Cancel
Join the waitlist
Get early access and help shape the platform.
Oops! Something went wrong while submitting the form.
JSON Schema as the Foundation for API Design
Kin Lane
January 20th, 2026

We recently sat down with David Biesack on the Naftiko Capabilities podcast to explore how JSON Schema serves as a critical tool for managing API complexity. The conversation offers a practical look at how a team can build obust workflows around schemas, YAML, and OpenAPI—and why these patterns matter even more in an era of AI agents and MCP servers.

Why JSON Schema Matters for OpenAPI

When OpenAPI 3.1 arrived, it brought full adoption of JSON Schema (specifically the 2020-12 draft) as the standard for defining data models. This wasn't just a technical nicety—it fundamentally changed how teams can work with API specifications.

David explained that his team built a tool called OpenAPI ModelGen that extracts all schemas from an OpenAPI document into a standalone bundle. This seemingly simple capability has profound implications: testers can validate request bodies against schemas without understanding the broader OpenAPI structure, and tooling developers can work with data definitions in isolation. The schema becomes a shared contract that different teams can use independently.

The YAML and JSON Balance

One of the perpetual debates in the API space concerns when to use YAML versus JSON. David's team has found a pragmatic middle ground: author in YAML, process in JSON.

The reasoning is straightforward. Humans write the bulk of API documentation—descriptions, change notes, explanations of what fields mean and why they exist. YAML's readability makes this work far more pleasant than wrestling with JSON's quotation marks and strict syntax. But they're careful to stick with YAML constructs that map cleanly to JSON, avoiding YAML-specific extensions that would break that conversion.

Tools handle the translation. When a pipeline needs to process the spec, it converts YAML to JSON automatically. This gives teams the best of both worlds: human-friendly authoring and machine-friendly processing.

Taming Complexity with References

OpenAPI's component model allows teams to split complex APIs across multiple files and reuse common elements. David's team maintains a shared "common" OpenAPI document containing standard elements like error responses based on RFC 9457's problem+json format. Individual banking APIs—for accounts, transfers, transactions, ACH payments—all reference these common schemas rather than duplicating them.

This modularity is powerful for design but creates challenges downstream. Not everyone consuming an API spec wants to chase references across files. So the team built an open-source tool called API Ref Resolver that bundles everything into a single self-contained document. Backend developers generating code don't need to understand the component architecture; they just work with the resolved output.

There's a parallel here to the context window challenges emerging with MCP and AI agents. You need to bundle the right set of paths and schemas together—interwoven and fully resolved—to produce something useful for code generation, agent servers, or whatever the target happens to be.

Extending OpenAPI Where It Falls Short

Perhaps the most interesting part of the conversation concerned OpenAPI extensions. David's team has built a suite of custom extensions (prefixed with x-aperture) that inject richer metadata into their specifications.

Consider enumerations. JSON Schema enums are just lists of strings with no built-in way to describe what each value means. The x-aperture-enum extension links each enumeration to a labels file containing human-readable names and descriptions. A banking product type isn't just "checking" or "savings"—it's a fully documented concept with an English label and explanation of what that classification entails.

Deprecation is another area where standard OpenAPI falls short. Beyond the simple deprecated: true flag, their x-aperture-deprecation extension captures when deprecation was introduced, when removal will occur, and what replacement to use. This gives developers actionable information to update their code before breaking changes land.

Crucially, each of these custom extensions has its own JSON Schema defining valid values. The pipeline validates extension data during processing, catching errors early rather than letting malformed metadata propagate.

The Bigger Picture

What emerges from this conversation is a vision of API management grounded in schemas as the source of truth. JSON Schema provides the foundation; YAML makes authoring accessible; OpenAPI ties everything together; and custom extensions fill the semantic gaps.

These same patterns—modular resources, bundled context, schema-driven validation—are exactly what teams need as they navigate the emerging landscape of AI agents and MCP servers. The context window problem David mentioned isn't new; it's the same challenge API designers have been solving with references and bundling for years.

The toolbox is already here, we just have to begin using it consistently across our operations.

Table of contents

More articles

Kin Lane
February 6th, 2026
The Future of API Governance Is Guidance — And It Lives in Markdown Files
Kin Lane
January 6th, 2026
Is MCP Coming Up Against Your Internal Enterprise Security Policies?
Kin Lane
February 5th, 2026
Are Agent Skills the Real Game-Changer? A Conversation with Kevin Swiber on MCP, Context Engineering, and What Actually Matters
Kin Lane
February 4th, 2026
The Hidden Costs of Ungoverned APIs: Why Reuse Metrics and MCP Server Governance Matter More Than Ever
Kin Lane
February 3rd, 2026
The Hidden Cost of Copilots: When APIs Become MCP Server Sprawl
Kin Lane
February 3rd, 2026
What is the Role of the Gateway?
Kin Lane
February 2nd, 2026
Why We're Considering Fair Source for Our Licensing Strategy
Kin Lane
January 30th, 2026
API Reusability Is Not a Metric Problem — It’s a Discovery, Context, and Trust Problem
Kin Lane
January 29th, 2026
After the Spec: A Conversation with Fran Méndez on AsyncAPI, Burnout, and Building What You Actually Want
Kin Lane
January 28th, 2025
Running Into the Limits of Example Naming in API Sandboxes
Kin Lane
January 27th, 2026
How Markdown Accidentally Became the Control Plane for AI
Kin Lane
January 27th, 2026
Turning API Chaos Into Business Capabilities: How Naftiko Is Rethinking Enterprise Integration for the AI Era
Bringing Order to Architectural Chaos: A Conversation with David Boyne of Event Catalog
Kin Lane and Claire Barrett
January 19th, 2026
What is a Capability?
Kin Lane
January 15th, 2026
Using Hypermedia to Automate Capabilities in this AI Moment
Claire Barrett
January 14, 2025
Getting On The MCP Bullet Train Without Leaving Governance Waiting At The Platform
Claire Barrett
January 12th, 2026
We've Been Wrong About API Reuse All Along
Kin Lane
January 7th, 2026
Introducing Naftiko Signals: Gathering the Signals That Matter Across the Enterprise
Kin Lane
January 6th, 2025
Welcome to the Naftiko Capabilities Podcast
Kin Lane
January 5th, 2026
Our Partners and Customers Need an AI Copilot
Kin Lane
Dec 2, 2025
Reframing how we integrate software with capabilities
Kin Lane
Dec 2, 2025
Introducing a new foundation for capability-driven integration – The Nafitko Engine
Kin Lane
Dec 2, 2025
From web APIs to a web of capabilities: The architecture AI is needing
Kin Lane
Embrace your API legacy and integrate your AI future using Naftiko
Building the future of API integration
About
TeamCareersContact
Resources
NewsletterGlossary

© 2025 Naftiko. All rights reserved.

Made with waves of 🤍 + code by duo&co
Privacy PolicyTerms & Conditions