惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
GbyAI
GbyAI
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 三生石上(FineUI控件)
美团技术团队
Last Week in AI
Last Week in AI
WordPress大学
WordPress大学
L
LangChain Blog
雷峰网
雷峰网
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
博客园 - 叶小钗
Engineering at Meta
Engineering at Meta
腾讯CDC
Recent Announcements
Recent Announcements
The Register - Security
The Register - Security
有赞技术团队
有赞技术团队
Blog — PlanetScale
Blog — PlanetScale
博客园 - Franky
博客园 - 司徒正美
The Cloudflare Blog
Google DeepMind News
Google DeepMind News
T
Tailwind CSS Blog
C
Check Point Blog
小众软件
小众软件
V
Visual Studio Blog
V
V2EX
F
Full Disclosure
J
Java Code Geeks
MongoDB | Blog
MongoDB | Blog
罗磊的独立博客
人人都是产品经理
人人都是产品经理
量子位
Apple Machine Learning Research
Apple Machine Learning Research
F
Fortinet All Blogs
Microsoft Security Blog
Microsoft Security Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
博客园 - 【当耐特】
博客园_首页
Y
Y Combinator Blog
N
Netflix TechBlog - Medium
酷 壳 – CoolShell
酷 壳 – CoolShell
Stack Overflow Blog
Stack Overflow Blog
Recorded Future
Recorded Future
G
Google Developers Blog
Vercel News
Vercel News
大猫的无限游戏
大猫的无限游戏
Microsoft Azure Blog
Microsoft Azure Blog
U
Unit 42
爱范儿
爱范儿
Jina AI
Jina AI

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
LLM-Native APIs: How the Runtime behind REST Changed Fundamentally in 2026
Pushkar Gulk · 2026-04-24 · via DEV Community

Introduction

For over a decade, the runtime behind a REST endpoint made a set of assumptions that were safe to make. A request maps to a single, predictable operation. The response shape is known before execution begins. Each request is self-contained — no memory of what came before (stateless). Business logic is deterministic: same input, same output, every time

These assumptions held because they matched the workload. CRUD operations, relational queries, rule-based decisions — all of these are stateless, deterministic, and fast. REST was designed around them and served them well. But non-determinism is not new to backend systems. Recommender systems have been probabilistic for 15+ years long before LLMs existed. None of this is novel territory.

What is new is the general-purpose reasoning black box sitting behind your endpoint — a system that interprets intent, invokes tools dynamically, and produces outputs. The current challenge is variable latency, variable cost, unbounded tool use, and stateful multi-step execution — all behind an endpoint that looks exactly like a REST API to the client.

Traditional REST APIs before the LLM Era:

  • REST endpoints – Predefined endpoints responsible for specific operations like fetching, saving, and updating data
  • Deterministic behavior – The outcome, format, and response structure were known in advance
  • Strict schemas – Systems relied on predefined schemas and models
  • Stateless interactions – Each request was self-contained and independent
  • Rule-based business – Logic has long been the backbone of backend systems, translating requirements into deterministic "if–then" decisions.

"LLM workloads don't break REST. They break the runtime assumptions your backend was built on."

Coming to 2026 – LLM Era:

Applications are no longer asking for predictable responses. When a user asks:

"Analyse these 4 PDFs, compare insights, and tell me the risks."

The execution path is decided at runtime by a reasoning engine. The operation takes 20–30 seconds and may invoke a dozen tools along the way. The result is non-deterministic: run it twice, get two different outputs.

This isn't REST evolving. The protocol is the same. What's changed is the runtime behind the endpoint — and that runtime now needs to handle things that traditional backends were never designed for:

  • Reasoning engines that interpret intent rather than match routes
  • Stateful workflows that span multiple steps, tools, and model calls
  • Non-deterministic outputs that can't be regression-tested the same way
  • Agent coordinators – Orchestrate multiple specialized agents to complete complex tasks
  • Memory that persists context across requests and sessions

The shift is not about adopting new protocols. It's about recognising that the contract your endpoint exposes stays simple — while the system behind it becomes fundamentally more complex. This article breaks down what that runtime looks like, what it costs, and where it fails.

What Traditional REST Assumed

Assumption Reality with LLM Workloads
Fixed response schema Generative, variable output
Stateless per request Multi-step, session-aware execution
Deterministic logic Probabilistic reasoning engine
Millisecond latency 10–30s per complex request
Rule-based routing Intent-driven dynamic task planning
Predictable cost Variable — $0.01 to $1.00+ per request

The 3-Layer Architecture of LLM-Native APIs

1. The Orchestration Layer

(Reasoning + Tools + Workflow)

The orchestration layer in LLM-based REST APIs acts as the central control plane that transforms high-level user intent into coordinated, executable workflows. Unlike traditional backends, where requests map directly to a single service or endpoint, the orchestration layer:

  • Extracts intent — interprets what the user wants, not just what they typed
  • Plans execution — builds a task graph dynamically based on context
  • Routes and coordinates — dispatches to retrieval systems, tools, and external services
  • Manages state — maintains context across steps, handles retry, and feeds intermediate outputs into subsequent stages

This is what separates an LLM-native backend from simply wrapping a model call in a FastAPI route.

