Roll to define your API transformation. See how long it lasts. Try again.
Introduction
Practice is vital to doing something well. Nobody expects a rookie baseball player to hit a home run on their first at-bat. And yet, we routinely expect first-time systems thinkers to stand up effective API programs on their first go. Often with no training, limited resources, and unclear support.
So what if there was a way to safely experiment with organizational dynamics and tradeoffs before your credibility was on the line? What if you could learn by simulating those recurring, absurd-yet-plausible patterns in enterprise API work?
May I propose: Speedrun: API Governance, a light TTRPG-style thought experiment. It is a simple, lightweight game that lets you roleplay your way through five chaotic rounds of corporate transformation. Whether you flame out, survive, or get "promoted", you'll come away with a better sense of the systemic forces at play; or at least enjoy a few laughs at the enterprise's expense.
Wait, What's a TTRPG?
I readily admit that not everyone has been binging game journalist Quintin Smith's excellent YouTube series, Quinns Quest like I have. For those unfamiliar, TTRPG stands for Tabletop Role-Playing Game. While most people may be familiar with Dungeons & Dragons, you can make a TTRPG about almost anything. So I thought I'd make a game about the delicate balance of leading an API transformation in a large enterprise environment… obviously (I'm a hoot at parties). Instead of fighting dragons, you're battling rouge architects. Instead of casting spells, you're charming stakeholders.
In most TTRPGs, players make decisions and then roll dice to see what happens. The fun comes from the combination of randomness and storytelling. Speedrun: API Governance works the same way, using prebuilt tables to simulate your journey as the leader of an API transformation.
And if you don't have a cache of your own funny-shaped dice, no worries. Just search "roll dice" on Google and use the widget at the top of the page (we need to have a conversation about the threat a "zero-click" search poses, but today it works in our favor). The notation "1d12" means roll one twelve-sided die; "1d20" means roll one twenty-sided dice.
Scoring: Your API Initiative's Stats
Your program is tracked across three values:
- Clarity: Is there a shared understanding of what you’re doing?
- Rep (Reputation): Does this initiative (and its leader) have the trust and reputation to influence others?
- Pace: Are we moving fast enough to show results? Or are things slowing to a crawl?
Scores range from 0 to 6:
- 0 = Your program collapses. You're out. Time to begin polishing that resume.
- 6+ = You "win"... and are promoted to lead the AI initiative. (Congratulations?)
You start with values set by your Origin (your starting story). Most will begin near 3 in each stat. You'll take actions and respond to crises each round, with your choices affecting these values.
How to Play
Setup
- Roll a 1d12 to select an Origin from the table below and get starting values for Clarity, Rep, and Pace.
- It is time for action! You can either select an action from the action table or, if you're feeling lucky, roll a 1d20 and see where chance takes you! Update the clarity, rep, and pace with the action's effect and then get ready for CRISIS!
Main Loop (repeat up to 5 times):
- Roll a Crisis (1d20)
- Choose (or roll [1d20]) an Action
- Modify your stats based on the action and the crisis’s conditional effect
- Repeat unless an end condition is triggered or you've gone all 5 rounds.
End Conditions
- If any score hits 0: FAILURE - Your program collapses.
- If any score hits 6+: SUCCESS - You’re promoted to lead the AI initiative.
- If you finish 5 rounds without hitting either extreme: GOOD ENOUGH - You’re now forever stuck in charge of API governance. Yay?!
Your API Program Origin Story
Your API program didn’t appear from nowhere. Whether sparked by compliance, chaos, or an exec’s vision board, these 12 origins reflect eerily common starting conditions. Entries range across compliance, integration, productization, and organizational chaos mirroring real-world API program triggers. Many initial initiatives are plausible "first steps that are often harder than they look.
Roll (1d12) or pick the one that matches your reality.
