In a recent MCP Week discussion, John McBride, staff software engineer at Zuplo, shared insights from his talk "Agents Are Coming For Your APIs." His message is clear: the future remains fundamentally API-driven, even as AI agents reshape how we interact with digital services.
The article highlights some of the key takeaways from that discussion around how APIs and agents are going to interact and how engineers can prepare themselves and their APIs.
If you'd prefer to watch Martyn & John's conversation, you can in the video below!
The Loop That Never Sleeps
At their core, AI agents operate through a continuous validation loop. Unlike the "one-shot" interactions we saw in early ChatGPT implementations, modern agents persist until they achieve their goals. They consume JSON schemas, make API calls, validate responses, handle errors, and iterate continuously.
This persistence creates both opportunities and challenges. Agents will autonomously decide to use your APIs, and if your service fails them, they'll simply move on to a competitor that has prepared for this agentic future.
Why Blocking Isn't the Answer
The temptation to block agent traffic mirrors past reactions to web scrapers, but this approach misses the bigger picture. Agents are already finding ways to use platforms through suboptimal channels like browser automation tools that click through user interfaces never designed for programmatic access.
Rather than playing defense, successful companies will embrace governance and policy frameworks that enable controlled agent access. This isn't just about preventing problems; it's about capturing opportunities in an increasingly automated world.
Consider these examples:
-
Rate limiting policies that recognize agent behavior patterns and provide appropriate cooling-off periods instead of blanket blocks
-
Clear error handling that helps agents understand problems and correct course rather than endlessly retrying failed requests
-
Batch processing endpoints that enable agents to submit multiple operations efficiently rather than making hundreds of individual calls
Your API Response Is Your Dialogue
When agents interact with your API, your responses become the only communication channel available. This makes traditional API design principles more critical than ever: