The difference between a coding assistant and an agentic IDE is not just a matter of capability — it’s architectural. A coding assistant responds to prompts. An agentic system operates in a closed loop: it reads the current state of the codebase, plans a sequence of changes, executes them, and verifies the result before reporting completion. That loop is what makes the tooling genuinely useful for non-trivial work.

Agentic CLIs

Most of the conversation around agentic AI focuses on graphical IDEs, but the CLI tools are worth understanding separately. They integrate more naturally into existing scripts and automation pipelines, and in some cases offer capabilities the GUI tools don’t.

The main options currently available:

Claude Code (Anthropic) works with the Claude Sonnet and Opus model families. It handles multi-file reasoning well and tends to produce more explanation alongside its changes, which is useful when the reasoning behind a decision matters as much as the decision itself.

OpenAI Codex CLI is more predictable for tasks requiring strict adherence to a specification — business logic, security-sensitive code, anything where creative interpretation is a liability rather than an asset.

Gemini CLI is notable mainly for its context window, which reaches 1–2 million tokens depending on the model. Large enough to load a substantial codebase without chunking, which changes what kinds of questions are practical to ask.

OpenCode is open-source and accepts third-party API keys, including mixing providers. Relevant for environments with restrictions on approved vendors.

Configuration and Permission Levels

Configuration is stored in hidden directories under the user home folder — ~/.claude/ for Claude Code, ~/.codex/ for Codex. Claude uses JSON; Codex uses TOML. The parameter that actually matters day-to-day is the permission level.

By default, most tools ask for confirmation before destructive operations: file deletion, script execution, anything irreversible. There’s also typically a mode where the agent executes without asking. It’s faster, and it will occasionally remove something that shouldn’t have been removed. The appropriate context for that mode is throwaway branches and isolated environments where the cost of a mistake is low.

Structuring a Development Session

Jumping straight to code generation tends to produce output that looks correct but requires significant rework. The agent didn’t have enough context to make the right decisions, so it made assumptions — and those assumptions have to be found and corrected manually.

Plan Mode

Before any code is written, the agent should decompose the task and surface ambiguities. This is sometimes called Plan Mode or Chain of Thought mode. The output is a list of verifiable subtasks and a set of clarifying questions, typically around:

• Tech stack and framework choices
• Persistence strategy (local storage, SQL, vector database)
• Scope boundaries — what’s in and what’s explicitly out

It feels like overhead. The time is recovered during implementation because the agent isn’t making assumptions that have to be corrected later.

Repository Setup via GitHub CLI

The GitHub CLI (gh) integrates cleanly with agentic workflows. Repository initialization, .gitignore configuration, and GitHub issue creation with acceptance criteria and implementation checklists can all be handled by the agent. Having the backlog populated automatically keeps work visible without manual overhead.

Context Management

The context window is finite. How it’s used determines whether the agent stays coherent across a long session or starts producing inconsistent output. Three mechanisms matter here: rules, skills, and MCP.

Rule Hierarchy

Rules operate at three levels:

User-level rules are global preferences that apply across all projects — language requirements, style constraints, operator restrictions. Set once.

Project rules (.cursorrules or AGENTS.md) are repository-specific: naming conventions, architectural patterns, which shared components to reuse before creating new ones. In a team context, this file deserves the same review process as any other documentation. It tends to get neglected and then blamed when the agent produces inconsistent output.

Conditional rules activate only for specific file patterns. Testing rules that only load when editing .test.ts files, for example. This keeps the context lean when those rules aren’t relevant to the current task.

Skills

Skills are reusable logic packages that the agent loads on demand. Each skill lives in .cursor/skills/ and consists of a skill.md file with frontmatter metadata, plus any executable scripts it needs (Python, Bash, or JavaScript). The agent discovers them semantically or they can be invoked explicitly.

The practical value is context efficiency — instead of re-explaining a pattern every session, the skill carries it and only loads when the task requires it.

Model Context Protocol (MCP)

MCP is the standard for giving agents access to external systems. An MCP server exposes Tools (functions the agent can call) and Resources (data it can query). Configuration is added to the IDE’s config file, after which the agent can interact with connected systems directly.

Common integrations: Slack for notifications, Sentry for querying recent errors related to code being modified, Chrome DevTools for visual validation. The Figma MCP integration is particularly useful — design context can be pulled directly without manual translation of specs into implementation requirements.

Validation

A task isn’t complete until there’s evidence it works. The validation sequence should cover four things:

Compilation and static analysis. The build runs, linters pass. Errors get fixed before the agent reports done.

Test suite. Unit and integration tests for the affected logic must pass. Existing tests must stay green. This sounds obvious and is frequently skipped.

Runtime verification. The agent launches the application in a background process and monitors console output. Runtime errors that don’t surface in tests are common enough that skipping this step is a real risk.

Visual validation. With a browser MCP server, the agent can take a screenshot and compare it against design requirements. Layout and styling issues won’t be caught by any automated test.

Security Configuration

Two files, different purposes, frequently confused:

.cursorignore is a hard block. The agent cannot read files listed here. Use it for .env files, credentials, secrets — anything that shouldn’t leave the local environment. This is the primary security layer.