Scenario Stack When to pick it
Simple agent, workflows < 30s FastAPI + LangGraph + pgvector + Celery Early stage, Postgres already in use, < 1M vectors
Long-running durable workflows > 5 min FastAPI + Temporal + Pinecone + LangGraph Workflows must survive crashes; partial state has value
Cost-sensitive, high Postgres investment FastAPI + pgvector + Pydantic-AI + Inngest Avoiding infra sprawl; < 5M vectors; moderate QPS
Maximum control, latency-critical FastAPI + raw asyncio + Qdrant + custom retry P95 < 100ms target; team willing to own retry/backoff logic

The MCP (Model Context Protocol) Tools:

Advanced API capabilities are exposed as MCP tools, which are created and invoked to get the required data from external tools/data sources like:

  • Databases, Data warehouses, Vector databases
  • File storage and document systems
  • Monitoring and analytics tools
  • Internal microservices

MCP introduces a schema-driven interface where tools are discoverable and callable by the model. MCP enables a declarative approach where tools are exposed as first-class, machine-readable entities, allowing LLMs to reason about when and how to use them.

In traditional API architectures, orchestration logic resides entirely within backend services, with developers explicitly defining control flow and integrations. MCP fundamentally changes this paradigm by elevating the LLM into an active participant in system execution and decision-making. MCP introduces layer of governance and safety in LLM-driven systems. Enforcing schemas, input validation, and access controls at the tool level ensures that model actions remain predictable and auditable.

2. The Memory Layer

(Short-Term + Long-Term + Semantic Memory)

Memory solves one problem: context doesn't survive across steps or sessions by default. Without it, every request starts blind — no knowledge of prior interactions, no intermediate state, no retrieved domain knowledge. Though not everything worth computing is worth storing. Storing too much degrades retrieval quality. The more noise in your vector store, the more confidently wrong results you get back.

What should we store?

  • Document embeddings + chunk metadata
  • Final summarised outputs
  • Session context (within TTL)
  • User-level preferences

Memory Types and Their Limits

Short-term memory — Session-level context held in-memory or fast cache (Redis).

  • Expires with the session
  • Safe to use freely; cost is low and staleness isn't a risk

Long-term memory — Vector-based semantic storage (pgvector, Pinecone, LanceDB).

  • Survives across sessions; powers RAG retrieval
  • Risk: Gets stale. A document embedded 6 months ago may no longer reflect current reality. Without TTL policies, old context poisons new queries

Workflow memory — Intermediate execution state across steps.

  • Enables resumption after failure or cancellation
  • Risk: Partial state from a failed run can corrupt a retry if not versioned or cleared correctly

Where Memory Fails

Vector stores are lossy.

  • Embedding-based retrieval doesn't return the correct chunk — it returns the most similar chunk. On ambiguous or underspecified queries, that's often the wrong one. The model then reasons confidently on bad input. The output looks plausible. It isn't.

Embeddings drift across model versions.

  • If you upgrade your embedding model, every stored vector becomes semantically misaligned with new queries. Searches degrade silently — no errors, just worse results.
  • Always version-stamp embeddings and plan for periodic re-indexing when upgrading models to avoid these issues.

Stale memory hurts reasoning.

  • A chunk retrieved from a session 3 months ago may contradict the current document set. Without TTL policies per memory type, the system treats outdated context as ground truth. Define explicit expiry for each memory tier.

Retrieval confidence is not retrieval accuracy.

  • The model has no way to know that a retrieved chunk is wrong — it treats retrieved content as authoritative. There is no built-in scepticism. This means garbage in, confident garbage out. Never treat retrieved chunks as ground truth — surface retrieval confidence in traces.

3. The Interaction Layer

(API Gateway + Protocols)

The interaction layer in LLM-based REST APIs serves as the primary touchpoint between clients and the underlying intelligence of the system, translating human intent into structured requests and delivering responses in a consumable form.

Unlike traditional APIs that expose rigid, operation-specific endpoints, the interaction layer is designed around intent-driven communication, where a single endpoint can handle a wide range of tasks expressed in natural language. It is responsible for:

  • Request validation
  • Authentication
  • Context injection
  • Input transformation (e.g., Pydantic schemas)

On the response side, it standardizes outputs—whether textual insights, structured data, or progressive updates (streams of data).

Here are the examples of

  • Chat-style endpoints
    • /chat – conversational
    • /agent – tool-driven workflow executor
    • /reason – produce structured reasoning
  • Function-calling endpoints
    • /function-call – structured tool calls

In certain cases, the interaction layer can leverage Server-Sent Events (SSE) to provide a streaming interface for real-time feedback. For long running or multi-step tasks, SSE enables the server to push incremental updates, such as:

  • Processing status
  • Partial summaries
  • Evolving insights—directly to the client over a single HTTP connection.

This significantly improves user experience by reducing latency and increasing transparency into system behavior.

