Speaker Topics - No Fluff Just Stuff
NFJS2025

Designing Scalable, Secure, and AI-Ready APIs - Full Day

APIs are no longer just data delivery mechanisms—they are now the core interface between humans, systems, and AI agents. As cloud-native architectures evolve and AI becomes embedded in everyday software, developers must rethink how APIs are designed, secured, and scaled.

This session explores modern API design practices for building secure, scalable, and future-ready systems. You’ll learn how to make APIs machine-discoverable, agent-consumable, observability-friendly, and resilient to abuse—all while maintaining great developer experience.

We’ll cover practical patterns and architectural decisions that help APIs thrive in environments where LLMs, automation agents, and global-scale applications depend on them. Topics include contract-first design, intelligent versioning, agent-safe security, real-time observability, and developer portal strategies.

Whether you're building internal microservices or public APIs for third-party integrations and AI tools, this session will give you a solid foundation to build systems that can safely and efficiently serve both people and machines.

Who Should Attend

  • Backend Developers & API Designers creating APIs for human + machine interfaces
  • Software & Enterprise Architects designing multi-cloud, AI-integrated systems
  • Security Engineers protecting APIs against agent misuse and AI-driven threats
  • DevRel & Product Teams building public API ecosystems and developer experiences

Key Takeaways

  • How to design AI-readable APIs with contract-first principles
  • Security blueprints to protect APIs from human and agent-driven abuse
  • Strategies for scalable, cost-aware, and resilient API operations
  • Practical patterns for versioning, governance, and lifecycle management
  • Techniques to deliver amazing developer experiences for humans + AI agents

Workshop Agenda

Module 1: APIs for Humans & Machines

  • Contract-first design with OpenAPI/Swagger
  • Rich metadata for LLM parsing & API chaining
  • “Function-calling” style API formatting for AI agents
  • Group exercise: Write an API spec consumable by both humans & an LLM

Module 2: Security & Abuse Prevention

  • OAuth2, JWT, and attribute-based access for AI workloads
  • Threat modeling: prompt injection, misuse of open endpoints
  • Behavioral throttling, token metering, and dynamic quotas
  • Hands-on lab: audit an API for AI-specific security flaws

Module 3: Scaling & Resilience in the AI Era

  • Designing for bursty, unpredictable agent traffic
  • Rate limiting & circuit breaker patterns
  • AI-aware caching & deterministic response handling
  • Case study: scaling an API for millions of AI-driven requests

Module 4: Lifecycle & Versioning

  • Versioning strategies for long-lived AI agents
  • Deprecation headers, sunset policies & semantic evolution
  • Consumer-driven contracts for sustainable multi-tenant APIs
  • Group activity: create a migration path for evolving APIs

Module 5: Observability, Costs & Developer Experience

  • Tracing AI vs human API traffic
  • Real-time anomaly detection & debugging AI call sequences
  • Cost attribution for GPT/LLM-powered integrations
  • Designing developer portals & docs for both humans & AI
  • Tooling demo: testing APIs against simulated AI agents

Capstone Project: Future-Ready API Design
Teams design a complete API (contract + security + scaling + DX) for an AI-driven application.

  • Present & critique designs
  • Apply best practices learned in the workshop
  • Discuss future trends: semantic APIs, vector APIs, and edge intelligence

Wrap-Up & Key Lessons

  • The new API mindset for the AI-driven world
  • Next steps, templates & resources to apply tomorrow

Rohit Bhardwaj

About Rohit Bhardwaj

Rohit Bhardwaj is a Director of Architecture working at Salesforce. Rohit has extensive experience architecting multi-tenant cloud-native solutions in Resilient Microservices Service-Oriented architectures using AWS Stack. In addition, Rohit has a proven ability in designing solutions and executing and delivering transformational programs that reduce costs and increase efficiencies.

As a trusted advisor, leader, and collaborator, Rohit applies problem resolution, analytical, and operational skills to all initiatives and develops strategic requirements and solution analysis through all stages of the project life cycle and product readiness to execution.
Rohit excels in designing scalable cloud microservice architectures using Spring Boot and Netflix OSS technologies using AWS and Google clouds. As a Security Ninja, Rohit looks for ways to resolve application security vulnerabilities using ethical hacking and threat modeling. Rohit is excited about architecting cloud technologies using Dockers, REDIS, NGINX, RightScale, RabbitMQ, Apigee, Azul Zing, Actuate BIRT reporting, Chef, Splunk, Rest-Assured, SoapUI, Dynatrace, and EnterpriseDB. In addition, Rohit has developed lambda architecture solutions using Apache Spark, Cassandra, and Camel for real-time analytics and integration projects.

Rohit has done MBA from Babson College in Corporate Entrepreneurship, Masters in Computer Science from Boston University and Harvard University. Rohit is a regular speaker at No Fluff Just Stuff, UberConf, RichWeb, GIDS, and other international conferences.

Rohit loves to connect on http://www.productivecloudinnovation.com.
http://linkedin.com/in/rohit-bhardwaj-cloud or using Twitter at rbhardwaj1.

More About Rohit »