.cursorindexingignore excludes files from semantic indexing but still allows the agent to read them if explicitly requested. The appropriate use is performance optimization: node_modules, build outputs, generated files that would pollute the index without adding useful signal.

For corporate environments, Privacy Mode should be explicitly verified as enabled rather than assumed. This prevents source code from being stored by the provider or used for model training. Most enterprise tiers include it; the default state varies by tool and version.

Hooks

Hooks are event-driven triggers that run custom scripts at specific points in the agent’s lifecycle. Not necessary for small projects, but worth the setup as the codebase grows.

beforeSubmitPrompt runs before a prompt is sent. Useful for injecting dynamic context — current branch name, recent error logs — or for auditing what’s about to be sent.

afterFileEdit fires immediately after the agent modifies a file. The natural use is triggering auto-formatting or running the test suite, catching regressions as they’re introduced.

pre-compact fires when the context window is about to be trimmed. Allows prioritization of what information should be retained. Relevant for long sessions where important context has accumulated, and the default trimming behavior would discard it.

Parallel Development with Git Worktrees

Sequential work on a single branch is a bottleneck when multiple tasks are running in parallel. Git worktrees allow different branches to exist as separate working directories simultaneously:

git worktree add ../wt-feature-name -b feature/branch-name

Each worktree should have its own .env with unique local ports (PORT=3001, PORT=3002) to prevent dev server collisions. The agent can handle rebases and straightforward merge conflicts autonomously. Complex conflicts still require human judgment — the agent will flag them rather than guess.

The model itself is less of a determining factor than it might seem. Rule configuration, context management, and validation coverage drive the actual quality of the output. A well-configured environment with a mid-tier model will consistently outperform a poorly configured one with a better model. The engineering work shifts toward writing the constraints and verification steps that govern how code gets produced, which is a different skill than writing the code directly, but the productivity difference once it’s in place is significant.

1. Technical Foundations: From Prediction to Instruction

2. The Two Pillars of Effective Prompting

Kube Lens — The Visual IDE for Kubernetes

Kube Lens is a desktop Kubernetes IDE that gives you a single, visual control plane for clusters, resources, logs and metrics—so you spend less time wrestling with kubectl output and more time solving real problems. In this post I’ll walk through installing Lens, adding clusters, and the everyday workflows I actually use, the features that speed up debugging, and practical tips to get teams onboarded safely.

Prerequisites

A valid kubeconfig (~/.kube/config) with the cluster contexts you need (or point Lens at alternate kubeconfig files).

What is Lens (Lens IDE / Kube Lens)

Lens is a cross-platform desktop application that connects to one or many Kubernetes clusters and presents a curated, interactive UI for exploring workloads, nodes, pods, services, and configuration. Think of it as your cluster’s cockpit—visual, searchable, and stateful—without losing the ability to run kubectl commands when you need them.

Kube Lens features

Kube Lens shines by packaging common operational tasks into intuitive views:

• Multi-cluster visibility and quick context switching so you can compare clusters without copying kubeconfigs.
• Live metrics and health signals (CPU, memory, pod counts, events) visible on a cluster overview for fast triage.
• Built-in terminal scoped to the selected cluster/context so CLI power is always one click away.
• Log viewing, searching, tailing, and exporting right next to pod details — no more bouncing between tools.
• Port-forwarding and local access to cluster services for debugging apps in-situ.
• Helm integration for discovering, installing, and managing releases from the UI.
• CRD inspection and custom resource management so operators working with controllers and operators aren’t blind to their resources.
• Team and governance features (SSO, RBAC-aware views, CVE reporting) for secure enterprise use.

Install Lens (short how-to)

Kube Lens runs on macOS, Windows, and Linux. Download the installer from the Lens site,

After installing it, launch Lens and complete the initial setup, and create/sign in with a Lens ID (for syncing and team features)

Add your cluster(s)

• Lens automatically scans default kubeconfig locations (~/.kube/config).
• To add a cluster manually: go to the Catalog or Clusters view → Add Cluster → paste kubeconfig or point to a file.
• You can rename clusters and tag them (e.g., dev, staging, prod) for easier filtering.

Main UI walkthrough

• Overview shows your cluster health assessment. This is where you get visibility into node status, resource utilization, and workload distribution

• Nodes show you data about your cluster nodes

• Workloads will let you explore your deployed resources

• Config will show you data about your configmaps, secrets, resource quotas, limit ranges and more

• In the Network you will see information about your services, ingresses, and others

And as you can see, there are other options present, so this would be a great time to stay a couple of minutes in the app, and explore all the things that you can do.

As soon as there are changes happening in your cluster, Lens picks them and propagates them immediately through the interface. Pod restarts, scaling operations, and configuration changes appear without manual refresh, providing live insight into cluster operations that static kubectl output cannot simply match.

Example:

I will start with a basic nginx deployment that shows pod lifecycle management:

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.21
        ports:
        - containerPort: 80
        resources:
          requests:
            memory: "64Mi"
            cpu: "250m"
          limits:
            memory: "128Mi"
---
apiVersion: v1
kind: Service
metadata:
  name: nginx-service
spec:
  selector:
    app: nginx
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
  type: ClusterIP
---

apiVersion: v1
kind: ConfigMap
metadata:
  name: nginx-config
data:
  nginx.conf: |
    server {
        listen 80;
        location / {
            return 200 'Hello from Lens!\n';
            add_header Content-Type text/plain;
        }

Apply this using kubectl.

kubectl apply -f nginx_deployment.yaml

Now that we’ve created a couple of resources, we are ready to explore Lens.

Here are all the pods running:

By clicking on the 3 dots on the right side, you get a couple of options:

You can easily attach to a pod, open a shell, evict it, view the logs, edit it, and even delete it.

Here is the ConfigMap:

Helm Deploy:

Lens provides a built-in Helm client to browse, install, manage, and even roll back Helm charts directly from its graphical user interface (GUI), simplifying deployment and management of Kubernetes applications. You can find available charts from repositories (like Bitnami, enabled by default), customize values.yaml, and install releases with a few clicks, seeing all your Helm deployments in the dedicated Helm tab. 

1. Access Helm: Click the “Helm” icon in Lens, then select “Charts” to see available options.
2. Browse & Search: Find charts from repositories (Artifact Hub, Bitnami, etc.) or add custom ones.
3. Install: Select a chart, choose a version, edit parameters in the values.yaml section, and click “Install”.
4. Manage Releases: View installed releases, check their details (applied values), and perform actions like rolling back. 

Using built-in metrics and charts

• Lens integrates cluster metrics (where available) for nodes and workloads.
• Toggle charts in the details pane to get CPU/memory trends over time.

Tips and best practices

• Keep kubeconfigs minimal per cluster and use named contexts for clarity.
• Tag clusters (dev/stage/prod) and use color coding to reduce the risk of accidental changes.
• Use Lens for exploration and quick fixes; keep complex automation in CI/CD pipelines.
• For sensitive environments, restrict Lens access and avoid storing long-lived credentials locally.

Reference

https://docs.k8slens.dev/

Why Helm UnitTest?

Untested charts risk syntax errors, wrong resources, or missing configs that surface only during installs. Unit tests render templates locally, catch issues early, and ensure values like replicas or images work as expected.

CI/CD pipelines run these tests automatically, blocking merges with failures. Using helm unittest will lower prod incidents from template bugs.

Install Helm-Unittest
Prerequisites: Helm 3.8+, Git, basic YAML skills.

Install the plugin:

helm plugin install

https://github.com/helm-unittest/helm-unittest.git

helm unittest --help  # Verify installation

Chart Structure

Organize your chart like this:

my-app/
├── Chart.yaml
├── values.yaml
├── templates/
│ ├── deployment.yaml
│ └── service.yaml
└── tests/
└── basic_test.yaml

Write Your First Test

Create tests/basic_test.yaml:

suite: basic deployment tests
templates:
  - deployment.yaml
tests:
  - it: should have correct kind
    asserts:
      - isKind:
          of: Deployment

  - it: sets replicas correctly
    set:
      replicaCount: 3
    asserts:
      - equal:
          path: spec.replicas
          value: 3

  - it: uses correct image
    set:
      image.repository: nginx
      image.tag: "1.21"
    asserts:
      - equal:
          path: spec.template.spec.containers[0].image
          value: nginx:1.21

This suite renders deployment.yaml, applies value overrides, and verifies structure.

Test labels, resources, env vars, and volumes similarly.

Run Tests

From chart root:

helm unittest .                    # Default run
helm unittest . -v                 # Verbose output
helm unittest . --output-type junit > test-results.xml  # CI reports
Green output shows passes; failures list exact path mismatches.

Green output shows passes; failures list exact path mismatches.

Example verbose run:

✓ basic_test.yaml: "should have correct kind" 
✓ basic_test.yaml: "sets replicas correctly"

Advanced Testing

Multiple Values Files:

- it: works with prod values
values:
- ../../values-prod.yaml
asserts:
- greater:
path: spec.template.spec.containers[0].resources.limits.memory
value: 1Gi

Subcharts: Prefix with subchartName//.
Conditionals: Test if blocks with varied set values.

Snapshots for golden files:

- it: matches production snapshot
  set:
    env: production
  asserts:
    - matchSnapshot: {}

Update with helm unittest . -u.

CI/CD Integration

GitHub Actions workflow (.github/workflows/test.yaml):

name: Helm Test
on: [pull_request]
jobs:
  test:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
    - uses: azure/setup-helm@v4
      with:
        version: v3.15.0
    - run: helm plugin install https://github.com/helm-unittest/helm-unittest
    - run: helm unittest . --output-type junit > junit.xml
    - uses: actions/upload-artifact@v4
      with:
        name: test-results
        path: junit.xml

Best Practices

• Follow AAA: Arrange (set values), Act (render), Assert (check).

• One assertion per test for clear failures.

• Test defaults, overrides, and edge cases (replicaCount: 0).

• Combine with helm lint and helm template --validate.

• Version control tests/ with your chart.

• Use descriptive it: names.

Common Pitfalls

• PathCheck typos: Use JSONPath like spec.template.spec.containers.[0].name.

• Snapshot drift: Review changes before -u.

• Global values: Scope with global.* paths.

