD and BDD require significant experience and have a very steep learning curve. As a result, most organizations and individuals fail to make DDD and BDD part of their everyday routine and end up missing out on their significant advantages.
BL has been created to dramatically reduce the DDD/BDD learning curve for developers, allowing them to produce working DDD systems in no time.
During the talk we will see how we can quickly write a working system using Domain-Driven Design and deploy it as a TypeScript project while easily switching between a modular monolith and an Event-Driven distributed microservices architecture.
Tuesday, November 1, 2022
[#VIRTUAL] PRO Workshop (API): Building an API Layer for Blockchain Data using Scaffold-ETH and The Graph
In this talk we will showcase how to leverage the power of The Graph to index blockchain event data into an easy to use and flexible API built on Graph QL.
Attendees can easily follow along the workshop by building out their own development environment with only Git, Yarn and NodeJS. Come learn to build the future on Web3.
[#VIRTUAL] PRO Workshop (API): OpenAPI3 + Istio = Zero Overhead API Routing
API-as-a-Product is an emerging concept in the software development sphere. Speed in API development and delivery is becoming increasingly important. Open API 3 enables faster and collaborative API development and its custom extensions can be leveraged to augment API contracts with additional functionality. Here at Intuit we built a system that uses Open API spec, Istio Service Mesh and other extensions to dynamically generate the runtime and enable zero overhead routing for the orchestration APIs. Istio VirtualService is used to create the routing layer with zero overhead to enable faster API delivery. This zero overhead routing supports API patterns like aggregation, transformation and proxy and can be used uniformly across both north-south (via API Gateway on Service Mesh) and east-west traffic. Such an API orchestration runtime and routing will allow you to create and present new and elegant APIs on top of existing APIs while adhering to industry best practices. Come and learn how Intuit’s API Management Platform team built a low code / no code zero overhead routing for orchestration APIs using OpenAPI3 and Istio.
[#VIRTUAL] PRO Workshop (API): From Web API to Native API
Today, most SaaS providers provide web APIs that allow their users to customize their experience. The user often needs to set up and maintain a webhook server to receive API events, tolerate long latencies, and handle authentication and authorization. That is a lot of development and operation efforts besides the core business functions the user wants to perform. In another word, those web APIs are not serverless.
There is an emerging approach for users to interact with, extend and customize SaaS products through serverless functions. SaaS could enable users to submit code functions to be embedded in their SaaS account, much like AWS Lambda allowing users to embed serverless functions into the AWS infrastructure. In that way, the SaaS provides native integration points in the form of programming language APIs instead of web APIs to the users. It is much faster and safer than web APIs and allows developers to focus on business logic.
WebAssembly plays a crucial role in those SaaS serverless functions by providing a secure, safe, lightweight, and high-performance sandbox runtime for those user-submitted functions.
In this talk, Dr. Yuan will cover technical approaches to embedding WebAssembly functions, written in languages like Rust, Go, JavaScript and Python, into SaaS products and therefore turning them into aPaaS platforms. Those serverless functions could be embedded into the SaaS or “co-located” with the SaaS. He will demonstrate use cases with popular SaaS products such as Github and Slack.
[#VIRTUAL] PRO Workshop (API): Testing Pyramid for Event-Driven Microservices
Event-Driven systems, being decoupled by definition, present a very different API from classic, endpoint-based microservices. This characteristic requires an evolution of the traditional approach to writing automated tests.
In this session, we will look at various ways to write these automated tests for these kinds of systems. The session will include a live code walkthrough in Kotlin.
Wednesday, November 2, 2022
[#VIRTUAL] PRO TALK (API): Integrationless: How APIs Can Unlock Entire Industries
This session will present the concept of integrationless. It represents a parallel with serverless, where the complexity of integrating with multiple sources will hide in a unique API that internally will orchestrate the connections with the multiple data sources. Leaf is a company of this type. We created an API for agriculture that hides the complexity of integrating multiple sources normally present in an AgTech application.
[#VIRTUAL] KEYNOTE (API): IBM -- Power Your Digital Business with a Comprehensive API Strategy: A Retailer’s Journey
API management is key to achieving digital transformation. Learn what's new with API management technologies and strategies and what's coming next. This session will include a fireside chat with a client about how they've achieved digital transformation with API management.
[#VIRTUAL] OPEN TALK (API): Effective API Security: API Discovery, Runtime Protection, Security Analytics, Active Testing
APIs are the glue that connects all of our software systems. But our knowledge and ability to track and secure APIs has not kept up with our rapid adoption of them. This API sprawl introduces significant operational and security risks, yet securing your APIs is different than everything we've been doing to secure our applications to date. WAFs don't help. API gateways aren't enough. DAST testing isn't enough. So what do we need to do differently?