# | Origin | Starting Stats (Clarity/Rep/Pace) |
1 | 🛡 Security flagged it. An audit found sensitive data in an internal API. You’ve been tasked with “locking things down” while still “moving fast.” | 2/3/2 |
2 | 🧠 Leadership read a analyst report. Now you’re the face of the “API Product Mindset” transformation. Deliver strategic change, or at least a good slide deck. | 3/2/3 |
3 | 📊 Marketing wants external integrations. A big client asked if your product had APIs. It doesn’t. But it will. By next quarter. Somehow. | 2/3/2 |
4 | 🔁 DevOps fatigue. Your org “shifted left” five times and landed in API limbo. Now you’re supposed to standardize without slowing teams down. Good luck. | 3/2/3 |
5 | 🪦 The last initiative collapsed. Nobody talks about it, but you inherited the smoldering remains of a failed API catalog effort. This is your redemption arc. | 2/2/3 |
6 | 💸 There’s a vendor involved. Someone high up bought an “API Management Suite.” Your job is to “get ROI from this thing” before procurement asks questions. | 3/3/2 |
7 | 📅 Quarterly roadmap panic. Product leadership wants self-service onboarding for partners. There’s no dev time, but plenty of PowerPoint. | 2/3/3 |
8 | 🌐 "Digital Transformation" keyword bingo. You’ve been told this API initiative is part of a broader cloud-native, event-driven, AI-enabling strategy. No one knows what that means. Especially you. | 1/3/3 |
9 | 🏛 Executive reshuffle. A new VP wants metrics. APIs seem measurable. You now report to the data team and are in charge of “surfacing business capability endpoints.” | 3/2/3 |
10 | 👩💻 Grassroots gone wild. An internal dev hacked together a working API gateway. Now you’re formalizing the chaos... retroactively. | 4/2/3 |
11 | 🔍 Regulatory scrutiny. A new law requires transparency into all external data exchanges. You’re tasked with “surfacing all APIs” and “documenting intent.” Nobody knows what this means, but you're on point. | 3/3/2 |
12 | 🧓 The founder’s pet project. The CEO wrote a blog post about “platformizing the business.” Now it’s a board-level priority. You’re “platformizing” with no budget and unclear authority. | 2/2/3 |
Actions
Every round, you respond to your situation by taking one action. But remember:
- Even "smart" actions can backfire.
- Most choices are tradeoffs; even the best ones have a cost.
- The best you can hope for is often momentum, not perfection.
Many of these actions are real things done with equal parts hope and copium.
# | Action | Description | Clarity/Rep/Pace |
1 | Launch an API Guild | You announce a cross-team working group and hope people show up. | +1 / +1 / -1 |
2 | Write a 40-page Design Doc | Everything is covered. No one reads it. | +2 / -1 / -1 |
3 | Host an API Day Event | You throw a big event with keynote slides and swag. People leave confused but excited. | -1 / +2 / -1 |
4 | Buy a Tool | The tool looks slick in the demo. Integration? That’s a next-quarter problem. | +1 / -2 / -1 |
5 | Create a New Chat Channel | Another hashtag gets its wings. It gets active... then turns into memes and bug reports. | 0 / 0 / +1 |
6 | Launch a Developer Startup Kit | You curate working examples, a style guide, and a test harness. Teams are shocked and delighted. | +2 / +1 / +2 |
7 | Hold Listening Tours | You meet with every team to “understand their pain.” Actionability TBD. | +1 / +1 / -2 |
8 | Hire an Evangelist | You bring on someone charismatic to promote the API vision. | +1 / +2 / -1 |
9 | Shadow a Delivery Team | You embed with a team, fix a broken interface, and unblock a release. Word spreads. | +1 / +2 / +1 |
10 | Do Nothing (Strategic Silence) | You quietly defer action this cycle. Some see this as mature restraint; others, abandonment. Meanwhile, teams keep building. | 0 / -1 / 0 |
11 | Mandate API Reviews | You insert yourself into the release process. Friction is high, but so is awareness. | +2 / -1 / -2 |
12 | Revise the Maturity Model | You tweak a 5-level model with new icons and labels. Feels productive. | +1 / 0 / 0 |
13 | Set Up a Portal Landing Page | A static HTML page with a welcome message and broken link. But hey, you shipped. | 0 / 0 / +1 |
14 | Publish Success Metrics | You create a dashboard with adoption numbers. Some question the math. | +1 / -1 / +1 |
15 | Create a Capability Map | You map APIs to business domains. Nobody agrees what a domain is. | +1 / -1 / -1 |
16 | Host a Brown Bag Series | Monthly talks on “API best practices.” The same 4 people attend each one. | +1 / +1 / -1 |
17 | Offer Office Hours | An Outlook link and a brave heart. Mostly you field support tickets. | 0 / +1 / -1 |
18 | Try to Productize an API | You label an internal API a “product” and pitch it to another team. Confusion ensues. | -1 / +1 / -1 |
19 | Write a Blog Post | You pen an internal CMS post about the issue. It gets 2 likes and a follow up email challenging something tangential to your main point. | +1 / +1 / -1 |
20 | Request a Reorg | You try to realign teams under a new API-first org structure. The fallout is... significant. | +2 / -2 / -3 |
Crises
After each action, chaos ensues. A crisis appears, modifying the next action’s impact. Some crises can help. Others twist your well-laid plans into spaghetti.