Start testing your charts today—your future self will thank you

Healthcare organizations are managing many challenges at once: consumers expect digital experiences that feel as personalized as other industries, fragmented data in silos slows strategic decision-making, and AI and advanced technologies must integrate seamlessly into existing care models. 

Meeting these demands requires more than incremental change—it calls for digital solutions that unify access to care, trusted data, and advanced technologies to deliver transformative outcomes and operational efficiency. 

IDC Market Glance: Healthcare Ecosystem, 4Q25

We’re proud to share that Perficient has been included in the “IT Services” category in the IDC Market Glance: Healthcare Ecosystem, 4Q25 report (Doc# US54010025, December 2025). This segment includes systems integration organizations providing advisory, consulting, development, and implementation services, as well as products or solutions. 

We believe this inclusion reinforces our expertise in leveraging AI, data, and technology to deliver intelligent tools and intuitive, compliant care experiences that drive measurable value across the health journey.  

We believe this commitment aligns with critical shifts IDC Market Glance highlights in its latest report, which emphasizes how healthcare organizations are activating advanced technology and AI. IDC Market Glance shares, “Health systems and payers are moving more revenue into value-based care and capitated risk, pushing tech buyers to favor solutions that improve quality metrics, lower total cost of care, and help hit incentive thresholds.” 

As the industry evolves, IDC predicts: “Technology buyers will likely favor vendors that align revenue models to customer risk arrangements, plug seamlessly into large platforms, and demonstrate human-centered design that supports clinicians rather than replacing them.” 

To us, this inclusion validates our ability to help healthcare organizations maximize technology and AI to drive transformative outcomes, power enterprise agility, and create seamless, consumer-centric experiences that build lasting trust.

Intelligent Solutions for Transformative Outcomes 

These shifts are actively transforming the healthcare ecosystem, challenging leaders to rethink how they deliver care and create value. Our partnerships with leading organizations show what’s possible: moving AI from pilot to production, building interoperable data foundations that accelerate insights, and designing human-centered solutions that empower care teams and improve the cost, quality, and equity of care. 

Easing Access to Care With a Commerce-Like Experience 

We helped Rochester Regional Health reimagine its digital front door to triage like a clinician, personalize like a concierge, and convert like a commerce platform—creating a seamless experience that improves access, trust, and outcomes. The mobile-first redesign introduced smart search, dynamic filters, and real-time booking, driving a 26% increase in appointment scheduling and saving $79K+ monthly in call center costs. As a result, this transformative work earned three industry awards, recognizing the solution’s innovation in accessibility, engagement, and measurable impact on patient care.

Consumers expect frictionless access to care, personalized experiences, and real-time engagement. Our recent Access to Care Report reveals more than 45% of consumers aged 18–64 have used digital-first care instead of their regular provider—and 92% of them believe the quality is equal or better. To deliver on consumers’ expectations, leaders need a unified digital strategy that connects systems, streamlines workflows, and gives consumers simple, reliable ways to find and schedule care.

Explore how our Access to Care research continues to earn industry awards or learn more about our strategic position on find care experiences. 

Empowering Care Ecosystems Through Interoperable Data Foundations 

We helped a healthcare insurance leader build a single, interoperable source of truth that turns healthcare data into a true strategic asset. Our FHIR‑enabled solution ingests, normalizes, and validates data from internal and external systems and shares a consolidated, reliable dataset through API connectors, gateways, and extracts, grounded in data governance. Ultimately, this interoperable data foundation accelerates time to market, minimizes downtime through EDI and API modernization, and ensures the right data reaches the right hands at the right time to power consumer‑grade experiences, while confidently meeting interoperability standards. 

Discover our platform modernization and data management capabilities.  

Accelerating Member Support With Human-Centered GenAI Innovation 

We helped a leading Blue Cross Blue Shield health insurer transform CSR support by deploying a natural language Generative AI benefits assistant powered by AWS’s AI foundation models and APIs. The intelligent assistant mines a library of ingested documents to deliver tailored, member-specific answers in real time, eliminating cumbersome manual processes and PDF downloads that previously slowed resolution times. Beyond faster answers, this human-centered solution accelerates benefits education, equips agents to provide relevant information with greater speed and accuracy, and demonstrates how generative AI can move from pilots into core infrastructure to support staff rather than replace them.

Read more about our AI expertise or explore our human-centered design services. 

Build Your Scalable, Data-Driven Future 

From insight to impact, our healthcare expertise  equips leaders to modernize, personalize, and scale care. We drive resilient, AI-powered transformation to shape the experiences and engagement of healthcare consumers, streamline operations, and improve the cost, quality, and equity of care.

We have been trusted by the 10 largest health systems and the 10 largest health insurers in the U.S., and Modern Healthcare consistently ranks us as one of the largest healthcare consulting firms.

Our strategic partnerships with industry-leading technology innovators—including AWS, Microsoft, Salesforce, Adobe, and  more—accelerate healthcare organizations’ ability to modernize infrastructure, integrate data, and deliver intelligent experiences. Together, we shatter boundaries so you have the AI-native solutions you need to boldly advance business.

Ready to Turn Fragmentation Into Strategic Advantage? 

We’re here to help you move beyond disconnected systems and toward a unified, data-driven future—one that delivers better experiences for patients, caregivers, and communities. Let’s connect  and explore how you can lead with empathy, intelligence, and impact. 

