Comcast’s Connected Living group is responsible for enabling customers to manage home networks, Wi-Fi, IoT solutions, and home security through various digital experiences. Tyler Rivera, Principal Engineer at Comcast, leads the API Gateway platform that underpins these services. With a large and diverse development community across the organization, Comcast needed a robust platform to support rapid innovation while maintaining security, performance, and ease of use.

As Comcast’s internal teams grew and the number of services expanded, their original ticket-based, Terraform-driven API onboarding process quickly became a bottleneck. Developers had to wait for manual configurations, and not all teams were familiar with Terraform. This led to inconsistencies and delays that didn't scale. Beyond that, the platform needed to meet strict requirements: minimal latency impact (under 50 milliseconds), high availability through multi-region failover, and a developer-friendly experience that didn’t compromise on security or transparency. Managing user roles, permissions, and observability at this scale, especially with limited control over Comcast's centralized identity provider, added another layer of complexity.

Comcast turned to Kong to build a modern, scalable, self-service API management platform. After starting with Kong Open Source, they migrated to Kong Enterprise in early 2020 to unlock capabilities better suited for large-scale operations. Over time, they moved from a manual ticketing process to a declarative, automated approach that streamlined onboarding, role creation, and service configuration.

Key to this transformation was the use of Kong Manager, decK, and Kong’s plugin ecosystem. Comcast extended Kong’s Go SDK (“Goong”) to include critical Enterprise endpoints like workspaces and role permissions. They contributed those enhancements back to the community, underscoring their commitment to open source. To ease service ownership and observability, Comcast implemented a tagging strategy: developers could add metadata to services, triggering automatic creation of dashboards, synthetic checks, and alerts tailored to each service.

They also introduced a declarative YAML-based configuration model to manage user access and roles, mirroring the principles behind decK. This allowed them to onboard teams consistently, enforce access policies, and offer full transparency to stakeholders. Internally, Comcast built a CLI tool that mimicked decK’s functionality but was customized to fit their unique architecture and IDP constraints.

Comcast successfully transitioned from a high-touch, inconsistent onboarding model to a fully automated, scalable self-service API platform that meets the needs of hundreds of development teams. Developer onboarding is now fast and frictionless, with roles and dashboards provisioned automatically based on simple YAML definitions and service tags. Observability is deeply integrated and tied directly to service metadata, giving teams immediate insight into performance and ownership.

Security remains intact through SSO and MFA, while access controls and permissions are declaratively managed and fully auditable. Contributions back to the Kong ecosystem, including enhancements to Goong and decK, have helped strengthen the wider community. Looking ahead, Comcast is exploring new automation layers using OPA for policy enforcement and dynamic synthetic testing based on service traffic patterns.

By focusing on automation, transparency, and developer empowerment, Comcast has built a platform that not only scales with the organization’s size but also continuously improves the experience for both internal teams and end customers.