apidays Singapore 2025 - Surviving an interconnected world with API governance, Mun Kiat Kok (Tyk)

Transcript

1. Surviving an interconnected world with API governance

2. Iʼm MK, I work at Tyk, an API management startup

3. Surviving an interconnected world with API governance

4. How we came full circle to embrace API best practices

5. 2021 APIs as the backbone of the interconnected world

6. 2022 APIs as a new revenue stream

7. 2023

8. 2024 AI management = API management

9. API 2024 Claude MCP

10. API 2024 Claude MCP

11. API API API

12. https://mcp.so/

13. 2025 AI  APIs

14. Source: Reddit Work is transforming

15. Shopify CEO https://x.com/tobi/status/1909231499448401946/photo/3 Work is transforming

16. APIs MCPs Outcomes MCP Hosts / Agents

17. None

18. Good outcomes start with Governance API Design Access Management Documentation

19. API Design • GET /deleteUser/123 ◦ Confusing - Fetch data

    or retrieve? ◦ Can anyone guess how the agent will behave? • 200 OK with “statusˮ: “errorˮ ◦ Is it ok or not ok? ◦ How will the agent behave?

20. API Design • GET /deleteUser/123 ◦ Confusing - Fetch data

    or retrieve? ◦ Can anyone guess how the agent will behave? • 200 OK with “statusˮ: “errorˮ ◦ Is it ok or not ok? ◦ How will the agent behave? • Use design tools such as Stoplight, Postman and Tyk for linting

21. Documentation • Undocumented endpoints • Poorly described functions • Poorly

    documented OpenAPI Good agents might catch ambiguity and not execute Bad agents might execute based on their “assumptionsˮ In either case, productivity is impacted

22. Documentation • Undocumented endpoints → API gateways • Poorly described

    functions → Stoplight • Poorly documented OpenAPI → Stoplight Good agents might catch ambiguity and not execute Bad agents might execute based on their “assumptionsˮ In either case, productivity is impacted

23. Access Management • What kind of access should agents have?

    • How do we even “trustˮ agents? • Can agents keep running API calls?

24. Access Management • What kind of access should agents have?

    → OAuth • How do we even “trustˮ agents? → Dynamic Client Registration • Can agents keep running API calls? → Rate limits/Quotas

25. Summary AI is driving consumption of APIs via Tools APIs

    → MCP  Agents → Outcomes Good APIs are more important than ever for positive outcomes Governance is important to ensure good APIs and good

26. Thank you! Come talk to us to continue the discussion

    or reach out: Mun Kiat Kok https://www.linkedin.com/in/munkiat-kok/ Scan to download the deck