TNS
SUBSCRIBE
Join our community of software engineering leaders and aspirational developers. Always stay in-the-know by getting the most important news and exclusive content delivered fresh to your inbox to learn more about at-scale software development.
REQUIRED
 
It seems that you've previously unsubscribed from our newsletter in the past. Click the button below to open the re-subscribe form in a new tab. When you're done, simply close that tab and continue with this form to complete your subscription.
Welcome and thank you for joining The New Stack community!
Please answer a few simple questions to help us deliver the news and resources you are interested in.
REQUIRED
REQUIRED
REQUIRED
REQUIRED
REQUIRED
Great to meet you!
Tell us a bit about your job so we can cover the topics you find most relevant.
REQUIRED
REQUIRED
REQUIRED
REQUIRED
REQUIRED
REQUIRED
Welcome!

We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.

What’s next?

Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.

Become a TNS follower on LinkedIn.

Check out the latest featured and trending stories while you wait for your first TNS newsletter.

PREV
of
NEXT
VOXPOP
As a JavaScript developer, what non-React tools do you use most often?
Angular
0%
Astro
0%
Svelte
0%
Vue.js
0%
Other
0%
I only use React
0%
I don't use JavaScript
0%
 
Open Source Cloud Native Ecosystem Containers Edge Computing Microservices Networking Serverless Storage
How the Argo Project Is Avoiding WordPress-Type Problems
Oct 4th 2024 11:00am, by Dan Garfield
Are We Thinking About Supply Chain Security All Wrong?
Oct 3rd 2024 3:00pm, by Heather Joslyn
Open Source Supply Chains Can Fix Your Dependency Headaches
Oct 3rd 2024 10:00am, by Sam Snyder
The WordPress Saga: Does Matt Mullenweg Want a Fork or Not?
Oct 2nd 2024 2:06pm, by Alex Williams
Open Source Needs Younger Maintainers. How Can It Get Them?
Oct 2nd 2024 5:00am, by Richard Gall
NGINX One Console: Not for Experts Only
Oct 4th 2024 12:39pm, by B. Cameron Gain
Why NoSQL Deployments Are Failing at Scale
Oct 4th 2024 10:00am, by Sunny Bains
Abstracting Cloud SDKs, Starting With the Runtime
Oct 1st 2024 8:42am, by Rak Siva
How Agentless Security Can Prevent Major Ops Outages
Sep 30th 2024 7:36am, by Manas Chowdhury
3 Key Practices for Perfecting Cloud Native Architecture
Sep 24th 2024 10:00am, by Rahul Shrivastava
How Nvidia Scaled Its Cloud Services With KubeVirt
Oct 4th 2024 6:18am, by Jonathan Gershater
Is Kubernetes Green?
Oct 2nd 2024 8:24am, by Anne Currie
Abstracting Cloud SDKs, Starting With the Runtime
Oct 1st 2024 8:42am, by Rak Siva
Microsoft Open Sources OpenHCL, a Linux-Based 'Paravisor'
Sep 24th 2024 11:00am, by Steven J. Vaughan-Nichols
What Is Testcontainers, and Why Should You Care?
Sep 17th 2024 7:53am, by Kevin Wittek
From VMs to AI: How Edge Computing Is Evolving
Sep 13th 2024 3:54am, by Ben Cohen
The New 2GB Raspberry Pi 5: Another Option for Linux Sysadmins
Sep 2nd 2024 9:00am, by Damon M. Garn
Golang Pub/Sub: Why It’s Better When Combined With GoFr
Aug 28th 2024 6:00am, by Robert Kimani
With eLxr, Wind River Brings Debian Linux to the Edge
Aug 12th 2024 1:30pm, by Joab Jackson
How To Get Started Running Small Language Models at the Edge
Jul 24th 2024 6:00am, by Janakiram MSV
Binary Provenance, SBOMs and the Software Supply Chain for Humans
Oct 1st 2024 10:00am, by Mike Long
Platform Engineering Reshapes Software Dev at Bechtle
Sep 4th 2024 6:00am, by Todd R. Weiss
Shift Left on a Budget: Cost-Savvy Testing for Microservices
Aug 27th 2024 12:03pm, by Nočnica Mellifera
