Postman this week added a Spec Hub platform to its portfolio that makes it possible to centralize the design, management and maintenance of application programming interface (API) specifications.
At the same time, Postman is also now enabling Bring Your Own Key (BYOK) Encryption capabilities to secure data being accessed via APIs. That approach ensures that encryption keys are only controlled by the organization that creates them.
Postman CEO Abhinav Asthana said Spec Hub will enable IT teams to manage APIs regardless of what type of specification was used to create them, including OpenAPI 3.0 and AsyncAPI 2.0, with support for GraphQL and gRPC planned.
That capability is critical because it will make it simpler for organizations to apply API specifications as development teams best see fit in a way that can still be centrally managed using a collections capability that Postman has previously provided that enables multiple APIs to be logically managed together. IT teams can also make use of schema-level structures across collections by defining request and response types in a way that simplifies authoring, validation and synchronization across multiple types of API specifications.
Additionally, those teams can leverage Spectral, a governance framework based on JSON that Postman developed, to apply rules limiting access to those APIs.
As the number of applications DevOps and platform engineering teams are deploying continues to steadily increase, API management is becoming more critical, especially in the age of generative artificial intelligence (AI). That challenge is that the development and management of those APIs is often highly distributed. Developers may create APIs, but once they become part of an application environment, it’s not always clear who is responsible for managing and securing them. Postman is now trying to address that issue via a hub that makes it simpler to manage multiple types of APIs at higher levels of scale.
As it becomes simpler to manage multiple API specifications, the debate over which one is better than another might finally be coming to an end. Each developer, based on personal preference and the task at hand, will be able to invoke the API specification that best aligns with their use case. In effect, putting an end to the battle over API specifications for formats such as REST and GraphQL that has been occurring for the past decade. Rather than being a religious debate, the decision about which of these formats and specifications has now finally become more of a purely technical discussion, noted Asthana.
There are already more than 35 million developers spanning half a million organizations relying on Postman platforms to create, deploy and manage APIs. That level of critical mass creates an opportunity to foster much deeper levels of collaboration across multiple application development teams that are all building software that exposes some type of API. The challenge now is integrating DevOps workflows more tightly into how APIs are being created as part of a larger effort to accelerate the pace at which APIs are not just being created, but also deployed and updated.
