Apiome Governance
One registry. Every type, every schema, governed.
Apiome Governance gives your organization a single source of truth for API types and schemas. A centralized JSON Schema 2020-12 type registry with system-wide and per-tenant namespaces, relative $ref resolution, guided schema imports, approval workflows, and quality gates — so every property traces back to one governed, versioned definition.

What ships with Governance
Every Governance surface is wired into the rest of the Apiome platform — no glue code, no separate identity, no bolt-on integrations.
Centralized type registry
A single, versioned repository for JSON Schema 2020-12 types with full history, metadata, search, and dependency tracking.
Namespaces & scoped visibility
System-wide std/* namespaces shared with every tenant and private tenant namespaces, with enforced scope rules.
Relative $ref resolution
Every reference resolves against its import-source base URL, with unresolved and circular references detected automatically.
Guided schema import
Bring in JSON Schemas, $defs bundles, and OpenAPI 3.1 components from file, paste, URL, or Git — with conflict detection and dedupe.
Approval workflows & quality gates
Draft-to-retired lifecycle states, mandatory review for production schemas, and publish gates that block on policy violations.
Compliance & audit readiness
PII detection, data-classification tags, naming-convention enforcement, and per-schema compliance scoring across major frameworks.
A look inside Apiome Governance
Live design previews from the Governance mockup pack — 8 surfaces in total.

The three-step import wizard ingests JSON Schema documents, type bundles, and OpenAPI 3.1 components — rewriting refs and mapping into a target namespace.

The Reference Resolver replays every relative $ref against its base URL, renders the dependency graph, and flags unresolved and circular references.

From the visual Designer, bind any object property directly to a registry type with a live $ref binding preview showing exactly how it resolves.
Use cases
Governance is designed around the way real teams actually work — not the way a tool wants them to work.
Publish a curated catalog of core system types that every tenant consumes by $ref, eliminating hundreds of drifting copy-pasted definitions.
Enforce naming conventions and breaking-change policies as publish gates, so non-compliant schemas never reach production.
Import vendor and industry schemas into governed namespaces and trace exactly which classes depend on each type before a change ships.
- Tenant-isolated type scopes with system-wide core types shared across the organization
- Schema approval workflows with escalation and mandatory review for production schemas
- Full audit logging of type changes, imports, bindings, and lifecycle transitions
- Breaking-change policies with consumer impact analysis and migration enforcement
- Compliance frameworks and reporting for GDPR, HIPAA, PCI-DSS, SOC 2, and ISO 27001
- Automatic PII and sensitive-field detection with classification tagging across all schemas
- Usage-based type recommendations and related-schema suggestions during design and import
- Consumer impact assessment and migration effort estimation for proposed breaking changes
- Remediation recommendations that translate compliance violations into actionable schema edits
AI that keeps your schema estate honest
Governance applies AI where policy meets scale — scanning every schema for sensitive data, surfacing the types teams should reuse, and turning compliance findings into concrete fixes.
Every GovernanceAI feature is grounded in your tenant's data, runs under your data-residency policy, and respects every role and ACL the platform enforces.
Every surface in Apiome Governance
A look at the 8 screens designed for this suite — covering everything from day-1 onboarding to day-100 operations.


