API Intelligence Plane

AI-driven API management platform that transforms API operations from reactive firefighting to proactive, autonomous management.

Overview

API Intelligence Plane is an intelligent companion to existing API Gateways, providing:

• 🔍 Autonomous API Discovery - Automatically discover all APIs including shadow APIs
• 🔮 Predictive Health Management - 24-48 hour advance failure predictions
• 🔒 Continuous Security Scanning - Automated vulnerability detection and remediation
• ⚡ Real-time Performance Optimization - AI-driven performance recommendations
• 🎯 Intelligent Rate Limiting - Adaptive rate limiting based on usage patterns
• 💬 Natural Language Interface - Query API intelligence using natural language

Architecture

The API Intelligence Plane is a microservices-based platform with gateway-first architecture, vendor-neutral data models, and vendor-specific gateway adapters, ensuring consistent intelligence capabilities regardless of the underlying API Gateway vendor.

Architecture Highlights

• Gateway-First Design: All features use Gateway as primary scope dimension, API as secondary
• Vendor-Neutral Models: All data stored in vendor-neutral format (API, Metric, TransactionalLog)
• Adapter Pattern: Gateway-specific adapters transform vendor data to vendor-neutral models
• Time-Bucketed Metrics: Metrics stored separately in time-bucketed indices (1m, 5m, 1h, 1d)
• Multi-Gateway Support: Proper isolation and scoping for multi-gateway deployments
• WebMethods-First: Initial implementation focuses on webMethods API Gateway
• Future-Ready: Easy addition of Kong, Apigee, and other gateway vendors

Core Application Architecture

Optional: External AI Agent Integration

MCP servers are optional components for external AI agents (Bob IDE, Claude Desktop):

Note: MCP servers are NOT required for core functionality. They only enable external AI agents to interact with the platform programmatically.

📖 See Architecture Documentation for detailed system design and MCP Architecture for AI agent integration.

Gateway-First Architecture

The platform follows a Gateway-First, API-Secondary architecture:

Gateway (Primary Dimension)
  └── API (Secondary Dimension)
      └── Endpoint (Tertiary Dimension)
          └── Operation (Quaternary Dimension)

Key Principles:

• All data operations start with gateway context
• APIs exist within gateway context (never standalone)
• Multi-gateway deployments have proper isolation
• Cross-gateway views require explicit user selection

📖 See Gateway-Scoped Development Guide for implementation details.

Positioning in API management platform

Quick Start

Prerequisites

• Docker & Docker Compose
• Python 3.11+
• Node.js 18+
• OpenAI API key (or other LLM provider)

Installation

1. Clone the repository

   git clone https://github.com/yourusername/api-intelligence-plane-v2.git
   cd api-intelligence-plane-v2

2. Configure environment

   cp .env.example .env
   # Edit .env and add your LLM API keys

3. Start services with Docker Compose

   docker-compose up -d

   Note: The init-metrics service automatically runs on startup to initialize ILM policies and index templates for time-bucketed metrics storage. This is a one-time setup that ensures proper metrics infrastructure before the backend starts.

4. Initialize OpenSearch indices (if not already done)

   docker-compose exec backend python scripts/init_opensearch.py

5. Access the application

   • Frontend: http://localhost:3000
   • Backend API: http://localhost:8000
   • OpenSearch Dashboards: http://localhost:5601
   • Gateway integrations: configured through backend adapters

Manual Setup (Development)

Backend Setup

cd backend
python -m venv .venv
source .venv/bin/activate  # On Windows: .venv\Scripts\activate
pip install -r requirements.txt
uvicorn app.main:app --reload

Frontend Setup

cd frontend
npm install
npm run dev

Gateway Integration Setup

Gateway connectivity is handled through backend adapters using the Strategy pattern. The WebMethods adapter is fully implemented, with Kong and Apigee adapters planned for future releases.

Project Structure

api-intelligence-plane-v2/
├── backend/              # FastAPI backend service (REQUIRED)
│   ├── app/
│   │   ├── api/         # REST API endpoints
│   │   ├── models/      # Pydantic models
│   │   ├── services/    # Business logic
│   │   ├── agents/      # LangChain/LangGraph agents
│   │   ├── adapters/    # Gateway adapters
│   │   ├── db/          # OpenSearch client
│   │   └── scheduler/   # Background jobs
│   └── tests/           # Integration & E2E tests
├── frontend/            # React.js frontend (REQUIRED)
│   └── src/
│       ├── components/  # React components
│       ├── pages/       # Page components
│       └── services/    # API clients
├── mcp-servers/         # MCP server (OPTIONAL - for AI agents)
│   ├── unified_server.py    # Unified MCP server (all functionality)
│   └── common/              # Shared utilities
├── tests/               # Cross-component tests
├── config/              # Configuration files
├── k8s/                 # Kubernetes manifests
└── docs/                # Documentation

Core Components (Required):

• Backend: FastAPI service with business logic and vendor-neutral gateway normalization
• Frontend: React SPA for user interface
• Gateway Integrations: External gateway connectivity through adapters
• OpenSearch: Data storage and search

Optional Components:

• MCP Servers: For external AI agent integration (Bob IDE, Claude Desktop)

Features

1. API Discovery & Monitoring (P1)

• Automatic discovery of all APIs including shadow APIs
• Real-time health monitoring
• Traffic analysis and metrics collection

2. Predictive Health Management (P1)

• 24-48 hour advance failure predictions
• Contributing factors analysis
• Recommended preventive actions
• 🤖 AI-Enhanced: LLM-powered trend analysis and detailed explanations

3. Security Scanning & Remediation (P2)

• Continuous vulnerability scanning
• Automated remediation for common issues
• Security posture tracking

4. Performance Optimization (P2)

• Real-time optimization recommendations
• Estimated impact analysis
• Implementation tracking
• 🤖 AI-Enhanced: LLM-generated insights and prioritization guidance

5. Intelligent Rate Limiting (P3)

• Adaptive rate limiting
• Priority-based policies
• Consumer tier management

6. Natural Language Interface (P3)

• Query API intelligence using natural language
• Contextual responses
• Conversation history

🆕 AI-Enhanced Analysis

The platform includes optional AI-powered features that enhance predictions and recommendations:

• Smart Predictions: LLM analyzes metrics trends to provide detailed explanations of why failures are predicted
• Intelligent Recommendations: AI-generated optimization insights with implementation guidance and prioritization
• Natural Language Explanations: Human-readable interpretations of technical predictions
• Graceful Fallback: Automatically falls back to rule-based analysis if LLM is unavailable

Setup: See AI Setup Guide for configuration instructions.

API Endpoints:

• POST /api/v1/predictions/ai-enhanced - Generate AI-enhanced predictions
• GET /api/v1/predictions/{id}/explanation - Get AI explanation for prediction
• POST /api/v1/optimization/ai-enhanced - Generate AI-enhanced recommendations
• GET /api/v1/optimization/{id}/insights - Get AI insights for recommendation
• Add ?use_ai=true to existing endpoints for AI-enhanced generation

Technology Stack

• Backend: Python 3.11+, FastAPI, LangChain, LangGraph, LiteLLM
• Frontend: React 18, TypeScript, Vite, TanStack Query, Recharts, Tailwind CSS
• Gateway Integration: Vendor-neutral models with adapter pattern
  • Implemented: WebMethodsGatewayAdapter
  • Planned: KongGatewayAdapter, ApigeeGatewayAdapter
• Data Architecture:
  • Vendor-neutral models: API, Metric, TransactionalLog
  • Time-bucketed metrics: 1m, 5m, 1h, 1d indices
  • Separated intelligence: intelligence_metadata wrapper
  • Vendor-specific fields: vendor_metadata dict
• MCP: FastMCP with Streamable HTTP transport (optional)
• Database: OpenSearch 2.11+
• AI/ML: LangChain for agent orchestration, LiteLLM for multi-provider support
• Testing: pytest, Jest, JUnit

Development

Generating Mock Data

For testing and demonstration purposes, you can generate realistic mock data:

# Generate mock APIs, gateways, and metrics
cd backend
python3 scripts/generate_mock_data.py

# Generate security vulnerabilities (50 by default)
python3 scripts/generate_mock_security_data.py --count 50 --summary

# Generate predictions
python3 scripts/generate_mock_predictions.py

# Generate optimization recommendations
python3 scripts/generate_mock_optimizations.py

# Generate rate limit policies
python3 scripts/generate_mock_rate_limits.py

See backend/scripts/README_SECURITY_MOCK_DATA.md for detailed security mock data documentation.

Running Tests

# Backend tests
cd backend
pytest

# Frontend tests
cd frontend
npm test

# Integration tests
cd tests
pytest integration/

# E2E tests
pytest e2e/

Code Quality

# Backend linting
cd backend
black .
isort .
flake8 .
mypy .

# Frontend linting
cd frontend
npm run lint
npm run format

Configuration

Key configuration options in .env:

• OPENSEARCH_HOST - OpenSearch connection
• LLM_PROVIDER - Primary LLM provider (openai, anthropic, azure, etc.)
• LLM_API_KEY - LLM API key
• DISCOVERY_INTERVAL - API discovery frequency (minutes)
• METRICS_INTERVAL - Metrics collection frequency (minutes)
• SECURITY_SCAN_INTERVAL - Security scan frequency (minutes)

See .env.example for all configuration options.

Documentation

Core Documentation

• Architecture Documentation - Vendor-neutral architecture, adapter pattern, and time-bucketed metrics
• Gateway-Scoped Development Guide - NEW: Complete guide for gateway-first development
• API Reference - Complete REST API documentation with vendor-neutral structures
• Fresh Installation Guide - Step-by-step installation for new deployments
• Deployment Guide - Local, Docker, and Kubernetes deployment instructions

Additional Guides

• AI Setup Guide - Configure AI-enhanced features with LLM providers
• MCP Architecture - MCP server architecture for external AI agents (optional)
• MCP Usage Guide - Using MCP servers with Bob IDE and Claude Desktop (optional)
• TLS Deployment - Secure deployment with TLS/SSL
• OpenSearch Encryption - Data encryption configuration
• Query Service - Natural language query interface details

Roadmap

Completed ✅

• Phase 1: Setup & Infrastructure
• Phase 2: Foundational Components (OpenSearch, Backend Core, Models, Adapters)
• Phase 3: User Story 1 - Discovery & Monitoring
• Phase 4: User Story 2 - Predictive Health Management
• Phase 5: User Story 3 - Security Scanning & Remediation
• Phase 6: User Story 4 - Performance Optimization
• Phase 7: User Story 5 - Intelligent Rate Limiting
• Phase 8: User Story 6 - Natural Language Interface
• Phase 9: Polish & Cross-Cutting Concerns
• Phase 10: AI-Enhanced Analysis (LLM Integration)
• Phase 11: Query Service Agent Integration

In Progress 🚧

• Phase 12: Production Hardening
  • Authentication & Authorization
  • Advanced monitoring and alerting
  • Performance optimization
  • Load testing and benchmarking

Planned 📋

• Multi-Gateway Support: Kong, Apigee, AWS API Gateway
• Advanced Analytics: ML model training, anomaly detection
• Multi-Tenancy: Tenant isolation and resource quotas
• Cost Optimization: Cloud cost analysis and recommendations

Contributing

We welcome contributions from the community! Whether you're fixing bugs, adding features, improving documentation, or helping with testing, your contributions are valuable.

How to Contribute

1. Read the Guidelines: Check our Contributing Guidelines
2. Find an Issue: Look for issues labeled good-first-issue or help-wanted
3. Fork & Clone: Fork the repository and clone it locally
4. Create a Branch: Create a feature branch for your changes
5. Make Changes: Implement your changes following our coding standards
6. Test: Run tests and ensure they pass
7. Submit PR: Create a pull request with a clear description

Development Setup

# Clone the repository
git clone https://github.com/yourusername/api-intelligence-plane-v2.git
cd api-intelligence-plane-v2

# Start development environment
docker-compose up -d

# Initialize database
docker-compose exec backend python scripts/init_opensearch.py

Code Quality

We maintain high code quality standards:

• Python: Black, isort, flake8, mypy
• TypeScript: ESLint, Prettier
• Java: Google Java Style Guide
• Tests: Integration and E2E tests required

For detailed guidelines, see Contributing Guidelines.

Performance & Scale

Current Capabilities

• APIs Supported: 1000+ APIs tested
• Query Latency: ~3 seconds average
• Discovery Cycle: ~3 minutes
• Security Scan: ~45 minutes
• Data Retention: 90 days configured
• Concurrent Requests: Designed for millions/minute

Scalability

The platform is designed for horizontal scaling:

• Stateless Services: Backend and frontend scale independently
• Distributed Storage: OpenSearch cluster for data distribution
• Load Balancing: Support for multiple backend replicas
• Caching: Redis integration for improved performance

Security & Compliance

Security Features

• Encryption in Transit: TLS 1.3 for all communications
• Encryption at Rest: OpenSearch data encryption
• FedRAMP 140-3: NIST-approved cryptographic algorithms
• Audit Logging: Comprehensive operation logging
• No Hardcoded Secrets: Environment-based configuration

Compliance

• FedRAMP 140-3: Compliant cryptography and encryption
• Security Scanning: Continuous vulnerability detection
• Automated Remediation: Common security issues auto-fixed

Note: Authentication and authorization are planned for production deployment.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Support & Community

Get Help

• 📧 Email: support@api-intelligence-plane.com
• 💬 Discord: Join our community
• 🐛 Issues: GitHub Issues
• 💡 Discussions: GitHub Discussions

Reporting Issues

When reporting issues, please include:

1. Description: Clear description of the problem
2. Steps to Reproduce: Detailed steps to reproduce the issue
3. Expected Behavior: What you expected to happen
4. Actual Behavior: What actually happened
5. Environment: OS, Docker version, browser, etc.
6. Logs: Relevant log output
7. Screenshots: If applicable

Feature Requests

We welcome feature requests! Please:

1. Check existing issues first
2. Describe the use case
3. Explain the expected benefit
4. Provide examples if possible

Acknowledgments

Technologies

• Backend Framework: FastAPI - Modern Python web framework
• AI/ML: LangChain & LangGraph - AI agent orchestration
• LLM Integration: LiteLLM - Multi-provider LLM support
• Frontend: React & Vite - Modern web development
• UI Components: Tailwind CSS - Utility-first CSS framework
• Data Visualization: Recharts - React charting library
• Data Storage: OpenSearch - Search and analytics engine
• MCP Protocol: FastMCP - Model Context Protocol implementation (optional)

Contributors

Thank you to all contributors who have helped build this project! 🙏

See Contributors for the full list.

Inspiration

This project was inspired by the need for proactive, AI-driven API management that transforms operations from reactive firefighting to autonomous, intelligent operations.

---

Status: ✅ Production Ready | Version: 1.0.0 | Last Updated: 2026-03-12

Built with ❤️ by the API Intelligence Plane Team