i built this instead of sleeping, please tell me if it’s stupid

i got tired of the whole “just let agents call your API” thing sounding simple but being annoying once you actually try to do it.

everyone shows the happy path, but then you hit the boring stuff: auth, API keys, deciding which endpoints are safe, huge JSON responses, logs, rate limits, and not letting the model see half your backend for no reason.

so i built a rough gateway/proxy layer.

basically:

agent → gateway → real API

it’s not exactly MCP. it’s more like a curated agent-facing layer in front of an existing API.

the agent gets a scoped gateway key, not the real API key. the gateway checks what tools/endpoints that key is allowed to call, injects the real upstream auth server-side, calls the actual API, slims/redacts the response, and logs what happened.

it also supports some per-tool settings, like different auth/base URLs/response cleanup rules, because real APIs are messy and not every endpoint behaves the same.

the idea is not to replace the API. it’s just the boring wrapper/proxy layer people seem to keep rebuilding when they want agents to use APIs safely.

i haven’t launched it yet because it still needs polish, and i’d rather get roasted now than launch, regret the direction, and realize i built the wrong thing.

now you can roast the f out of me. constructive criticism is welcomed.

reddit.com
u/Decent_Progress7631 — 24 hours ago
▲ 2 r/mcp

i built this instead of sleeping, please tell me if it’s stupid

i got tired of the whole “just let agents call your API” thing sounding simple but being annoying once you actually try to do it.

everyone shows the happy path, but then you hit the boring stuff: auth, API keys, deciding which endpoints are safe, huge JSON responses, logs, rate limits, and not letting the model see half your backend for no reason.

so i built a rough gateway/proxy layer.

basically:

agent → gateway → real API

it’s not exactly MCP. it’s more like a curated agent-facing layer in front of an existing API.

the agent gets a scoped gateway key, not the real API key. the gateway checks what tools/endpoints that key is allowed to call, injects the real upstream auth server-side, calls the actual API, slims/redacts the response, and logs what happened.

it also supports some per-tool settings, like different auth/base URLs/response cleanup rules, because real APIs are messy and not every endpoint behaves the same.

the idea is not to replace the API. it’s just the boring wrapper/proxy layer people seem to keep rebuilding when they want agents to use APIs safely.

i haven’t launched it yet because it still needs polish, and i’d rather get roasted now than launch, regret the direction, and realize i built the wrong thing.

now you can roast the f out of me. constructive criticism is welcomed.

reddit.com
u/Decent_Progress7631 — 1 day ago

i built this instead of sleeping, please tell me if it’s stupid

i got tired of the whole “just let agents call your API” thing sounding simple but being annoying once you actually try to do it.

everyone shows the happy path, but then you hit the boring stuff: auth, API keys, deciding which endpoints are safe, huge JSON responses, logs, rate limits, and not letting the model see half your backend for no reason.

so i built a rough gateway/proxy layer.

basically:

agent → gateway → real API

it’s not exactly MCP. it’s more like a curated agent-facing layer in front of an existing API.

the agent gets a scoped gateway key, not the real API key. the gateway checks what tools/endpoints that key is allowed to call, injects the real upstream auth server-side, calls the actual API, slims/redacts the response, and logs what happened.

it also supports some per-tool settings, like different auth/base URLs/response cleanup rules, because real APIs are messy and not every endpoint behaves the same.

the idea is not to replace the API. it’s just the boring wrapper/proxy layer people seem to keep rebuilding when they want agents to use APIs safely.

i haven’t launched it yet because it still needs polish, and i’d rather get roasted now than launch, regret the direction, and realize i built the wrong thing.

now you can roast the f out of me. constructive criticism is welcomed.

reddit.com
u/Decent_Progress7631 — 1 day ago

i built this instead of sleeping, please tell me if it’s stupid

i got tired of the whole “just let agents call your API” thing sounding simple but being annoying once you actually try to do it.

everyone shows the happy path, but then you hit the boring stuff: auth, API keys, deciding which endpoints are safe, huge JSON responses, logs, rate limits, and not letting the model see half your backend for no reason.

so i built a rough gateway/proxy layer.

basically:

agent → gateway → real API

it’s not exactly MCP. it’s more like a curated agent-facing layer in front of an existing API.

the agent gets a scoped gateway key, not the real API key. the gateway checks what tools/endpoints that key is allowed to call, injects the real upstream auth server-side, calls the actual API, slims/redacts the response, and logs what happened.