In this session we will discuss why and how the approach to securing APIs needs to be different. We'll look at what you should consider through the software development lifecycle. And we'll share some real-world examples of organizations that have built and maintained robust API security strategies, with impressive outcomes related to reduced risk, lowered costs, and more secure API development practices.
[#VIRTUAL] OPEN TALK (API): Improving Developer Experience With OpenAPI
The OpenAPI spec is the most broadly adopted industry standard for describing modern APIs. Companies of all shapes and sizes are using OpenAPI specs to automatically generate documentation, SDKs, tests, and more.
In this talk, we’ll deep dive into our team's journey migrating to OpenAPI and explore how it’s used to automatically generate a delightful developer experience across documentation and SDKs. We’ll take a broad look at the OpenAPI ecosystem, discuss the challenges we faced during the migration, and the impact we have seen so far.
You’ll leave with a better understanding of the OpenAPI spec, the different types of tooling it unlocks, and why it’s worth considering for your own public API.
[#VIRTUAL] KEYNOTE (API): Estée Lauder -- A Step-by-Step Journey to API Protection
Les Correia
Estée Lauder, Executive Director - Global Head of Application Security Enterprise Cybersecurity and RiskThe adoption of an API-first development methodology can help your business extend your competitive edge and increase bottom-line revenues. At the same time, the lack of complete API visibility compounded by coding errors, misconfigurations, or loopholes can expose exploitable vulnerabilities. Using demonstratable examples from the OWASP API Security Top 10 list, Les Corriea, Global Head of Application Security at Estee Lauder will discuss the challenges they overcame in their API protection journey and their efforts to continually stay ahead of the ever-evolving API threat landscape. The presentation will include:
* Why API protection is on every CISO’s mind
* The role OWASP API Security Top 10 list of threats plays
* API protection best practices and recommendations
[#VIRTUAL] OPEN TALK (API): Evented API Gateways: Bringing the Productivity of Evented Systems to Synchronous Services and Systems
We all know that synchronous and asynchronous APIs can be a bit like oil and water. They’re completely different, operate on different protocols, and operate on different communication paradigms.
So, how are organizations supposed to manage, secure, and govern API ecosystems that have both synchronous and asynchronous APIs playing vital roles for the business?
Join this session to learn about how teams can implement an event-native API Management strategy to bring the productivity of evented backends and services to synchronous systems, make synchronous and asynchronous systems “shake hands” securely, and turn these APIs into revenue-generating products.
[#VIRTUAL] OPEN TALK (API): How Businesses are Navigating the Perilous API Waters to Maximize Profit
APIs occupy a unique spot in the technology world. They're a primary method for delivering on business initiatives – from modernization to customer experience.
However, challenges such as cloud security, API proliferation and lack of community engagement can slow progress and reduce the value of your APIs.
This interactive session will showcase real-world examples from your peers at companies building out unique and targeted solutions using APIs and microservices architectures. You’ll also discover the challenges and best practices they’ve encountered designing and building APIs, adopting cloud-native architectures and ensuring the proper level of security and governance.
**One lucky audience member will WIN A YETI COOLER ($350 value) at the end of this presentation! (To be shipped to them after API World.)
[#VIRTUAL] PRO TALK (API): API Strategy for Growth
Discuss product led growth with an API first mindset to attract new merchants and their developer partner teams.
I will discuss about the culture and best practices every PM (Product manager) needs to embrace for scale irrespective of whether they deal with APIs directly or not to help their product scale for growth.
I will share insights of how we evangelize this as a culture at PayPal
[#VIRTUAL] PRO TALK (API): Happy Agents = Happy Customers: Empower Your Customer Service Team to Lead the Way
Keeping on top of your organization’s technical platforms as well as customer experience is a daunting task, and it can't be done by siloed teams. Your Customer Service team and the insight they gain from users is critical to the incident identification and response process, and your development teams can use this insight as data to speed up their ability to resolve the problem. As the team closest to the customer, incorporating your customer service team into the DevOps lifecycle will reduce silos, shorten feedback loops, empower agents, grow careers and delight your customers.
Come to this session to learn about bringing customer service teams in line with development teams, organizational goals, and improving agent experience to improve the customer experience. In this talk, you will learn the importance of aligned customer service ops, and how to help your customer service and dev teams establish strong practices of collaboration as one team in service of your customers.
