What does it mean to be “API First”? In this session, we answer that question using case studies where organizations have treated their API as a first-class citizen of their enterprise architecture. By treating their API as a first-class citizen, they avoid the temptation of simply creating ad-hoc APIs simply as “plumbing” for mobile apps. By taking the API First approach, these organizations also design their API security up-front, including the usage of OAuth, API Firewalling, and securely managed API Keys. We also examine the alternatives to API First, such as “Mobile first” development. Using an API First approach, we’ll see how enterprises with legacy applications, complex SOA environments and strict governance structures can embrace the API wave and architect for the future.