Speaker Topics - No Fluff Just Stuff
NFJS2026

Designing Scalable, Secure, and AI-Ready APIs - Full Day

APIs are no longer just integration endpoints. APIs are the control surface where humans, applications, automations, and AI agents turn intent into action.

In the past, APIs were mostly consumed by web apps, mobile apps, partner integrations, and backend services. In the AI era, the same APIs may be called by LLMs, autonomous agents, workflow engines, developer portals, SDKs, and multi-channel applications.

That shift changes API design.

A traditional API may be acceptable when a human developer reads documentation and writes careful client code. But when an AI agent consumes the API, vague contracts, ambiguous errors, non-idempotent writes, broad permissions, silent version changes, and weak telemetry become production risks.

This workshop gives participants a practical playbook for designing APIs that are:

contract-first
machine-readable
secure by scope
agent-safe
deterministic
retry-safe
observable
cost-aware
versioned
developer-friendly
The running case study is DreamMart, an e-commerce platform exposing APIs for product search, eligibility, checkout, order status, returns, and refunds across web, mobile, partner, and AI-agent channels.

Workshop Outcomes

  1. Redesign vague APIs into strict, machine-readable API contracts.
  2. Use OpenAPI 3.1 and JSON Schema for human and AI consumption.
  3. Design operationIds, schemas, examples, and metadata that agents can use safely.
  4. Apply agent-aware security with scoped authority, risk tiers, quotas, and kill switches.
  5. Prevent duplicate writes using idempotency keys, request hashes, dedupe stores, and status checks.
  6. Design structured errors with retryable, nextAction, remediation, and escalation guidance.
  7. Scale APIs for bursty, fan-out-heavy agent traffic using QPS, EPS, caching, and circuit breakers.
  8. Version APIs safely for long-lived human, partner, SDK, and AI-agent consumers.
  9. Trace AI vs human API traffic using agent_run_id, chain_id, tool_id, tenant_id, schema_version, and cost_usd.
  10. Apply the 10 Launch Gates to decide whether an API is ready for production AI consumption.

Who Should Attend

  • Backend Developers & API Designers creating APIs for human + machine interfaces
  • Software & Enterprise Architects designing multi-cloud, AI-integrated systems
  • Security Engineers protecting APIs against agent misuse and AI-driven threats
  • DevRel & Product Teams building public API ecosystems and developer experiences

Key Takeaways

  • How to design AI-readable APIs with contract-first principles
  • Security blueprints to protect APIs from human and agent-driven abuse
  • Strategies for scalable, cost-aware, and resilient API operations
  • Practical patterns for versioning, governance, and lifecycle management
  • Techniques to deliver amazing developer experiences for humans + AI agents

Rohit Bhardwaj

About Rohit Bhardwaj

Rohit Bhardwaj is a Director of Architecture working at Salesforce. Rohit has extensive experience architecting multi-tenant cloud-native solutions in Resilient Microservices Service-Oriented architectures using AWS Stack. In addition, Rohit has a proven ability in designing solutions and executing and delivering transformational programs that reduce costs and increase efficiencies.

As a trusted advisor, leader, and collaborator, Rohit applies problem resolution, analytical, and operational skills to all initiatives and develops strategic requirements and solution analysis through all stages of the project life cycle and product readiness to execution.
Rohit excels in designing scalable cloud microservice architectures using Spring Boot and Netflix OSS technologies using AWS and Google clouds. As a Security Ninja, Rohit looks for ways to resolve application security vulnerabilities using ethical hacking and threat modeling. Rohit is excited about architecting cloud technologies using Dockers, REDIS, NGINX, RightScale, RabbitMQ, Apigee, Azul Zing, Actuate BIRT reporting, Chef, Splunk, Rest-Assured, SoapUI, Dynatrace, and EnterpriseDB. In addition, Rohit has developed lambda architecture solutions using Apache Spark, Cassandra, and Camel for real-time analytics and integration projects.

Rohit has done MBA from Babson College in Corporate Entrepreneurship, Masters in Computer Science from Boston University and Harvard University. Rohit is a regular speaker at No Fluff Just Stuff, UberConf, RichWeb, GIDS, and other international conferences.

Rohit loves to connect on http://www.productivecloudinnovation.com.
http://linkedin.com/in/rohit-bhardwaj-cloud or using Twitter at rbhardwaj1.

More About Rohit »