API Policies?


I received this feedback from a large company implementing 100’s of ReSTful API’s both internally and externally:

Allowing for patterns to be defined, shared and optional used/extended is very powerful, but it has one major issue; it’s hard to enforce patterns or prevent anti-patterns from being used.

Would it be possible within the spec allow for policies to be defined and imported, or is this really the role of a api registry to parse/validate these policies when a new API is added?



What an interesting concept.

One thing that I’ve been toying around in my mind is to do something like code analysis on RAML files to detect this kind of thing. (think http://codeclimate.com for APIs)

In the end this is something that should be handled by tooling and not the spec itself. One thing the spec does not do right now is getting opinionated on how you should define your API.