  • Streaming responses
    • /stream – stream tokens

However, SSE is used strictly as a delivery mechanism within the interaction layer and does not replace the underlying asynchronous execution systems. It allows LLM-based APIs to feel responsive and interactive while still relying on robust orchestration and processing layers behind the scenes.

End-to-End LLM Request Lifecycle

User asks: "Analyse these 4 PDFs, compare insights, and tell me the risks."

Step 1 — Request Ingestion *(Interaction Layer)*

  • Validate input schema, auth, document URLs
  • Fail fast: Return 422 before any LLM call if validation fails — saves cost

Step 2 — Interaction Mode Setup *(Interaction Layer)*

  • Decide: sync response or SSE streaming
  • Issue a job ID immediately — acts as resumption token if SSE connection drops

Step 3 — Intent Parsing & Task Decomposition *(Orchestration Layer)*

  • LLM breaks prompt into task graph: Ingest → Extract → Summarize → Compare → Risk
  • Guard: If parsed plan looks incomplete or ambiguous, surface a clarification prompt — don't proceed into an expensive workflow on a flawed plan

Step 4 — Document Ingestion *(Memory Layer)*

Scenario Recovery
Scanned PDF (no text layer) Trigger OCR fallback
Password-protected Flag, skip, notify user
Corrupted / unreachable Retry × 3 with backoff, then skip

Rule: One bad document should never abort the entire workflow. Continue with remaining documents.

Step 5 — Text Extraction & Chunking *(Memory Layer)*

  • Extract text; split into chunks
  • Filter low-confidence OCR output — don't embed junk
  • Chunk size must be calibrated against model context window limits

Step 6 — Embedding & Vector Storage *(Memory Layer)*

  • Convert chunks → embeddings → vector DB
  • Rate limits: Retry with exponential backoff, not hard failure
  • Version drift: Embeddings are model-version specific — version-stamp everything; plan for re-indexing on model upgrades

Step 7 — Parallel Document Processing *(Orchestration Layer)*

  • Summaries all 4 documents concurrently
  • Partial failure: If 3 of 4 succeed, proceed — don't abort for one timeout
  • Set per-document timeouts, not a single global one

Step 8 — Cross-Document Reasoning *(Orchestration Layer)*

  • Compare summaries; identify overlaps, conflicts; generate risks
  • Context overflow: Combined summaries may exceed context window — use map-reduce (reason over pairs, then synthesize). Never silently truncate
  • Reasoning loops: Cap tool invocations (e.g. max 20 steps) with a hard circuit breaker

Step 9 — Response Aggregation *(Orchestration Layer)*

  • Combine insights + comparisons + risks
  • Partial failure: If one component (e.g. risk analysis) fails, return what succeeded with clear metadata — never return a generic error

Step 10 — Cancellation & Timeout Handling *(Orchestration + Interaction Layers)*

  • Propagate cancellation signal down to async tasks when user aborts
  • Persist any intermediate results produced so far
  • Without this: backend keeps running, burning LLM credits, after the user has left

Step 11 — Response Delivery *(Interaction Layer)*

  • Stream via SSE or return full response
  • Run basic schema validation on LLM output before delivery — especially if downstream systems consume it programmatically

Step 12 — Memory Persistence *(Memory Layer)*

  • Store embeddings, summaries, final output
  • Set TTL policies — stale memory retrieved months later can hurt reasoning
  • Check memory before re-running on retry — enables idempotency

Failure Surface Summary

Step Failure Mode Recovery
Request Ingestion Bad schema / unreachable URL 422 before LLM call
Interaction Setup SSE drops Resumption via job ID
Intent Parsing Hallucinated / incomplete plan Confidence gate → clarify
Document Ingestion Scanned / corrupt / protected Per-doc fallback; partial proceed
Extraction OCR noise / garbled text Quality filter; tag low confidence
Embedding Rate limit / model drift Backoff retries; version-stamp
Parallel Processing Partial LLM timeout Min success threshold
Reasoning Context overflow / loops Map-reduce; step budget cap
Aggregation Component failure Partial result with metadata
Cancellation Mid-workflow abort Propagate signal; persist partial state
Delivery Malformed output Pre-delivery schema check
Persistence Stale context / duplicate run TTL policy; idempotency check

Design principle: Partial success with honest metadata beats a hard failure every time. Build for the broken path — the happy path takes care of itself.

Final Thoughts

With LLMs in the picture, APIs are no longer just interfaces—they're becoming part of systems that can interpret intent, reason through tasks, and coordinate execution dynamically.

At its core, this article highlights a shift in how we design backends:

  • From deterministic endpoints → intent-driven systems
  • From static workflows → dynamic orchestration
  • From stateless APIs → memory-aware architectures
  • From hardcoded logic → model-assisted decision making

"REST isn't evolving. The runtime behind your endpoint is being replaced"

Most will feel this shift not as a clean architectural migration, but as accumulated pressure: timeouts that don't make sense, costs that don't map to load, failures that don't reproduce.

The harder question is: does your current backend infrastructure support what you're asking it to do? Not the endpoint. Not the framework. The runtime — the orchestration, the memory, the failure recovery, the cost model.

If the answer is uncertain, that uncertainty is the signal. Start there!!!