API Day

Schedule

The time frames are only estimates and may vary according to how the class is progressing.

Mike Amundsen: Introduction (5 minutes) - 10:00am PT | 1:00pm ET | 6:00pm UTC/GMT

• Mike Amundsen welcomes you to API Day.

Mehdi Medjaoui: The API Industry Landscape (30 minutes) 10:05am PT | 1:05pm ET | 5:05pm UTC/GMT

• The API tooling landscape is continuously evolving, and it’s hard to keep up with trends. Join API Landscape maintainer Mehdi Medjaoui for insights from the API Industry Landscape 2023 report. You’ll discover the trends shaping the future landscape for API tooling and API providers, find out where Mehdi expects to see the most innovation and growth, and learn how regulation, API as a product, API security, and no-code/low-code are shaping the future of the API practice.
• Mehdi Medjaoui founded the worldwide apidays conference series, which began in Paris in 2012, and is highly involved in the API industry as author, lecturer, consultant, and investor in the API tooling space. His industry research involves publishing and maintaining the API Industry Landscape and the yearly State of Banking APIs. He coauthored Continuous API Management (O’Reilly) and began as lecturer and invited professor at HEC MBA and EMLyon Executive MBA. In 2019, Mehdi became a Horizon 2020 European Commission expert leading the APIS4Dgov study on public sector and government APIs. Mehdi cofounded OAuth.io, an API middleware for OAuth intégration used by over 40,000 developers. Mehdi’s new venture, GDPR.dev, develops a personal data API framework and protocol to democratize data regulations usage for mass users and compliance for applications developers, making GDPR programmable.

Sunny Wear: API Security—All Your Accounts Belong to Me (30 minutes) - 10:35am PT | 1:35pm ET | 5:35pm UTC/GMT

• APIs are an easy target for hackers, and attacks on APIs are turning security bugs into full-blown account takeovers, with serious impacts on clients. But they don't have to be. Sunny Wear will discuss some of the deadliest API attacks on applications happening these days, as well as the steps development teams can take to mitigate these threats—and why traditional web application firewalls aren't enough.
• Dr. Sunny Wear is a web security architect and penetration tester with more than 25 years of hands-on software programming, architecture, and security experience. She provides secure coding classes, creates software, and performs penetration testing against web/API and mobile applications. She’s also the author of Burp Suite Cookbook and developer of mobile apps such as the Burp Tool Buddy who regularly speaks and teaches at security conferences such as DEF CON, Hackfest, and BSides. She holds a doctor of science in cybersecurity.
• Break (5 minutes)

James Gough: Maximizing Loose Coupling with API Specifications and Design (30 minutes) 11:10am PT | 2:10pm ET | 6:10pm UTC/GMT

• As architects and developers we recognize that one of the key benefits of APIs is that they promote loose coupling relationships. To maximize this benefit, it’s essential to manage the relationship between the producer and consumer using a specification with a great design. James Gough will share techniques to promote loose coupling through API design, including key specifications, setting your API maturity targets using the Richardson Maturity Model, using semantic versioning, and exploring help available in open source API standards.
• James Gough is a distinguished engineer at Morgan Stanley working on API architecture and API programs. He’s a Java Champion who has sat on the Java Community Process Executive Committee on behalf of the London Java Community and contributed to OpenJDK. James is also coauthor of Optimizing Java and enjoys speaking about architecture and low-level Java.

Ahmad Awais: The Modern Developer Lifecycle—Best Practices for API Builders and Consumers (Sponsored by Rapid) (20 minutes) 11:40am PT | 2:40pm ET | 6:40pm UTC/GMT

• The API industry is undergoing tremendous change, driven by a generational shift in the technologies powering APIs and a transformation in enterprise buying patterns. While APIs have been around for a while, the way they look, work, and operate and how they’re consumed are evolving rapidly. These changes challenge current design patterns and developer tools and necessitate creating a more contextual approach to API development. Join Ahmad Awais to examine the evolution of the API development lifecycle, explore the key technologies required to build, consume, and collaborate on APIs across the entire software development lifecycle, and learn current best practices engineered to support API builders and consumers.
• Ahmad Awais is vice president of developer relations at Rapid. An award-winning open source engineer, he’s authored various open source software tools used by millions of developers worldwide, like his Shades of Purple code theme and projects like the corona-cli. He also contributed code to NASA’s Ingenuity Mars Helicopter mission. Ahmad was recognized as a FOSS community leader as one of the first 12 featured GitHub Stars with a gold GitHub Stars Award. He’s a member of Smashing Magazine’s Experts Panel, a featured author at CSS-Tricks, Tuts+, Scotch.io, and SitePoint, a teacher (with over 20,000 developers learning from his courses), and in-demand conference speaker. You can mostly find him on Twitter as @MrAhmadAwais, where he tweets his #OneDevMinute developer tips.
• This session will be followed by a 20-minute Q&A in a breakout room. Stop by if you have more questions for Rapid.
• Break (5 minutes)