Remocal Development: The Future of Efficient Kubernetes Workflows
Aug 25th 2024 10:00am, by Anita Ihuman
Why Staging Doesn't Scale for Microservice Testing
Aug 16th 2024 10:13am, by Arjun Iyer
Internet Architecture Board ISO Future Networking Tech
Sep 29th 2024 8:00am, by Joab Jackson
Git: Set Up a Local Repository Accessible by LAN
Sep 28th 2024 9:00am, by Jack Wallen
Linux: Create and Connect to an NFS Share
Sep 21st 2024 8:00am, by Jack Wallen
AlmaLinux: Deploy a DHCP Server for Your Internal Network
Sep 14th 2024 7:00am, by Jack Wallen
How Meta Is Reinforcing its Global Network for AI Traffic
Sep 12th 2024 11:45am, by Joab Jackson
Azure Durable Functions: FaaS for Complex Workflows
Aug 15th 2024 8:16am, by Lily Ma and David Justo
Momento: Caching at Scale and More, Without All the Hassle
Jul 22nd 2024 11:23am, by Susan Hall
WebAssembly and Kubernetes Go Better Together: Matt Butcher
May 22nd 2024 2:00pm, by Raghavan "Rags" Srinivas
How to Conquer Cold Starts for Better Performance
Apr 25th 2024 9:17am, by Henry Hamid Safi
Meet DBOS: A Database Alternative to Kubernetes 
Mar 12th 2024 4:00am, by Joab Jackson
Redis Users Want a Change
Oct 2nd 2024 9:00am, by Aleksandra Mitroshkina
Linux: Recover Files From a Machine That Won't Boot
Sep 29th 2024 6:00am, by Jack Wallen
Columnar Storage: A Developer’s Key to Real-Time Analytics
Sep 27th 2024 7:00am, by Steph Rogers
Bring Storage and Databases Under Kubernetes Control
Sep 23rd 2024 1:00pm, by Murli Thirumale
Ceph: 20 Years of Cutting-Edge Storage at the Edge
Sep 10th 2024 5:55am, by Steven J. Vaughan-Nichols
AI Large Language Models Frontend Development Software Development API Management Python JavaScript TypeScript WebAssembly Cloud Services Data Security
OpenAI Launches New ChatGPT Interface, Designed for Coding
Oct 5th 2024 7:00am, by
Microsoft Sees Devs Embracing a ‘Paradigm Shift’ to GenAIOps
Oct 4th 2024 8:28am, by
Key Trends Shaping the Observability Market
Oct 4th 2024 8:00am, by
Techniques for Tackling Catastrophic Forgetting in AI Models
Oct 1st 2024 11:44am, by
What’s Wrong With Generative AI-Driven Development Right Now
Oct 1st 2024 6:00am, by
Microsoft Sees Devs Embracing a ‘Paradigm Shift’ to GenAIOps
Oct 4th 2024 8:28am, by
Build an AI-Powered Question-Answering Application
Oct 3rd 2024 2:00pm, by
Llama Stack Released To Help Developers Build 'Agentic Apps'
Oct 3rd 2024 12:00pm, by
Using Vite and Vike for Microfrontends; Plus Other Dev News
Sep 28th 2024 7:00am, by
OpenAI Structured Outputs: How-To Guide for Developers
Sep 27th 2024 9:00am, by
OpenAI Launches New ChatGPT Interface, Designed for Coding
Oct 5th 2024 7:00am, by
Introduction to Laravel for Ruby on Rails or Django Fans
Oct 5th 2024 5:00am, by
Vite Creator Launches Company To Build JavaScript Toolchain
Oct 3rd 2024 11:00am, by
The Pros and Cons of Web Components, Via Lit and Shoelace
Sep 29th 2024 7:00am, by
Using Vite and Vike for Microfrontends; Plus Other Dev News
Sep 28th 2024 7:00am, by
Go Big or Go Home: What GitHub Learned Building Copilot
Oct 4th 2024 1:01pm, by
Microsoft Taking Up the Mantra of Platform Engineering
Oct 4th 2024 7:23am, by
Open Source Supply Chains Can Fix Your Dependency Headaches
Oct 3rd 2024 10:00am, by
Developer Relations Foundation Aims to Clarify Role
Oct 2nd 2024 12:00pm, by
Why Staging Is a Bottleneck for Microservice Testing
Oct 2nd 2024 11:00am, by
AI for APIs: Techniques for AI-Assisted SDK Generation
Oct 6th 2024 5:00am, by
Zen and the Art (and Science) of API Development
Oct 3rd 2024 7:00am, by
How To Strengthen API Security With Zero Trust
Oct 2nd 2024 10:00am, by
OpenAI's Realtime API Takes a Bow
Oct 1st 2024 9:05pm, by
Building for Integrations Is a Future-Minded Growth Strategy
Sep 20th 2024 10:38am, by
Handling Edge Cases and Exceptions in Python
Sep 28th 2024 5:00am, by
How To Get Started With Native Python
Sep 27th 2024 8:00am, by
Python Under the Hood
Sep 26th 2024 12:00pm, by
How to Use Comments in Your Python Code (And Why You Should)
Sep 15th 2024 2:08pm, by
Python Try ... Except: What It Is and How to Use It
Sep 15th 2024 5:05am, by
OpenAI Launches New ChatGPT Interface, Designed for Coding
Oct 5th 2024 7:00am, by
Vite Creator Launches Company To Build JavaScript Toolchain
Oct 3rd 2024 11:00am, by
Behind the Scenes at the JavaScript Registry
Oct 3rd 2024 6:00am, by
Using Vite and Vike for Microfrontends; Plus Other Dev News
Sep 28th 2024 7:00am, by
Node Removes Corepack, Bun Runs Native C From JavaScript
Sep 21st 2024 6:00am, by
Why ChatGPT Shifted From Next.js To Remix: Some Theories
Sep 14th 2024 8:05am, by
Is React Now a Full Stack Framework? And Other Dev News
Aug 31st 2024 5:00am, by
Implementing IAM in NestJS: The Essential Guide
Aug 30th 2024 6:26am, by
TypeScript 5.5: Faster, Smarter and More Powerful
Jun 25th 2024 6:41am, by
UIX: A Full Stack Web Dev Framework Leveraging Deno
Jun 11th 2024 11:30am, by
Traefik 3.0 Works Better With WebAssembly and OpenTelemetry
Sep 17th 2024 1:30pm, by
Arcjet Launches: Wasm-Powered Security for Modern Developers
Sep 10th 2024 2:05pm, by
Golang for WebAssembly Can Now Work Like IT Should
Aug 9th 2024 9:00am, by
How To Run WebAssembly on Kubernetes
Jul 28th 2024 10:00am, by
Chicory: Write to WebAssembly, Overcome JVM Shortcomings 
Jul 19th 2024 12:33pm, by
3 Key Practices for Perfecting Cloud Native Architecture
Sep 24th 2024 10:00am, by
AWS Transfers OpenSearch to the Linux Foundation
Sep 17th 2024 12:33pm, by
Why Cloud Migrations Fail
Sep 13th 2024 11:05am, by
Did Broadcom’s VMware Hit Nutanix Where It Hurts?
Sep 2nd 2024 7:00am, by
Broadcom’s VMware Tanzu Platform 10 Becomes a PaaS
Aug 28th 2024 12:34pm, by
With WarpStream, Confluent Got a New Type of Kafka Platform
Oct 1st 2024 7:11am, by
OpenAI Structured Outputs: How-To Guide for Developers
Sep 27th 2024 9:00am, by
Hard Truths to Consider When Designing SLOs for Mobile Apps
Sep 26th 2024 11:00am, by
Turso Offers Web Developers Simpler, Faster Database
Sep 25th 2024 7:11am, by
Graph Embeddings 101: Key Terms, Concepts and AI Applications
Sep 23rd 2024 6:20am, by
SSHamble: Test Your Servers for Potential SSH Issues
Oct 4th 2024 9:00am, by
Implement Third-Party Authentication With Google in Next.js
Oct 4th 2024 9:00am, by
Microsoft Taking Up the Mantra of Platform Engineering
Oct 4th 2024 7:23am, by
Are We Thinking About Supply Chain Security All Wrong?
Oct 3rd 2024 3:00pm, by
How To Strengthen API Security With Zero Trust
Oct 2nd 2024 10:00am, by
Platform Engineering Operations CI/CD Tech Careers Tech Culture DevOps Kubernetes Observability Service Mesh
Microsoft Taking Up the Mantra of Platform Engineering
Oct 4th 2024 7:23am, by Todd R. Weiss
How to Build an Internal Developer Platform Like a Product
Sep 23rd 2024 10:57am, by Jennifer Riggins
Platform Engineering Reshapes Software Dev at Bechtle
Sep 4th 2024 6:00am, by Todd R. Weiss
Build Platform Engineering as a Product for Dev Adoption
Sep 2nd 2024 6:00am, by Todd R. Weiss
How Supabase Is Building Its Platform Engineering Strategy
Aug 29th 2024 6:42am, by Todd R. Weiss
NGINX One Console: Not for Experts Only
Oct 4th 2024 12:39pm, by B. Cameron Gain
SSHamble: Test Your Servers for Potential SSH Issues
