--- published: true layout: post title: Aligning API Governance To the Enterprise Is Always the Most Difficult Part tags: - Governance - Products - Enterprise - Alignment image: >- https://kinlane-productions2.s3.amazonaws.com/algorotoscope-master/yellow-journalism-construction-zone-claw.jpg --- It is always one of the unrealistic lesser bullets in a [job description for API governance roles](https://apievangelist.com/2024/09/03/an-api-governance-job-posting-template/), and will continue to be the greatest challenge for any of the service providers selling services to enterprises-—aligning API governance to where the enterprise is at today. From the outside-in it is easy to think there are common patterns and anti-patterns that will need implementing, and from a purely technical perspective this is often true, but once you start having to map that technical to the legacy business, infrastructure, and people decisions that have been made—-this is where the real work begins. I’ve seen first hand several times now how the enterprise organization will swallow up and consume 50, 150, and 250+ Spectral rulesets. I’ve seen the friction from teams when you turn on enforcement in the CI/CD pipelines. And I’ve negotiated individual rules with engineers, architects, and product folks, while also presenting decks that explain why Spectral rules should matter to business leadership. I’ve seen years of investment in RESTful API governance and streamlined education, lifecycle, and center of excellence go up in smoke when new leadership comes aboard and declares — we are doing GraphQL! There is no one-size fits all set of API governance rules for an organization. I know we desperately want there to be, but it just isn’t true. Giving engineers the ability to turn rules and off will do a lot to absorb some of the impact of API governance on an organization or team, but off and an exception from will become the default state. Enterprises are messy places. People are messy creatures. APIs are technical things delivered and maintained by technical people, but the APIs are powering business things. API governance rules rarely survive the heat generated by the friction of this back and forth between two very divided universes who should be working together. Every job description for API governance will tell you that you have to align your strategy to the enterprise, yet there are no tools on the market, no education available, and very little consideration amongst the API literate regarding what business stakeholders will need when it comes to API governance. We will see numerous lemming API governance startups march into the chasm that exists between engineering and product, but it won’t matter as long as they get their funding. We will see multiple waves of really smart, caring, and hard-working people ground up and spit out trying to do this work in the coming years. Eventually, things will catch up, startups will adapt, more people will help bridge the divide, and API governance will become more part of the business lexicon, regulatory compliance, and the alignment will come for some.