[#VIRTUAL] PRO TALK (API): Navigating the murky waters of API-firstNavigating the Murky Waters of API-First
Everyone is jumping on the API-first bandwagon. For most organizations, an API-first approach is the key to scaling software development. But the journey to API-first is not always smooth sailing.
In 2022, I interviewed five well-known organizations for a sneak peek at how they implemented an API-first workflow among their teams. We’ll uncover why they began their transition, their biggest hurdles, and what is next on their roadmap. Learn from these shared experiences and recommendations to pave the way in your own API-first journeys. This is a session about managing organizational change.
[#VIRTUAL] PRO TALK (API): Travelport :: 7 Lessons Learned from a 50 Year Journey into APIs
This talk will share 7 lessons learned from our 50 year journey. A journey that started with mainframes and moved into APIs empowering the travel industry. The complexities that exist in the world of travel are unique and are solved in interesting ways. Those unique challenges and moving a large company into the interconnected world of APIs included its own fun problems to solve. I will share 7 things we learned along the way so you can learn without growing old learning the lessons yourselves.
[#VIRTUAL] OPEN TALK (API): Creating Unique Virtual Card Payment Experiences with U.S. Bank Card as a Service APIs
This session will share how U.S. Bank Card as a Service APIs can be used to create user experiences that reshape the payment experience - reducing friction, focusing actions on user objectives and speed them through the travel purchase process.
[#VIRTUAL] PRO TALK (API): API as Products: Best Practices for Using APIs to Achieve your Digital Business Goals
Organizations that want to create internal momentum and adoption around their APIs, offer APIs externally to third-parties, or create new revenue streams through monetization, you need to think about your APIs as products. This talk examines the key guidelines needed to define your APIs as products, build the framework to operationalize your API program, and design and execute an implementation plan. Specifically, the presenters will cover:
- Best practices for assessing and resourcing the people and tooling to support API products.
- Strategies for establishing objectives for your internal and external API programs and the metrics to evaluate them.
- Guidance on building and implementing internal rollout and external GTM plans.
[#VIRTUAL] WORKSHOP (API): Protecting GraphQL with Effective Governance & Security
GraphQL is a new approach to expose your services to application developers. There are many advantages which come with new challenges to security and governance. In this session you can learn how to protect and enforce governance for your GraphQL server endpoints from these unique GraphQL threats with a low-code approach. You'll see demoes of numerous approaches such as cost analysis, graph filtering, and much more.
[#VIRTUAL] KEYNOTE (API): Gravitee -- Beyond Cloud-Native: The Need for Event-Native API Management
While not new, event-driven architectures and event-driven APIs are taking the world by storm (again). And, while this is great, it presents issue after issue for teams trying to properly manage, secure, and govern these APIs. The solution in a nutshell? A new kind of API Management that we call “Event-native.” Join this discussion to learn more about what we mean by “Event-native” API Management and how you can successfully use API Management to ease and propel your organization's modernization initiatives.
[#VIRTUAL] OPEN TALK (API): Is Your App Security Scalable?
This discussion focuses on building durable, scalable access control systems for you and your clients’ database/app architectures. We will review three access control systems (Access Control Lists (ACLs), Role-Based Access Controls (RBAC), and Policy-Based Access Controls (PBAC (or ABAC))) and then, in a thought experiment, compare the development and maintenance effort of each when fulfilling the authorization requirements for one software app. The goal of this discussion is to offer you a system selection guide for your apps and present the case for why we chose PBAC for Devii.
[#VIRTUAL] PRO TALK (API): Transitioning to an API First Approach: Refactoring a Museum Interactive Platform
New to API design and development, I decided to start small in order to gain experience (this is what the experts advise). I decided to tackle a low-ish priority project: the redesign of the in-gallery interactive platform.
I mean - I read all the right books and attended the industry conferences (and took notes). I followed this up by watching the appropriate four (4) plus star-rated tutorials AND my task lists worked as designed. I'm the jump-in kinda person and really, how hard could this be?
Find out as I share the joys and challenges of taking the baby-steps to transition our way of thinking to an API-First approach.
[#VIRTUAL] PRO TALK (API): A New Architecture for APIs
APIs are great. However, API architectures have not significantly evolved. With GraphQL, designed for stitching data together, a new way of forming a graph of graphs is emerging. This architecture leads to a simpler design, better performance, simpler governance and graceful migration to the cloud. It is the way forward.
I will be drawing from my over a decade of experience as the CTO of Apigee, and seeing the impact of GraphQL, I will demonstrate how evolving your API architecture with a layer of GraphQL leads to leveraging your years of REST investment into a more flexible future proof architecture.