Subtitle: From Critical Medical Hardware to the Apple Ecosystem, the future of mobile intelligence is local, instant, and unified.

We are standing at a hardware tipping point. For the last decade, “AI” on mobile effectively meant one thing: sending data to the cloud and waiting for an answer. Especially for those chatbots, adding AI to an app meant integrating a slow, spinning loading indicator while data traveled to a server, waited in a queue, and eventually returned text. Users are tired of waiting. They are overwhelmed by generic bots that feel disconnected from the app they are actually using.

But as we move toward 2026, the script is flipping. Phone manufacturers are shipping devices with neural engines (NPUs) so powerful they rival the desktop GPUs of just a few years ago. This shift isn’t just about faster chatbots or smoother animations; it is reshaping critical industries like healthcare and unifying the mobile ecosystem under a single dominant model family: Google Gemini.

The Hardware Revolution: The “Brain” in Your Pocket

The defining trend of the 2025-2026 cycle is the explosion of Hardware Acceleration. Modern mobile processors—whether it’s the latest Snapdragons powering Android flagships or the A-series chips in iPhones—are no longer just Central Processing Units (CPUs). They are dedicated AI powerhouses capable of “always-on” generative tasks.

This hardware leap means we can now run massive models (like Gemini Nano) directly on the device. The benefits are immediate and transformative:

• Zero Latency: No network round-trips. The intelligence feels instantaneous.
• Total Privacy: Sensitive data never leaves the phone’s secure enclave.
• Offline Reliability: Intelligence works in elevators, basements, and airplanes.

The Critical Use Case: Android in Healthcare

Nowhere is this shift more vital than in the rapidly expanding world of Medical Devices. Android has quietly become the operating system of choice for specialized medical hardware, from handheld ultrasound scanners to patient vitals monitors.

Why is the edge critical here? Because medical environments are unforgiving. A doctor in a rural clinic or a paramedic in a speeding ambulance cannot rely on spotty 5G connections to process a patient’s vitals or analyze an X-ray.

• Privacy Compliance: Processing sensitive patient data (like facial analysis for pain detection) strictly on-device removes complex regulatory cloud compliance hurdles. The data stays with the patient.
• Reliability: An Android-based diagnostic tool must work instantly, 100% of the time, regardless of Wi-Fi status.
• Adoption: We are seeing a massive surge in smart, connected medical tools that rely on commodity Android hardware to deliver hospital-grade diagnostics at a fraction of the cost.

The “One AI” Future: Gemini on iOS & Android

Perhaps the most compelling reason to bet on Gemini is the upcoming unification of the mobile AI landscape. Reports indicate that Apple is partnering with Google to integrate Gemini models into iOS 18 and macOS Sequoia for complex reasoning tasks and summaries, a rollout expected to mature by Spring 2026.

While Apple will handle basic tasks with its own on-device models, it is leaning on Gemini’s superior reasoning for the “heavy lifting.” This creates a unique opportunity for developers:

• Unified Intelligence: Learning to engineer prompts and integrations for Gemini means you are effectively targeting the entire mobile market—both the Android medical devices and the premium iPhone user base.
• Cross-Platform Consistency: A feature built on Gemini’s logic will behave consistently whether it’s running on a Samsung Galaxy Tab in a hospital or an iPhone 17 in a consumer’s hand.
• Future-Proofing: With these updates expected shortly, building expertise in Gemini now puts us ahead of the curve when the feature goes mainstream across billions of Apple devices.

In Part 2, we will leave the strategy behind and dive into the code to see how we are already building this future today on iOS and Android.

What is MCP?

Model Context Protocol (MCP) is an open-source standard for integrating AI applications to external systems. With AI use cases getting traction more and more, it becomes evident that AI applications tend to connect to multiple data sources to provide intelligent and relevant responses.

Earlier AI systems interacted with users through Large language Models (LLM) that leveraged pre-trained datasets. Then, in larger organizations, business users work with AI applications/agents expect more relevant responses from enterprise dataset, from where Retrieval Augmented Generation (RAG) came into play.

Now, AI applications/agents are expected to produce more accurate responses leveraging latest data, that requires AI systems to interact with multiple data sources and fetch accurate information. When multi-system interactions are established, it requires the communication protocol to be more standardized and scalable. That is where MCP enables a standardized way to connect AI applications to external systems.

Architecture

Using MCP, AI applications can connect to data source (ex; local files, databases), tools and workflows – enabling them to access key information and perform tasks. In enterprises scenario, AI applications/agents can connect to multiple databases across organization, empowering users to analyze data using natural language chat.

Benefits of MCP

MCP serves a wide range of benefits

• Development: MCP reduces development time and complexity when building, or integrating with AI application/agent. It makes integrating MCP host with multiple MCP servers simple by leveraging built-in capability discovery feature.
• AI applications or agents: MCP provides access to an ecosystem of data sources, tools and apps which will enhance capabilities and improve the end-user experience.
• End-users: MCP results in more capable AI applications or agents which can access your data and take actions on user behalf when necessary.

