Agoda engineers developed API Agent, a system with zero code and zero deployments that enables a single Model Context Protocol (MCP) server to connect to internal REST or GraphQL APIs. The system is designed to reduce the operational overhead of managing multiple APIs with distinct schemas and authentication methods, allowing teams to query services through AI assistants without building individual MCP servers for each API.
API Agent functions as a universal MCP server. Engineers configure the MCP client with a target URL and API type. The agent automatically introspects the API schema and generates queries in response to natural language input. A single deployment can serve multiple APIs simultaneously. Each API appears as a separate MCP server to clients while sharing the same instance. Adding a new API requires only a configuration update.
Idan Zalzberg, chief technology officer at Agoda, mentioned during a press release:
Many teams want to unlock internal tools for AI, but writing MCPs for each one is a major effort. API Agent takes a novel, zero-effort approach to that transformation, and to our knowledge, is the first of its kind.
The architecture includes a schema introspection module. When configured with a target API, the agent retrieves the API schema dynamically. For GraphQL, it extracts types, fields, and input parameters. For REST APIs, it uses OpenAPI specifications or JSON response examples. This enables the agent to construct queries without requiring prebuilt adapters.
The system stack includes FastMCP for the MCP server, the OpenAI Agents SDK for language model orchestration, and DuckDB for in-memory SQL post-processing. Additional features include dynamic tool naming, schema search for large APIs, turn tracking for multi-step queries, and observability through OpenTelemetry, Jaeger, Zipkin, Grafana Tempo, or Arize Phoenix.
API agent under the hood (Source: Agoda Engineering Blog)
Responses from APIs can include thousands of rows, which may exceed large language model context limits and cause truncation. API Agent addresses this by using SQL in DuckDB as a context-management layer. Full API responses are stored, filtered, and aggregated in SQL before sending only the concise result to the model. DuckDB runs in-process, handles JSON natively, and infers schemas automatically. Using SQL for post-processing avoids arbitrary code execution and remains compatible with LLM query generation.
Security is enforced by default. API Agent operates in read-only mode, with mutations blocked unless explicitly enabled and whitelisted for internal tools.
and whitelisted for internal tools.
API agent security model (Source: Agoda Engineering Blog)
Operational lessons include clear communication when responses are truncated, prioritizing schema over sample data, handling SQL quirks, and exposing full error messages for LLM correction. Repeated queries are captured as parameterized “recipes,” reducing reasoning time and latency, while direct return options let filtered data bypass summarization. API Agent supports queries across multiple endpoints in a single session, handling joins and aggregations. SQL-based post-processing avoids sandboxing, network isolation, and dependency issues. Its declarative style aligns with large language models, enabling safe AI-assisted data transformation. The project is open-sourced at api-agent for REST and GraphQL experimentation.