Oct 4th 2024 9:00am, by Jack Wallen
Key Trends Shaping the Observability Market
Oct 4th 2024 8:00am, by Krishna Yadappanavar
The 4 Evolutions of Your Observability Journey
Oct 3rd 2024 9:00am, by Hazel Weakly
Google Equips PostgreSQL, Valkey Services for Vector Processing
Oct 3rd 2024 5:00am, by Joab Jackson
How the Argo Project Is Avoiding WordPress-Type Problems
Oct 4th 2024 11:00am, by Dan Garfield
Implement Third-Party Authentication With Google in Next.js
Oct 4th 2024 9:00am, by Vinod Pal
End of the Road for JavaFX in JDK 8: Keeping Your Apps Alive
Oct 3rd 2024 1:00pm, by Frank Delporte
How Generative AI Is Revolutionizing Debugging
Sep 25th 2024 8:30am, by Eran Kinsbruner
Stop Blaming Regulation for Poor Software Delivery Performance
Sep 24th 2024 12:00pm, by Steve Fenton
Developer Relations Relies on Authenticity and Trust
Oct 5th 2024 10:00am, by Sarah Guthals
Developer Relations Foundation Aims to Clarify Role
Oct 2nd 2024 12:00pm, by Loraine Lawson
What a CTO Learned at Nvidia About Managing Engineers
Sep 26th 2024 9:20am, by Heather Joslyn
Kelsey Hightower on What’s Next for Developers After GenAI
Sep 17th 2024 11:30am, by Joe Fay
SaaS Is Dead, Long Live SaaS!
Sep 16th 2024 10:00am, by Paris Heymann
Zorin OS: The Perfect Linux Distro for Migrating From Windows
Oct 5th 2024 8:00am, by Jack Wallen
Lost 1983 Programming Language Resurrected by Retro Compute YouTube Channel
Oct 5th 2024 6:00am, by David Cassel
Developer Relations Foundation Aims to Clarify Role
Oct 2nd 2024 12:00pm, by Loraine Lawson
Social Web Foundation Launched — How In Is W3C on Fediverse?
Sep 24th 2024 6:00am, by Richard MacManus
How To Find Success With Code Reviews
Sep 19th 2024 5:00am, by Loraine Lawson
Developer Relations Relies on Authenticity and Trust
Oct 5th 2024 10:00am, by Sarah Guthals
Open Source Supply Chains Can Fix Your Dependency Headaches
Oct 3rd 2024 10:00am, by Sam Snyder
The 4 Evolutions of Your Observability Journey
Oct 3rd 2024 9:00am, by Hazel Weakly
Techniques for Tackling Catastrophic Forgetting in AI Models
Oct 1st 2024 11:44am, by Kimberley Mok
How To Streamline DevOps With Automated Testing
Sep 30th 2024 12:09pm, by Dima Kramskoy
How Nvidia Scaled Its Cloud Services With KubeVirt
Oct 4th 2024 6:18am, by Jonathan Gershater
Is Kubernetes Green?
Oct 2nd 2024 8:24am, by Anne Currie
Enterprise Data Platforms on Kubernetes Challenge Status Quo
Oct 2nd 2024 7:06am, by Mark Cusack
Databases on Kubernetes: Why, When and What To Consider
Oct 1st 2024 6:16am, by Kathryn Hsu
How To Jump-Start Your Stalled Kubernetes Migration
Sep 24th 2024 5:00am, by Vicki Walker
Key Trends Shaping the Observability Market
Oct 4th 2024 8:00am, by Krishna Yadappanavar
The 4 Evolutions of Your Observability Journey
Oct 3rd 2024 9:00am, by Hazel Weakly
Why Grafana Offers $100,000 to Startups for Observability
Sep 28th 2024 4:00am, by B. Cameron Gain
The Path to Autonomous Observability
Sep 25th 2024 6:14am, by David Lotan Bolotnikoff
Tetragon eBPF for Kubernetes: The Verdict Is Out
Sep 22nd 2024 7:00am, by B. Cameron Gain
Istio 1.23 Drops the Sidecar for a Simpler 'Ambient Mesh'
Aug 19th 2024 12:59pm, by Joab Jackson
Can Cilium Be a Control Plane Beyond Kubernetes?
Jul 28th 2024 6:00am, by Alex Williams
6 Tips to Integrate Container Orchestration and APM Tools
May 20th 2024 11:03am, by Chris Cooney
Enhancing Business Security and Compliance with Service Mesh
Apr 1st 2024 10:00am, by Ninad Desai
Some Linkerd Users Must Pay: Fear and Anger Explained
Feb 28th 2024 9:21am, by B. Cameron Gain
AI Operations / API Management

AI for APIs: Techniques for AI-Assisted SDK Generation

A key advantage of AI in SDK generation is its ability to handle mundane tasks. But a hybrid model is best, with the dev firmly in charge.
Oct 6th, 2024 5:00am by
Featued image for: AI for APIs: Techniques for AI-Assisted SDK Generation
Image via Unsplash+. 

The rise of AI-powered tools such as GitHub Copilot and ChatGPT has sparked considerable interest in how AI can assist developers in generating and using API SDKs (Software Development Kits). With its potential to streamline repetitive coding tasks, AI presents an exciting opportunity for enhancing API workflows. However, this new approach also comes with notable challenges, including issues of reliability, security and nondeterminism.

In this article, we’ll dive deep into the role AI can play as a copilot in SDK generation, examine common pitfalls like hallucinations, and explore how AI can complement traditional code generation methods to offer a balanced and efficient development experience.

The Potential of AI in SDK Generation

APIs are the backbone of modern software applications, enabling different systems to communicate with one another. SDKs simplify API usage by offering developers prepackaged libraries and tools. Traditionally, SDK generation has been a manual, time-consuming process. However, recent advancements in AI have opened up new possibilities for automating SDK creation.

One of the key advantages of AI in SDK generation is its ability to handle mundane, repetitive tasks. By parsing through OpenAPI specifications or API documentation, AI can automate the creation of models, services and other components needed to build an SDK. This cuts down on manual labor, enabling developers to focus on more complex and creative tasks​.

For example, platforms like APIMatic are experimenting with AI to improve developer experiences by training AI to work alongside traditional code generation tools. In this hybrid model, AI can dynamically answer developer queries and explore API documentation, while deterministic code generators handle the reliable creation of static API access code​.

Example: Spotify API

The C# code below demonstrates how to interact with the Spotify API to create a new playlist, fetch an artist’s top tracks and add those tracks to the created playlist using the Spotify Web API SDK. It was generated by an API copilot from APIMatic in response to the query: “How to create a new playlist and add the 10 most popular Taylor Swift songs?”

This code handles the full workflow of:

  1. Authenticating via OAuth 2.0 with the necessary permissions to modify the user’s playlists.
  2. Creating a new playlist for the user using Spotify’s API.
  3. Fetching the top tracks of Taylor Swift.
  4. Adding the fetched tracks to the newly created playlist.

Here’s a breakdown of the code.

1. Authorization Setup

The code starts by setting up OAuth 2.0 Authorization Code Flow to gain access to Spotify’s API. It defines the OAuth client ID, client secret and redirect URI, and requests the necessary scopes for managing playlists:

  • PlaylistModifyPrivate: Modify private playlists.
  • PlaylistModifyPublic: Modify public playlists.

The client obtains an OAuth token after user consent by redirecting them to the Spotify authorization page. This token is then used to authenticate API calls.

2. Creating a New Playlist

After authorization, a PlaylistsController is instantiated to interact with playlists. A playlist with the name “Taylor Swift Top 10” is created using the CreatePlaylistAsync method, with parameters for privacy and description.

3. Fetching Taylor Swift’s Top Tracks

The ArtistsController is used to fetch Taylor Swift’s top tracks with GetAnArtistsTopTracksAsync, specifying the artist’s Spotify ID (06HL4z0CvFAxyc27GXpf02) and market (US). The result is a list of top tracks, including their URIs (unique Spotify track identifiers).

4. Adding Tracks to Playlist

The code then adds these top tracks to the newly created playlist using AddTracksToPlaylistAsync. It sends a list of track URIs to the playlist using the playlistId obtained from the playlist creation response.

How It Works

  1. OAuth Flow: Users are prompted to log in to Spotify, and the app retrieves an authorization code, which is then exchanged for an OAuth token.
  2. Playlist Creation: A private playlist called “Taylor Swift Top 10” is created for the authenticated user.
  3. Fetching Artist’s Top Tracks: The code fetches Taylor Swift’s top tracks from Spotify, specific to the US market.
  4. Adding Tracks to Playlist: The tracks are added to the newly created playlist using their Spotify URIs.

Additional Considerations

  • Exception Handling: The code includes try-catch blocks to catch exceptions during API calls (e.g., if the authorization fails or a playlist cannot be created).
  • User Authorization: The AuthorizationCodeAuth model is used for secure access, allowing the app to modify user playlists after explicit consent.

This setup allows users to create dynamic playlists, personalize music experiences and integrate Spotify seamlessly into applications.

By leveraging an API copilot, this complex series of API interactions is simplified into a structured and executable format. The copilot ensures that the right endpoints, authentication processes and API parameters are handled automatically, making it easier for developers to implement sophisticated features like playlist creation and song management, without manually writing every detail.

Challenges with AI-Generated SDKs

While this may sound promising, AI-based SDK generation is far from being a complete solution. Despite its strengths, there are several critical challenges that must be addressed.

1. Nondeterminism and Hallucinations

Nondeterminism refers to the inability of AI models to consistently generate the same output for identical inputs. This is especially problematic for SDK generation, where consistency is key. If an SDK generated by an AI assistant differs slightly each time, it can cause significant integration issues down the road. Developers need to trust that the code generated will be consistent and reliable — an area where AI currently falls short.

One related issue is “hallucination,” where AI generates syntactically correct code that does not align with the underlying logic or API documentation. For instance, the AI may misinterpret an API endpoint or create functions that, while appearing functional, are entirely unusable in practice​.

This could lead to frustrating debugging sessions, where developers have to sift through lines of faulty AI-generated code to correct hallucinations or inconsistencies.

2. Input and Output Limitations

Large language models (LLMs) like GPT-4 operate within strict token limits. These limits restrict the amount of input (e.g., API documentation or OpenAPI specs) and output (e.g., SDK code) that can be processed in a single run. For larger or more complex APIs, this becomes a significant bottleneck. As SDK generation often requires handling large codebases, AI’s current token constraints prevent it from generating complete SDKs in one pass​.

3. Security Concerns

AI models are trained on vast amounts of existing code, which includes both secure and insecure examples. This makes them prone to generating code that is vulnerable to common security threats such as SQL injection, cross-site scripting (XSS) or path traversal attacks. For example, a seemingly harmless AI-generated function could have hidden vulnerabilities, such as allowing unauthorized file access, if not properly vetted​.

The complexity of modern APIs often involves managing authentication, rate limits and sensitive data, all of which need to be handled securely. Relying solely on AI to generate such code without human oversight can open the door to serious security breaches. Therefore, every piece of AI-generated code must be carefully reviewed and tested by human developers.

4. State Management and Memory Constraints

Another challenge with AI-generated SDKs is that LLMs struggle with managing state and context across long interactions. SDK generation often involves multiple steps where memory of the previous state is crucial, such as chaining API calls or tracking authentication states. Without an effective memory mechanism, AI may generate code that does not correctly manage these interactions, resulting in broken workflows​.

Hybrid Approach: Combining AI and Deterministic Code Generation

Given the limitations outlined above, AI is not yet ready to replace traditional SDK generation methods. However, a hybrid approach that combines the strengths of AI and deterministic tools offers a promising solution. While deterministic code generators like APIMatic ensure reliable, repeatable results, AI can enhance flexibility and assist with more dynamic tasks.

  1. Exploring APIs With AI: Before diving into the code, developers need to understand the API’s concepts, limits and potential use cases. AI is well-suited for dynamically answering these types of queries, sifting through documentation and providing high-level insights into how the API functions​. By leveraging AI’s natural language understanding capabilities, developers can quickly get up to speed on complex APIs without needing to manually parse extensive documentation.
  2. Static Code Generation for API Access: Once the conceptual phase is over, deterministic code generation tools should take over. These tools are designed to handle the repeatable, reliable generation of API access code, which includes authentication flows, request handling and endpoint communication. Because this part of the workflow requires consistency and security, traditional methods are still the best fit​.
  3. Custom Business Logic With AI: After the static SDK code is in place, AI can again assist developers in building custom business logic that interacts with the API. Developers can leverage AI to generate boilerplate code, quickly scaffold application logic or explore creative solutions tailored to their specific use case. However, every line of AI-generated code in this phase should be carefully reviewed to avoid potential hallucinations and security flaws.

The Future of AI in SDK Generation

As AI continues to evolve, its role in SDK generation is expected to grow, though certain challenges remain. For now, combining AI with traditional code generation methods offers a balanced approach to boosting developer productivity without sacrificing reliability or security. However, a significant future development is the integration of workflow-oriented specifications, like Arazzo, into API design and consumption.

Arazzo, a workflow specification developed under the OpenAPI Initiative (OAI), allows developers to go beyond basic endpoint descriptions and capture the full sequence of API interactions, including state transitions and dependencies. By combining AI-driven tools with specifications like Arazzo, developers can describe and automate complex API workflows more effectively​.

This specification can greatly benefit AI’s application in SDK generation, by helping manage multistep workflows that require contextual awareness and state management. For instance, APIs involving multiple authentication steps, payment gateways or user-driven workflows can be better represented through Arazzo. This level of abstraction can aid AI tools in better understanding the flow of API calls and generating more accurate, reliable SDK code.

Moreover, Arazzo’s extensibility allows developers to define custom business logic within their workflows, creating a more comprehensive integration between deterministic code generation and AI-powered assistance. This means that while AI continues to handle dynamic query resolution and initial code scaffolding, tools like Arazzo can guide the generation of more complex, stateful API workflows​.

As token limitations expand and AI systems improve their ability to maintain context and memory, future developments could allow AI to handle larger codebases and multistep workflows more efficiently. With enhanced specifications like Arazzo, the accuracy and applicability of AI-generated SDKs will improve, paving the way for a more seamless and reliable development experience.

In summary, the future of AI in SDK generation will likely involve a deeper integration with workflow-driven specifications like Arazzo, enhancing the AI’s capability to handle complex API interactions and stateful operations, while still relying on traditional methods for static code generation and security management​.

Conclusion

AI is becoming an increasingly valuable tool for developers, especially when it comes to exploring APIs and automating repetitive tasks. However, significant challenges remain, particularly in terms of nondeterminism, hallucination, security risks and the inability to handle large codebases.

While AI can enhance the SDK development process, it is not yet ready to replace traditional methods entirely. The most effective approach today is a hybrid model that leverages AI for its dynamic capabilities and traditional code generators for their reliability.

TRENDING STORIES
Group Created with Sketch.
Robert is a systems engineer and open source advocate who loves sharing knowledge. He believes in helping others and is compassionate about giving back to the community. When he’s not geeking with Linux he likes hiking, mountain biking, and exploring...
Read more from Robert Kimani
SHARE THIS STORY
TRENDING STORIES
TRENDING STORIES
TNS DAILY NEWSLETTER Receive a free roundup of the most recent TNS articles in your inbox each day.