[#VIRTUAL] PRO TALK (API): Modern API Design
Design principles for modeling API contract. Best practices for API security. How to address scaling challenges like latency, fault tolerance and throughput. When to use rest, gRPC or GraphqL.
Thursday, November 3, 2022
[#VIRTUAL] PRO TALK (API): APIs in the wild
With the expansion of the cloud towards the end user, some common issues emerge: unreliable internet connection, fewer hardware resources, unreliable power available, metered connection …
In most of those use cases though the devices out there still need some way to communicate with the cloud, to let it know they are still alive at the very least. But what is the quickest and most efficient way to do that?
In this session we will explore and compare different API protocols in terms of resource usage and we will examine different mechanisms that are usually available at the API gateway level and at the device level, to optimize communication and respond to failures at the different levels of the stack.
We will conclude with some industry best practices when building services at the edge.
[#VIRTUAL] PRO TALK (API): Build Resilient Applications Using Orchestration
As we move towards an exciting future of more distributed systems, we are bound to encounter microservices written in different languages and infrastructures.
The resiliency of different applications only makes sense if they come together beautifully to create one invincible application.
In this session, we will talk about how companies like Netflix, Tesla, etc. used orchestration to build robust and scalable applications that inspire innovation.
[#VIRTUAL] PRO TALK (API): Virtual Spaces Are More than Just the Metaverse
We’ve all heard about the hype around the “metaverse”, but what about Virtual Spaces? A step closer than the metaverse, the concept of Virtual Spaces are where real-time interactions and experiences happen online.
Over the past few years, we’ve witnessed the rise of online communities enabled by real-time technologies – and the concept of Virtual Spaces – an online space where people or devices can collaborate together – has never been more appealing than in today’s pandemic-induced reality.
Tracking the delivery status of your latest ecommerce purchase? That happens in a Virtual Space. Want to look up where you rank in the mobile game you play every day? That live leaderboard is a Virtual Space. Hit a wall and need some real-time tech chat support? You guessed it, that’s a Virtual Space too.
[#VIRTUAL] PRO TALK (API): Cloud Databases, ELT, and APIs – A Perfect Storm?
The data landscape is changing rapidly. The explosion of Cloud database platforms on to the scene the past few years has paved the way for a new class of data innovation. The ease at which data can be collected, stored, shared, and manipulated is driving a new breed of Analytics, AI/ML, Data Science, and other data-driven applications that will have a major impact on the economy. These trends have enabled the emergence of ELT as an alternative to ETL, which in turn is enabling a whole new way of thinking about warehousing data and how to make use of that data, creating new opportunities that will help organizations increase the value of the strategic data assets that drive their business. APIs are the ideal mechanism to accelerate and expand these trends even further, leading to the long-sought-after golden age of APIs. This talk will discuss the future of Cloud Databases and ELT, and how the combination will drive a substantial wave of API adoption.
[#VIRTUAL] OPEN TALK (API): A Case for API and Event Management
As the event management and streaming and API Management worlds move closer and closer together with the implementation of event-driven and AsyncAPIs, a natural question arises:
Are Event Management & Streaming solutions and API Management solutions competing solutions? Or are they compliments?
Attend this session to hear our case for the two solutions as “friends,” and learn how you can implement a top-class API and Event Management strategy within your organization.
[#VIRTUAL] OPEN TALK (API): Build with Zoom Video SDK, Zoom's Core Technology
Zoom has opened up its core technology for developers alike to build custom video, audio, screen share, and chat experiences. Learn how to use the Zoom Video SDK and witness just how simple, yet powerful it is.
[#VIRTUAL] PRO TALK (API): Make Content Queryable: How to Build a Real-Time Document Store That Scales Globally
Customer-facing applications are increasingly integrated across the business, driven by a host of workflows spanning departments and even organizations. From marketing to e-commerce and all the way into the heart of product, content is powering all of our customer interactions, yet it is so often treated as an afterthought, handled by an amalgam of disconnected databases, isolated systems and, god forbid, a patchwork of spreadsheets.
There is a better way. In this talk, I'll outline how to build a modern, scalable content infrastructure, then walk you through the important steps you need to take to build that resilient, collaborative, global content store. I'll introduce the concept of a “Content Lake", similar to a data lake, and discuss the specifics of the Sanity Content Lake, a turn-key system for content orchestration that provides a single source of truth. We also invented GROQ, a flexible query for schemaless JSON documents, that's used to power GraphQL and other APIs. This lets you integrate content across internal tools and systems so applications run smoothly with the right content at the right time.