MCP – Concepts

At the top level of MCP concepts, there are three entities,

• Participants
• Layers
• Data Layer Protocol

Participants

MCP follows a client-server architecture where an MCP host – an AI application like enterprise chatbot establishes connections to one or more MCP servers. The MCP host accomplishes this by creating a MCP client for each MCP server. Each MCP client maintains a dedicated connection with its MCP server.

The key participants of MCP architecture are:

• MCP Host: AI application that coordinates and manages one or more MCP clients
• MCP Client: A component that maintains a dedicated connection to an MCP server and obtains context from an MCP server for MCP host to interact
• MCP Server: A program that provides context to MCP clients (i.e. generate responses or perform actions on user behalf)

Layers

MCP consists of two layers:

• Data layer – Defines JSON-RPC based protocol for client-server communication including,
  • lifecycle management – initiate connection, capability discovery & negotiation, connection termination
  • Core primitives – enabling server features like tools for AI actions, resources for context data, prompt templates for client-server interaction and client features like ask client to sample from host LLM, log messages to client
  • Utility features – Additional capabilities like real-time notifications, track progress for long-running operations
• Transport Layer – Manages communication channels and authentication between clients and servers. It handles connection establishment, message framing and secure communication between MCP participants

Data Layer Protocol

The core part of MCP is defining the schema and semantics between MCP clients and MCP servers. It is the part of MCP that defines the ways developers can share context from MCP servers to MCP clients.

MCP uses JSON-RPC 2.0 as its underlying RPC protocol. Client and servers send requests to each other and respond accordingly. Notifications can be used when no response is required.

Life Cycle Management

MCP is a stateful protocol that requires lifecycle management. The purpose of lifecycle management is to negotiate the capabilities (i.e. functionalities) that both client and server support.

Primitives

Primitives define what clients and servers can offer each other. These primitives specify the types of contextual information that can be shared with AI applications and the range of actions that can be performed. MCP defines three core primitives that servers can expose:

• Tools: Executable functions that AI applications can invoke to perform actions (e.g., API calls, database queries)
• Resources: Data sources that provide contextual information to AI applications (e.g., file contents, API responses, database records)
• Prompts: Reusable templates that help structure interactions with language models (e.g., system prompts, few-shot examples)

Notifications

The protocol supports real-time notifications to enable dynamic updates between servers and clients. For example, when a server’s available tools change – such as when new functionalities are added or existing functionality is updated – the server can send tool update notifications to all its connected clients about these changes.

Security in Data Accessing

While AI applications communicate with multiple enterprise data sources thgrouch MCP and fetch real-time sensitive data like customer information, financial data to serve the users, data security becomes absolutely critical factor to be addressed.

MCP ensures secure access.

Authentication and Authorization

MCP implements server-side authentication where each MCP server validates who is making the request. The enterprise system controls access through:

• User-specific credentials – Each user connecting through MCP has their own authentication tokens
• Role-based access control (RBAC) – Users only access data that the role permits
• Session management – Time-limited sessions that expire automatically

Data Access Controls

MCP server acts as a security gateway that enforces the same access policies as direct system access:

• • Users can only query data that they are authroized to access
  • The server validates every request against permission rules
  • Sensitive information can be masked or filtered based on user privileges

Secure Communication

• • • Encrypted connections – All data transmissions uses TLS/HTTPS encryption
    • No data storage in AI – AI systems do not store the financial data it accesses; it only process it during the conversation session

Audit and Monitoring

MCP implementations in enterprise ecosystem should include:

• • • Complete audit logs – Every data access request is logged with user, timestamp and data accessed
    • Anomaly detection – Engage mechanisms that monitor unusual access patterns and trigger alerts
    • Compliance tracking – All interactions meet regulatory requirements like GDPR, PCI-DSS

Architecture Isolation

Enterprises typically deploy MCP using:

• • • Private network deployment – MCP servers stay within the enterprise secure firewall boundary
    • API gateway integration – Requests go through existing security infrastructure
    • No direct database access – MCP connects and access data through secure APIs, not direct access to database

The main idea is that MCP does not bypass existing security. It works within the same security as other enterprise applications, just showing a smarter interface.

MCP Implementation & Demonstration

In this section, I will demonstrate a simple use case where MCP client (Claude Desktop) interacts with “Finance Manager” MCP server that can fetch financial information from the database.

Financial data is maintained in Postgres database tables. MCP client (Claude Desktop app) will request information about customer account, MCP host will discover appropriate capability based on user prompt and invoke respective MCP tool function that can fetch data from the database table.

To make MCP client-server in action, there are three parts to be configured

• • • Backend Database
    • MCP server implementation
    • MCP server registration in MCP Host

Backend Database

Postgres table “accounts” maintains accounts data with below information, “transactions” table maintains the transaction performed on the accounts

MCP server implementation

FastMCP class implements MCP server components and creating an object of it initialize and enables access to those components to create enterprise MCP server capabilities.

The annotation “@mcp.tool()” defines the capability and the respective function will be recognized as MCP capability. These functions will be exposed to AI applications and will be invoked from MCP Host to perform designated actions.