Saurabh Sahni: How Slack Designs APIs That Developers Love (30 minutes) 12:05pm PT | 3:05pm ET | 7:05pm UTC/GMT

• Designing intuitive, consistent, and easy-to-use APIs is hard. Saurabh Sahni makes it easier, covering the principles and best practices for designing robust and scalable web APIs. Along the way, Saurabh will share insights into how Slack approaches API design and detail the step-by-step design process that Slack uses to build APIs.
• Saurabh Sahni is a senior staff software engineer on the platform team at Slack and is a coauthor of Designing Web APIs (O’Reilly). For the past 16 years, he’s been building and designing developer platforms and APIs. He joined Slack prior to the launch of the Slack platform, shaping Slack’s public API design and strategy through his work on systems like Slack’s web API infrastructure, rate limits, OAuth, messaging, workflows, and enterprise. Saurabh was instrumental in creating Slack’s API guidelines and establishing an API design process that enables teams to build easy-to-use consistent APIs. Lately, Saurabh is helping to build the next generation of the Slack platform. When not at work, he enjoys spending time with his wife and two sons, hiking, and traveling.

Jean Yang: Driving Down Monitoring Debt in the Age of APIs (30 minutes) 12:35pm PT | 3:35pm ET | 7:35pm UTC/GMT

• The rise of APIs has made software development easier across the industry. But it's also made it easier than ever for software teams to get into monitoring debt—and harder than ever to pay it back. Jean Yang will address new monitoring needs in the age of APIs, how monitoring tools need to adapt, and what Akita is building to solve this problem.
• Jean Yang is the founder and CEO at Akita Software. Akita is the fastest and easiest way to see what your API endpoints are, what's slow, and what's throwing errors. Previously, Jean was an assistant professor at Carnegie Mellon University. In 2016, she was named one of MIT's Top 35 Innovators Under 35 for her work on programming tools.
• Break (5 minutes)

Diana Montalion: Patterns for Moving from Static to Dynamic (Hypermedia, GraphQL) APIs—Developing Relationships in Data for Consumers, Not (Simply) Storage (30 minutes) 1:10pm PT | 4:10pm ET | 8:10pm UTC/GMT

• Diana Montalion will explore creating structure for the “sources” of information in a decoupled system—specifically, how traditional content structures like an Economist article, a Wikipedia page, or an HTML newsletter can transform to serve diverse and emergent consumers. As the internet becomes a hyperconnected, context-driven, ubiquitous information system, we outgrow static API end points retrieving HTML-structured (or JSON) content from a MySQL-backed piece of software. In a decoupled system, the information consumed is increasingly displayed in varying ways. Hypermedia APIs and/or GraphQL queries enable consumers to create divergent combinations of information from multiple information sources. These systems depend on well-structured information designed for dynamic flexibility. (Is that an oxymoron?) Redesigning information schemas for the modern world is all about designing relationships and, sometimes, using those relationships to define the storage structure behind the requests. Diana will use a straightforward example, borrowing patterns from real-world information systems at scale, to show how this schema transformation happens and why it is valuable.
• Diana Montalion has more than 17 years of experience delivering transformative initiatives, independently or as part of a professional services group, to clients including Stanford University, the Gates Foundation, and Teach For All. She has also served as principal architect for The Economist and the Wikimedia Foundation. Diana founded Mentrix Group, a consultancy that provides technology architecture, systems leadership, and workshops on nonlinear approaches. Writing, teaching, and thinking about thinking are her favorite hobbies.

Mike Amundsen: Closing Remarks (5 minutes) 1:40pm PT | 4:40pm ET | 8:40pm UTC/GMT