[#VIRTUAL] PRO TALK (API): A Bridge Too Far? Creating APIs for Some of the World’s Most Challenging Platforms
We all know that creating APIs for modern platforms can be a vexing experience without the right set of tools, processes, and people. But how do you create APIs for mission-critical legacy platforms that were never designed to be integrated with in the first place? How do you unlock the decades of investment your organization has made in these workhorse systems? Integrating with “green screen” applications? Seriously, is that even a thing anymore??? (Yeah, it totally is…)
Best case, this usually this entails dealing with uncommon security protocols, complex systems programming, ungainly architectural workarounds, and a lot of time and resources – the latter two of which are almost always scarce commodities. So many organizations just avoid the topic and try to work around it, or they hire armies of consultants who just end up adding to their already burgeoning legacy technical debt.
Can these APIs actually be built quickly and cost-effectively without disrupting the business - or is this simply “a bridge too far” for most organizations? In this session we’ll show you how to create sophisticated, scalable, and secure legacy APIs in a matter of minutes, rather than the weeks or months it normally takes, without writing a single line of code.
[#VIRTUAL] KEYNOTE (API): Foursquare -- Breaking Down the Monolith
The easiest APIs to use are the ones built for your use case. If your customers are all doing the same thing, and you're not adding new functionality very often, you can fine-tune your product to be perfect. The hardest APIs to use are those built for the wrong use case. If you're trying to get value from something that is designed from the ground-up for something else entirely, you're going to have a bad time. Is there a middle ground?
Microservices is a well-established pattern in service architecture, but the concept is not often applied to data and analytics. In Breaking Down the Monoloth, Ankit Patel will take us through Foursquare's decomposition of its location data and APIs, in building "location primitives'' that continue to support easy-to-use purpose-built APIs, but also allow rapid remixing and new use cases of the underlying components.
[#VIRTUAL] PRO TALK (API): How to Autogenerate Awesome GrapQL Documentation with SpectaQL
Having accurate and complete documentation for your APIs is necessary, but can also be quite challenging and time consuming. GraphQL, however, with its schema definition and the variety of tools that can access and explore that schema, does not have to be. See how our open-source project SpectaQL can help you keep your documentation complete, current and beautiful with the least amount of pain possible.
[#VIRTUAL] OPEN TALK (API): Pivoting from Consumer to Enterprise with APIs: Learn, Build, Optimize
Picsart built a 150M monthly creators strong consumer business with its app that offers hundreds of individual tools for fast editing. And now the company is exploring new territory with their new API program designed to make their most popular consumer creative tools available to enterprises and platforms via API. Learn how Picsart’s API team built a new revenue stream from existing tech but with a completely new business approach.
[#VIRTUAL] PRO TALK (API): API Challenges for the Metaverse (AR, VR) Ecosystem
If Metaverse is the next big thing, as creators and users we shouldn't have to deal with proprietary metaverses that live in silos.
In this talk, we will examine the current challenges and potential solutions for metaverse tech based on developing applications for several AR/VR platforms:
1. Unity and Unreal Games Engines both provided APIs to build AR/VR experiences.
2. iOS & Android have their own frameworks - ARCore & ARKit to build mobile AR Apps
3. WebXR initiative is working to bring VR and AR technology to the web using standard browser support but it's currently limited.
4. Occulus and Roblox have their own frameworks and APIs
To overcome these challenges developers should re-use their code not re-write the same logic for different tools/platforms. Architects need to define a standard-based approach that not only has common sets of APIs but also APIs that allow connecting from one system to another just like HTTP does for the web.
[#VIRTUAL] PRO TALK (API): Bitloops Language (BL): Giving API developers DDD/BDD superpowers
BL is an open-source, high-productivity, fourth generation (4GL), DDD/BDD focused, programming language that transpiles into mainstream programming languages such as TypeScript and Java and helps developers build and maintain complex APIs faster and better than ever before.
Domain Driven Design (DDD) and Behavior Driven Development (BDD) are proven ways to increase developer productivity and a sure way to improve the probability of a product or project succeeding. Nonetheless, DDD and BDD require significant experience and have a very steep learning curve. As a result, most organizations and individuals fail to make DDD and BDD part of their everyday routine and end up missing out on their significant advantages.
BL has been created to dramatically reduce the DDD/BDD learning curve for developers, allowing them to produce working DDD systems in no time.
During the talk we will see how we can quickly write a working system using Domain-Driven Design and deploy it as a TypeScript project while easily switching between a modular monolith and an Event-Driven distributed microservices architecture.