# | Crisis | Description | Conditional Impact (modifies next action) |
1 | CTO Takes an Interest | The new CTO wants to “see the API metrics dashboard by Friday.” | If your next action includes +Clarity: double the Clarity added. Otherwise, add -1 Rep to the action's effects. |
2 | Security Finds a Shadow API | An undocumented endpoint was discovered in prod. Security CC’d leadership. | If your next action includes +Rep: negate all negatives. Otherwise, add -1 Rep to the action's effects. |
3 | PowerPoint Restructuring | Strategy consulting triggers org-wide reshuffle. Your initiative is now “a dotted-line dependency.” | If your current Rep is 4 or greater: no effect. If not, reduce all positive effects of the next action by -1. |
4 | Vendor Pricing Change | Your API gateway vendor reclassifies usage. Budget impact = existential. | If your next action is “Buy a Tool,” cancel its negatives. Otherwise, add-1 Pace to the action's effects. |
5 | Integration Deadline Moves Up | A key partner accelerates go-live by 4 weeks. Surprise! | If the next action has +Pace: double the positive bonus. If not, add -2 pace to the action's effects. |
6 | Evangelist Quits Mid-Keynote | Your rockstar hire burns out and bails publicly. | If the next action has +Rep: reduce the next action’s Rep bonus by 1. Otherwise, add -1 Rep to the action's effects. |
7 | The Portal Is Down | Your new developer portal goes 500 during a stakeholder demo. | If the next action is “Set Up a Portal Landing Page”: cancel all effects. If not, add -1 Clarity and -1 Rep to the action's effects. |
8 | Finance Asks for ROI | You’re slotted for a QBR. Metrics must be defensible. | If the next action is “Publish Success Metrics”: double its Clarity and add +1 to Rep. If not, add -1 to the action's Pace effect. |
9 | Compliance Surprise Review | You must tag every API with data classification by Monday. | If the next action includes + Clarity: double it. Otherwise, add -1 Pace to the action's effects. |
10 | API Forking Frenzy | Two teams built identical APIs. Both shipped. Both say they’re “the real one.” | If the next action is “Launch an API Guild” or “Mandate API Reviews”: negate all penalties. Else, add -1 Clarity to action's effects. |
11 | VP Wants a Platform | A VP reads your internal memo. Now they want “platformization.” | If your next action has both positive Clarity and Rep, add an additional +1 to Rep. Otherwise, add -1 Clarity to the action's effects. |
12 | CEO Quotes You Out of Context | Your internal blog is now being referenced in board slides. | If next the action has -Clarity: double the negative. If not, add +1 Rep to the action's effects. |
13 | Legal Flags a Field Name | They found a restricted term! You must coordinate new naming org-wide. | If the next action is “Hold Listening Tours” or “Host a Brown Bag Series”: negate any negative Pace effects. |
14 | Surprise Branding Overhaul | A rouge designer changes the API initiative's branding. It’s now very purple. | All effects of your next action are reversed. (Yes, even good ones.) |
15 | AI Team Wants API Access to Everything | Generative AI initiative wants structured access to all APIs, stat. | If the next action includes +Clarity: add +1 bonus to all next action effects. If not, add -1 Pace to the action's effects. |
16 | Speaking Opportunity Backfires | You speak at a conference! However, internally, you're now branded as only “the governance guy.” | If the next action is “Do Nothing”: +1 Rep (let the snark blow over). If not, add -1 Rep to the action's effects. |
17 | Architect Demands GraphQL | A senior architect drops this bomb mid-meeting. Now it's a Thing™. | If the next action is “Revise the Maturity Model” or includes +Clarity: take no penalty. Otherwise, add -1 Clarity to the action's effects. |
18 | The Style Guide Gets Hacker News Attention | Someone shares your API style guide externally. The internet... has opinions. | If the next action has +Clarity: double it. If not, halve your current reputation (rounding up) after accounting for the action's effects. |
19 | Reorg Incoming | Everyone suspects something. Chat goes eerily quiet. Everybody is in wait and see mode. | If the next action is “Request a Reorg”: halve its negatives (rounding down). Else, add -2 Pace to the action's effects. |
20 | Legacy System “Champion” Emerges | A senior director from the COBOL era now attends your meetings. Loudly. | If the next action is “Shadow a Delivery Team”: +1 Rep. Otherwise, add -1 Rep and -1 Pace to the action's effects. |
Want to Share Your Speedrun?
Good luck! If you'd like to print out the tables as standalone pages, or have a simple player sheet, I've got downloads you can grab:
And if you did play it, did you make it to round 5 with all your stats intact? Did you get taken out by a surprise GraphQL re-architecture? Did your blog post go viral internally and ruin everything?
I'd love to hear about it. And if you've got suggestions for new Origins, Actions, or Crises let me know. Finally, would anyone be interested in something like this as part of a mini-campaign mode - running something like this through multiple initiative "waves"; microservices, data mesh, and platform engineering? Is it silly to attempt to role play their day job in their off hours? Let me know!
Wrapping Up
That's enough for now. Thanks for reading, enjoy your game (or games), and I'll catch you in the next edition.
Till then,
Matthew (@matthew in the fediverse and matthewreinbold.com on the web)
