A critical reflection on the current state of API governance, questioning whether design-rule linting (via Spectral/Vacuum applied to OpenAPI/AsyncAPI) can realistically standardize APIs across enterprise teams. The author demonstrates an alternative approach using the Naftiko framework to normalize inconsistent path and parameter conventions (camelCase, snake_case, PascalCase) from multiple upstream services into a single consistent interface. Key critiques include: governance focuses almost exclusively on APIs produced rather than consumed, lacks alignment with runtime policy tools (OPA, Cedar), ignores operational concerns like documentation and SDKs, and suffers from over-centralization. The author argues for domain- and industry-specific policy sets, team autonomy, and governance tied to business outcomes rather than uniform technical rules.
Sort: