APIs (Tool Usage)

Most of an agent's tools are APIs — the endpoints that connect it to the outside world. Through APIs, an agent can fetch live data (weather, search, prices) and take real actions (send, book, update). Function calling decides which API to call; the API is what actually reaches the external service.

💡 In one line: APIs are the endpoints agents call — via function calling — to fetch live data and take actions on external services.

What Are APIs Here?

APIs (Application Programming Interfaces) are endpoints you call to request data or trigger actions from an external service. For an agent, APIs are the tools that connect it to the real world — the vast majority of agent tools are just wrapped APIs.

Why APIs Matter for Agents

APIs give agents live, real-time data and the ability to act on real systems. Without them, an agent is limited to its training knowledge — with them, it can check today's weather, query your database, or send a message.

How Agents Use APIs

The model chooses an API tool; your code makes the actual request. 

Whiteboard
Whiteboard diagram


API Basics for Tool Use

  • Endpoint + HTTP method (GET to read, POST to act).
  • Parameters (query, body).
  • Authentication — an API key or OAuth token.
  • Request/response — usually JSON.
  • Rate limits and errors.

Wrapping an API as a Tool

To make an API usable by an agent, map its parameters to a function schema, handle the auth, and parse the response into something clean. This wrapper is exactly what function calling invokes.

Authentication & Security

Keep secrets server-side — the agent (and the model) should not hold raw credentials. Use scoped keys/tokens and least privilege, so a compromised tool can do limited damage.

Error Handling & Rate Limits

APIs fail, time out, and rate-limit. Handle it gracefully: retry with back-off, and return a clear error to the model so it can adjust rather than hallucinate a result.

REST, GraphQL, and MCP

  • REST is the most common style; GraphQL is also used.
  • MCP (Model Context Protocol) is a standard for exposing APIs and data to agents in a uniform way — fewer bespoke integrations.

Trim the Response

Don't dump a huge JSON blob into the context. Parse and trim to the fields that matter — it saves tokens and keeps the model focused on the relevant data.

Best Practices

  • Write clear tool descriptions and validate inputs.
  • Secure auth (server-side, scoped, least privilege).
  • Handle errors and rate limits gracefully.
  • Parse and trim responses before returning them.

Summary

  • APIs are the endpoints agents call to fetch data and take actions.
  • Agents use them via function calling: the model chooses, your code makes the request.
  • Mind auth, rate limits, errors, and response size.
  • REST dominates; MCP standardises exposing APIs to agents.
  • Trim responses and keep credentials server-side with least privilege.Â