Agoda Open Sources APIAgent to Convert Any REST pr GraphQL API into an MCP Server with Zero Code

Building AI agents is the new gold rush. But every developer knows the biggest bottleneck: getting the AI to actually communicate to your data. Today, travel giant Agoda is tackling this problem head-on. They have officially launched APIAgent, an open-source tool designed to turn any REST or GraphQL API into a Model Context Protocol (MCP) server with 0 code and 0 deployments.

The Problem: The ‘Integration Tax‘

Until recently, if you wanted your AI agent to check flight prices or look up a database, you had to write a custom tool. When Anthropic released the Model Context Protocol (MCP), it created a standard way for Large Language Models (LLMs) to connect to external tools.

However, even with MCP, the workflow is tedious. A developer must:

1. Write a new MCP server in Python or TypeScript.
2. Define every tool and its parameters manually.
3. Deploy and maintain that server.
4. Update the code every time the underlying API changes.

Agoda team calls this the ‘integration tax.’ For a company with 1000s of internal APIs, writing 1000s of MCP servers is not realistic. APIAgent is their answer to this scaling problem.

What is APIAgent?

APIAgent is a universal MCP server. Instead of writing custom logic for every API, you use APIAgent as a proxy. It sits between your LLM (like Claude or GPT-4) and your existing APIs.

The tool is built on a specific technical stack:

• FastMCP: Powers the MCP server layer.
• OpenAI Agents SDK: Handles the language model orchestration.
• DuckDB: An in-process SQL engine used for SQL post-processing.

The ‘magic’ lies in its ability to understand API documentation. You provide a definition of your API—using an OpenAPI specification for REST or a schema for GraphQL—and APIAgent handles the rest.

How It Works?

The architecture is straightforward. APIAgent acts as a gateway. When a user asks an AI agent a question, the flow looks like this:

• The Request: The user asks, ‘Show me the top 10 hotels in Bangkok with the most reviews.’
• Schema Introspection: APIAgent automatically inspects the API schema to understand the available endpoints and fields.
• The SQL Layer (DuckDB): This is the secret sauce. If the API returns 10,000 unsorted rows, APIAgent uses DuckDB to filter, sort, and aggregate that data locally via SQL before sending the concise result back to the LLM.
• The Response: The JSON data travels back through APIAgent, which formats it for the AI to read.

This system uses Dynamic Tool Discovery. You can point APIAgent at any URL, and it automatically generates the necessary tools for the LLM without manual mapping.

Key Feature: ‘Recipe’ Learning

One of the key features is Recipe Learning. When a complex natural language query successfully executes, APIAgent can extract the trace and save it as a ‘Recipe.’

• These recipes are parameterized templates.
• The next time a similar question is asked, APIAgent uses the recipe directly.
• This skips the expensive LLM reasoning step, which significantly reduces latency and cost.

Key Takeaway

• Universal Protocol Bridge: APIAgent acts as a single, open-source proxy that converts any REST or GraphQL API into a Model Context Protocol (MCP) server. This removes the need to write custom boilerplate code or maintain individual MCP servers for every internal microservice.
• Zero-Code Schema Introspection: The tool is ‘configuration-first.’ By simply pointing APIAgent at an OpenAPI spec or GraphQL endpoint, it automatically introspects the schema to understand endpoints and fields. It then exposes these to the LLM as functional tools without manual mapping.
• Advanced SQL Post-Processing: It integrates DuckDB, an in-process SQL engine, to handle complex data manipulation. If an API returns thousands of unsorted rows or lacks specific filtering, APIAgent uses SQL to sort, aggregate, or join the data locally before delivering a concise answer to the AI.
• Performance via ‘Recipe Learning’: To solve high latency and LLM costs, the agent features Recipe Learning. It records the successful execution trace of a natural language query and saves it as a parameterized template.
• Security-First Architecture: The system is ‘Safe by Default,‘ operating in a read-only state. Any ‘mutating’ actions (like POST, PUT, or DELETE requests) are strictly blocked by the proxy unless a developer explicitly whitelists them in the YAML configuration file.

Check out the PR Here. Also, feel free to follow us on Twitter and don’t forget to join our 100k+ ML SubReddit and Subscribe to our Newsletter. Wait! are you on telegram? now you can join us on telegram as well.

Michal Sutter is a data science professional with a Master of Science in Data Science from the University of Padova. With a solid foundation in statistical analysis, machine learning, and data engineering, Michal excels at transforming complex datasets into actionable insights.