What do ChatGPT Plugins mean for API management?

Just as we were all getting used to ChatGPT’s potential (and limitations), OpenAI went and moved the goalposts. Majorly.  With the launch of “Plugins” – the ChatGPT app store – OpenAI’s language model just went from being a talker to a doer. 

Major global enterprises spanning a wide range of sectors are already jumping on the ChatGPT bandwagon. Those of us working with APIs have already been impressed with GitHub’s early adoption, in the form of GitHub Copilot X, which can provide detailed explainers in seconds, debug code, write tests for different functions and facilitate learning, integrating into every part of users’ workflows.

But the launch of Plugins means there is so much more to come… 

Developers at Expedia, Instacart, OpenTable, Klarna and many other major brands are already hard at work building Plugins. Asking your computer to find a recipe for dinner and have the ingredients delivered later that day, then plan and book you a holiday, is about to become reality. The next-generation interaction layer for software products has arrived. 

What do ChatGPT Plugins mean for API management?


It’s a very interesting question. The entire landscape of interfaces is about to change. Instead of interacting with multiple websites and apps, you will be interacting with products through one gigantic chat interface. That interface needs a way to interact with those products, which is where Plugins come in. And what powers ChatGPT’s Plugins? APIs. 

This means that taking an API-first approach to your business just became even more important than it already was – along with ensuring you have the right API management solution in place. 

We asked ChatGPT what the implications of its Plugins are for API management. It replied: 

“ChatGPT plugins have the potential to improve the efficiency, usability, and security of API management platforms by providing natural language capabilities and automating certain tasks.”

With a bit more grilling, ChatGPT suggested that Plugins could:

  • Make it easier for users to interact with APIs and perform tasks without learning complex programming languages or interfaces
  • Automate tasks such as API documentation generation or API testing, to save time and improve accuracy
  • Help improve the security and governance of API management platforms by providing an additional layer of authentication and authorization, using natural language queries to authenticate users and restrict access to certain APIs based on predefined rules or policies

The question of security is a big one. There could be serious security and privacy repercussions when Plugins extend to the fintech, insurtech and medtech sectors. This is where API management platforms will be essential, providing security, access control, governance, monitoring and more. Because of the nature of ChatGPT, it will be harder for organisations to predict how their data will be used, in what order and by which AI bot. This makes API management platforms a critical component of the Plugins infrastructure. 

API gateways can underpin this by being API-first themselves and thus making their capabilities available for consumption by ChatGPT. That way, if you ask it about adding security to your product, it can pull up your gateway and show you how to add security in easily. Or perhaps just do it for you, with the right permissions! 

API security and ChatGPT Plugins


Privacy and security are certainly being given some thought at OpenAI. Matthias Keller, chief scientist at Kayak, which is in the process of developing a ChatGPT Plugin, has found that search queries are abstracted away: 

“We don’t see the conversations. We see that ChatGPT wants to have flight prices from [for example] New York to San Francisco, but we have no insight into how it was asked, how the decision was made, how the whole conversation looks. This is all abstracted from us.” 

There’s also the question of accuracy. As Butler University’s Dr James F McGrath points out: 

“ChatGPT writes grammatically perfect and even compelling prose yet is prone to make things up.”

By its own admission, ChatGPT doesn’t get it right all the time (“I don’t have the capability to intentionally lie or deceive. However, I can provide responses that may be inaccurate or incorrect”). As our use of ChatGPT evolves, so too do the implications of its inaccuracies. Until we can be sure of the quality of what an artificial intelligence (AI) has been trained on, we can’t be sure of the quality of its output. This is why investment in sector-specific and vertical-specific AI is so important. But the cost is far from cheap – it costs millions to train on a dedicated data set. 

The rise of Plugins


Given that ChatGPT collected over 100 million users within two months of launching, and now has more than 13 million visitors daily, we can assume that Plugins will be popular, to say the least. 

From a technical perspective, all you need to create a Plugin is an Open API (ideally built using OpenAPI Specification) and some manifest. You don’t need to specify connections and so on, as the AI agent automatically guesses all the logic. It’s a true no-code solution – and it works with any API on the internet.

“Brings back memories of when ATMs made all bank staff lose their roles overnight. Except they didn’t, they changed their roles, their numbers and value increased and they moved to doing what people did best. Perhaps what we will see is more boring work done automatically, and engineers can focus on talking to end users, on making even more ambitious things, and perhaps the good ones become even more valuable.”

So… what does all this mean for developers and senior leaders in the tech sector? Well, it’s certainly not time to start searching for new jobs because we’re all about to be made redundant by ChatGPT. It is time to think about how the capabilities of ChatGPT Plugins could help us to interact better with our customers. As Innovation leader Tom Goodwin points out:

It also means that creating APIs using open standards and best practice is more important now more than ever because AI agents are making the creation of glue-code trivial, and to some extent completely unnecessary.

It’s an ultimate machine-human interface through natural language, suppressing “made up answers” with ones that are referenced from real data sources. That “real data” (such as pricing) and those “real actions” (such as purchases or bookings) are provided by a machine-intuitable interface: an API.

Before ChatGPT Plugins, integration involved three steps: 

  1. Build a front end 
  2. Build some glue-code to query an API
  3. Build the API (whether your own app or someone else’s). 

Now, with Plugins, glue-code is abstracted to the language model, meaning the second step is no longer needed. You only need your interface and your data source. Increasingly, that data source will be normalised to being a REST or GraphQL API. It is from this increasingly standardised foundation that innovation will flow. 

Thinking caps on…