it also supports some per-tool settings, like different auth/base URLs/response cleanup rules, because real APIs are messy and not every endpoint behaves the same.

the idea is not to replace the API. it’s just the boring wrapper/proxy layer people seem to keep rebuilding when they want agents to use APIs safely.

i haven’t launched it yet because it still needs polish, and i’d rather get roasted now than launch, regret the direction, and realize i built the wrong thing.

now you can roast the f out of me. constructive criticism is welcomed.

reddit.com
u/Decent_Progress7631 — 1 day ago
▲ 0 r/dotnet

i built this instead of sleeping, please tell me if it’s stupid

i got tired of the whole “just let agents call your API” thing sounding simple but being annoying once you actually try to do it.

everyone shows the happy path, but then you hit the boring stuff: auth, API keys, deciding which endpoints are safe, huge JSON responses, logs, rate limits, and not letting the model see half your backend for no reason.

so i built a rough gateway/proxy layer.

basically:

agent → gateway → real API

it’s not exactly MCP. it’s more like a curated agent-facing layer in front of an existing API.

the agent gets a scoped gateway key, not the real API key. the gateway checks what tools/endpoints that key is allowed to call, injects the real upstream auth server-side, calls the actual API, slims/redacts the response, and logs what happened.

it also supports some per-tool settings, like different auth/base URLs/response cleanup rules, because real APIs are messy and not every endpoint behaves the same.

the idea is not to replace the API. it’s just the boring wrapper/proxy layer people seem to keep rebuilding when they want agents to use APIs safely.

i haven’t launched it yet because it still needs polish, and i’d rather get roasted now than launch, regret the direction, and realize i built the wrong thing.

now you can roast the f out of me. constructive criticism is welcomed.

reddit.com
u/Decent_Progress7631 — 1 day ago
▲ 0 r/dotnet

asp.net api + ai agents feels messier than i expected

i was messing with the idea of letting an agent call a few endpoints from an existing asp.net api.

the api already has swagger/openapi, so in my head it sounded simple.

but then the annoying parts show up: auth, which endpoints are safe, logging what the agent did, rate limits, not sending huge messy responses back, handling errors in a way the model understands, etc.

feels like you end up building a little gateway/wrapper anyway.

has anyone here done this in a clean way?

are you generating from swagger, writing tool definitions manually, using mcp, or just avoiding this for now?

u/Decent_Progress7631 — 16 days ago
▲ 0 r/golang

ai agents calling go services feels kinda awkward

been playing with agents calling some backend stuff and the go side feels simple until you get to the “tool” part.

like the handler already exists, the openapi spec might already exist, but then you still need some extra layer so the agent can call only the right things, with auth, logs, rate limits, smaller responses, etc.

i keep ending up with random wrapper code around normal api endpoints.

anyone found a clean way to do this?

are people just writing the tool definitions manually, generating from openapi, using mcp, or not bothering with this yet?

reddit.com
u/Decent_Progress7631 — 16 days ago

am i overthinking this ai tools thing? I will not promote

i’m building something around ai agents/tools and trying to figure out if this is a real problem or just me being too deep in the weeds.

basically it feels like everyone talks about agents, but actually giving them useful stuff to call is still annoying.

like if you have an api or some backend action, you still have to deal with auth, hosting some wrapper, logs, permissions, weird json responses, etc.

i’m wondering if founders here actually care about making their product/api usable by agents, or if that’s still too early.

for anyone building saas/apis:

would you care if agents could use parts of your product directly?
or would you rather wait until there’s obvious demand?

also what would make you not touch something like this? security? no trust? no users? existing tools already good enough?

trying to get roasted before i waste too much time building.

reddit.com
u/Decent_Progress7631 — 16 days ago

am i overthinking this ai tools thing? I will not promote

i’m building something around ai agents/tools and trying to figure out if this is a real problem or just me being too deep in the weeds.

basically it feels like everyone talks about agents, but actually giving them useful stuff to call is still annoying.

like if you have an api or some backend action, you still have to deal with auth, hosting some wrapper, logs, permissions, weird json responses, etc.

i’m wondering if founders here actually care about making their product/api usable by agents, or if that’s still too early.

for anyone building saas/apis:

would you care if agents could use parts of your product directly?
or would you rather wait until there’s obvious demand?

also what would make you not touch something like this? security? no trust? no users? existing tools already good enough?

trying to get roasted before i waste too much time building.

reddit.com
u/Decent_Progress7631 — 16 days ago