API literacy is the foundation that governance is built on, and it’s the thing most governance programs assume rather than build. You can write all the governance rules you want, deploy all the linting engines, establish all the policies — but if the teams who have to follow that governance don’t actually understand APIs, HTTP, schema, and the reasoning behind the rules, the governance won’t take. Literacy is the baseline knowledge that lets people participate in governance meaningfully rather than just complying with rules they don’t understand. I’ve come to see raising API literacy across an organization as one of the most important and most overlooked pieces of governance work, because governance without literacy is just enforcement, and enforcement without understanding breeds resentment and workarounds rather than genuine adoption.
The connection between literacy and economic participation is where I started, and it’s still the deepest framing. I wrote in 2013 that API and OAuth literacy is as important as financial literacy in the API economy — because in a world where data, capability, and value increasingly flow through APIs, understanding APIs becomes a precondition for full participation. That framing applies inside organizations too: in an enterprise where the business increasingly runs on APIs, the people who understand APIs can participate in the decisions that shape the business, and the people who don’t are left out. API literacy is, in this sense, a form of power — the ability to understand and therefore to participate in the systems that govern how the organization operates. Governance that depends on literacy the organization hasn’t built is governance that only a literate few can actually engage with.
The web-literacy burden is real, and I named it pointedly because providers and organizations often underestimate it. I wrote in 2016 about doing more to invest in web literacy across the API community, and about the burden on API providers when it comes to web literacy — because you cannot assume that everyone you need to reach understands HTTP, REST, status codes, content negotiation, and the other fundamentals that APIs are built on. Many of the people who need to participate in API governance — product managers, business stakeholders, even some developers — don’t have that baseline, and the governance program has to account for that gap rather than pretending it doesn’t exist. Investing in literacy means building the educational scaffolding that brings people up to the baseline, so they can engage with governance as informed participants rather than confused recipients of rules they can’t evaluate.
OpenAPI itself turns out to be a powerful literacy tool, which is an insight I developed in 2017. I wrote about OpenAPI as an API literacy tool — because the machine-readable definition, when it’s well-structured and readable, teaches people about the API as they engage with it. The act of working with an OpenAPI definition, seeing the operations, the schemas, the parameters laid out in a structured way, builds understanding. Schema literacy specifically is foundational: I’ve written that not speaking JSON Schema leads to API drift, and that schema work is the most stabilizing API work — because the teams that understand schema can keep the implementation aligned with the contract, while the teams that don’t let them drift apart. Helping business users get over the perceived technical gaps when it comes to APIs, which I wrote about in 2017, is part of this literacy project — making the artifacts and concepts accessible enough that non-developers can engage with them, because governance needs business participation, not just developer compliance.
The organizational knowledge dimension is where literacy connects to the durability of governance over time. I asked in 2019 whether you’re the API librarian within your organization — because organizations need people who hold and propagate API knowledge, who maintain the institutional literacy that keeps governance functioning. When the people who understand the APIs leave, and nobody has captured or transmitted their knowledge, the organization loses literacy, and the governance that depended on that literacy degrades. Literacy isn’t a one-time achievement; it’s an ongoing organizational capacity that has to be cultivated and maintained. The librarian role — the keeper and spreader of API knowledge — is a governance role even though it’s rarely recognized as one, because governance can only persist in an organization that maintains the literacy to understand and uphold it.
The connection between literacy and the social nature of governance is the synthesis I’ve arrived at most recently, and it’s the heart of why literacy matters for governance specifically. I wrote in 2025 that API governance is social — that governance is fundamentally about people understanding APIs and interacting around them, not just about technical rules. And I wrote that API governance rule awareness amongst teams matters — that teams need to understand why the rules exist, what they mean, and how they were arrived at, in order to follow them genuinely rather than grudgingly. This is where literacy becomes inseparable from governance: a governance program imposed on a low-literacy organization is experienced as arbitrary control, while the same governance offered to a literate organization that understands the reasoning is experienced as shared discipline. The difference is literacy. Governance is, at bottom, a social and educational project as much as a technical one, and literacy is the educational foundation that makes the social project possible. You raise the literacy, and governance becomes something teams can participate in, reason about, and improve. You skip the literacy, and governance becomes a set of rules people route around because they never understood why the rules were there. The most effective governance investment an organization can make is often not another rule or another engine, but raising the API literacy of the people who have to live within the governance — because literate participants make governance work in a way that compliant-but-confused recipients never can.
References
- API And OAuth Literacy Is As Important As Financial Literacy In The API Economy
- Doing More To Invest In Web Literacy Across The API Community
- The Burden On API Providers When It Comes To Web Literacy
- OpenAPI As An API Literacy Tool
- Helping Business Users Get Over Perceived Technical Gaps When It Comes To API
- Are You The API Librarian Within Your Organization
- Not Speaking JSON Schema Leads To API Drift
- Schema Work Is The Most Stabilizing API Work
- API Governance Rule Awareness Amongst Teams Matters
- API Governance Is Social