In order to invoke MCP capabilities from client, MCP server should be up & running. In this example, there are two functions defined as MCP tool capabilities,

• • • get_account_details – The function accept account number as input parameter, query “accounts” table and returns account information
    • add_transaction – The function accepts account number and transaction amount as parameters, make entry into “transactions” table

MCP Server Registration in MCP Host

For AI applications to invoke MCP server capability, MCP server should be registered in MCP host at client end. For this demonstration, I am using Claude Desktop as MCP client from where I interact with MCP server.

First, MCP server is registered with MCP host in Claude Desktop as below,

Claude Desktop -> Settings -> Developer -> Local MCP Servers -> Click “Edit Config”

Open “claude_desktop_config” JSON file in Notepad. Add configurations in the JSON as below. The configurations define the path where MCP server implementation is located and instruct command to MCP host to run. Save the file and close.

Restart “Claude Desktop” application, go to Settings -> Developer -> Local MCP servers tab. The newly added MCP server (finance-manager) will be in running state as below,

Go to chat window in Claude Desktop. Issue a prompt to fetch details of an account in “accounts” table and review the response,

User Prompt: User issues a prompt to fetch details of an account.

MCP Discovery & Invoke: The client (Claude Desktop) processes the prompt, interacts with MCP host, automatically discover the relevant capability – get_account_details function in this case – without explicitly mention the function name and invoke the function with necessary parameter.

Response: MCP server process the request, fetch account details from the table and respond details to the client. The client formats the response and present it to the user.

Another example to add a transaction in the backend table for an account,

Here, “add_transaction” capability has been invoked to add a transaction record in “transactions” table. In the chat window, you could notice that what MCP function is being invoked along with request & response body.

The record has been successfully added into the table,

Impressive, isn’t it..!!

There are a wide range of use cases implementing MCP servers and integrate with enterprise AI systems that bring in intelligent layer to interact with enterprise data sources.

Here, you may also develop a thought that in what ways MCP (Model Context Protocol) is different from RAG (Retrieval Augmented Generation), as I did so. Based on my research, I just curated a comparison matrix of the features that would add more clarity,

If you’re knee-deep in building apps, you already know APIs are the backbone of everything. Testing them? That’s where the real magic happens. For years, we’ve relied on tools like Postman and Insomnia to send requests, debug issues, and keep things running smoothly. But lately, there’s a buzz about something new: Bruno. It’s popping up everywhere, and developers are starting to make the switch. Why? Let’s dive in.

What Exactly is Bruno?

Picture this: an open-source, high-performance API client that puts your privacy first. Bruno isn’t some bloated app that shoves your stuff into the cloud. “No,” it keeps everything right on your local machine. Your API collections, requests, all of it? Safe and sound where you control it, no cloud drama required.

Bruno is built for developers who want:

• Simplicity without compromise
• High performance without unnecessary extras
• Complete freedom with open-source flexibility

It’s like the minimalist toolbox you’ve been waiting for.

Why is Bruno Suddenly Everywhere?

Bruno solves the pain points that frustrate us with other API tools:

• Privacy First: No forced cloud uploads, your collections stay local. No hidden syncing; your data stays completely under your control.
• Fast and Lightweight: Loads quickly and handles requests without lag. Perfect for quick tests on the go.
• Open-Source Freedom: No fees, no lock-in. Collections are Git-friendly and saved as plain text for easy version control.
• No Extra Bloat: Focused on what matters, API testing without unnecessary features.

Bottom line: Bruno fits the way we work today, collaboratively, securely, and efficiently. It’s not trying to do everything; it’s just good at API testing.

Key Features

Bruno keeps it real with features that matter. Here are the highlights:

1. Totally Open-Source

• No sneaky costs or paywalls.
• Peek under the hood anytime—the code’s all there.
• A group of developers is contributing to GitHub, making it better every day. Wanna join? Hit up their repo and contribute.

2. Privacy from the Ground Up

• Everything lives locally.
• No accounts, no cloud pushes—your requests don’t leave your laptop.
• Ideal if you’re handling sensitive APIs and don’t want Big Tool Company snooping.
• Bonus: Those plain-text files integrate well with Git, so team handoffs are seamless.

3. Light as a Feather, Fast as Lightning

• Clean UI, no extra bells and whistles slowing you down.
• Starts up quickly and zips through responses.
• Great for solo endpoint tweaks or managing large workflows without your machine slowing.

Getting Bruno Up and Running

Installing Bruno is simple. It works on Windows, macOS, and Linux. Just choose your platform, and you’re good to go.

#3. Quick Install Guide

Windows

1. Head to Bruno’s GitHub Releases page.
2. Grab the latest .exe file.
3. Run it and follow the prompts.
4. Boom—find it in your Start Menu.

macOS

1. Download the .dmg from Releases.
2. Drag it to Applications.
3. Fire it up and get testing.

Linux

1. Snag the .AppImage or .deb from Releases.
2. For AppImage: chmod +x Bruno.AppImage then ./Bruno.AppImage.
3. For .deb: sudo dpkg -i bruno.deb and sudo apt-get install -f.

GUI or CLI? Your Call

• GUI: Feels like Postman but cleaner. Visual, easy-to-build requests on the fly.
• CLI: For the terminal lovers. Automate tests, integrate with CI/CD, or run collections: bruno run collection.bru –env dev.

Build Your First Collection in Minutes

Bruno makes organizing APIs feel effortless. Here’s a no-sweat walkthrough.

Step 1: Fire It Up

Launch Bruno. You’ll see a simple welcome screen prompting you to create a new collection.

Step 2: New Collection Time

1. Hit “New Collection.”
2. Name it (say, “My API Playground”).
3. Pick a folder—it’s all plain text, so Git loves it.

Step 3: Add a Request

1. Inside the collection, click “New Request.”
2. Pick your method (GET, POST, etc.).
3. Enter the URL: https://jsonplaceholder.typicode.com/posts.

Step 4: Headers and Body Magic

• Add the header: Content-Type: application/json.
• For POSTs, add a body like:

JSON

{
"title": "Bruno Blog",
"body": "Testing Bruno API Client",
"userId": 1
}

Step 5: Hit Send

Click it, and watch the response pop: status, timing, pretty JSON—all right there.

Step 6: Save and Sort

Save the request, create folders for environments or APIs, and use variables to switch setups.

Bruno vs. Postman: Head-to-Head

Postman’s the OG, but Bruno’s the scrappy challenger winning hearts. Let’s compare.

1. Speed

• Bruno: Lean and mean—quick loads, low resource hog.
• Postman: Packed with features, but it can feel sluggish on big projects. Edge: Bruno

2. Privacy

• Bruno: Local only, no cloud creep.
• Postman: Syncs to their servers—handy for teams, sketchy for secrets. Edge: Bruno

3. Price Tag

• Bruno: Free forever, open-source vibes.
• Postman: Free basics, but teams and extras? Pay up. Edge: Bruno

Feature	Bruno	Postman
Open Source	Yes	No
Cloud Sync	No	Yes
Performance	Lightweight	Heavy
Privacy	Local Storage	Cloud-Based
Cost	Free	Paid Plans

Level up With Advanced Tricks

Environmental Variables

Swap envs easy-peasy:

• Make files for dev/staging/prod.
• Use {{baseUrl}} in requests.
• Example:

{
"baseUrl": "https://api.dev.example.com",
"token": "your-dev-token"
}

Scripting Smarts

Add pre/post scripts for:

• Dynamic auth: request.headers[“Authorization”] = “Bearer ” + env.token;
• Response checks or automations.

Community & Contribution

It’s community-driven:

• Repo: https://github.com/usebruno/bruno
• Contribute: Fork, branch, PR. Report bugs, chat ideas—help build the future.

Conclusion

Bruno isn’t just another API testing tool; it’s designed for developers who want simplicity and control. With local-first privacy, fast performance, open-source flexibility, and built-in Git support, Bruno delivers everything you need without unnecessary complexity.
If you’re tired of heavy, cloud-based clients, it’s time to switch. Download Bruno today and experience the difference: Download here.

Why Do We Need to Secure Our Applications?  

Cloud environments are very dynamic and interconnected. A single misconfiguration or exposed API key can lead to:  

• Data breaches 

• Compliance violations 

• Costly downtime 

Attackers often target application-level weaknesses, not just infrastructure gaps. If any application handles sensitive data, financial transactions, or user credentials, security is critical. 

Common Mistakes Made When Building Applications

• Hardcoding API keys and credentials 

• Ignoring dependency vulnerabilities 

• Skipping encryption/decryption for sensitive data 

Essential Security Best Practices

1. Identity and Access Management (IAM)

• Create dedicated IAM roles for your Lambda functions, EC2 instances, or ECS tasks instead of hardcoding access keys in your application. 

• We must regularly review who has permissions using the IAM Access Analyzer. 

• We must avoid using the root account for day-to-day operations/ any operations as a developer. 

2. Don’t Store/Share Secrets in Your Code

Your appsettings.json is not the right place for secret keys. Storing API keys or database passwords. 

• We must use AWS Secrets Manager or Parameter Store to keep secrets safe. 

• Fetch keys at runtime by using AWS SDK for .NET or the AWSSDK.Extensions.NETCore.Setup configuration provider 

3. Always Encrypt Data 

Encryption is one of the best practices to encrypt our sensitive data 

• Enable HTTPS by default for all your endpoints.  
• Use AWS Certificate Manager (ACM) to issue and manage SSL/TLS certificates. 
• In your application, make sure that all traffic is redirected to HTTPS by adding app.UseHttpsRedirection(); 
• AWS KMS to encrypt your S3 buckets, RDS databases, and EBS volumes.
• If you’re using SQL Server on RDS, enable Transparent Data Encryption (TDE). 

 Encrypt & Decrypt API Key with KMS 

4. Build a Secure Network Foundation

• Must use VPCs with private subnets for backend services. 

• Control the traffic with Security Groups and Network ACLs. 

• Use VPC Endpoints to keep traffic within AWS’s private network  

• Use AWS WAF to protect your APIs, and enable AWS Shield to guard against DDoS attacks. 

5. Keep Your Code and Dependencies Clean

Even the best infrastructure can’t save a vulnerable codebase. 

• Update your .NET SDK and NuGet packages regularly. 

• Use Amazon Inspector for runtime and AWS environment security, and tools like Dependabot for Development-time dependency security to find vulnerabilities early. 

• Add code review analysis tools (like SonarQube) in your CI/CD pipeline. 

6. Log Everything and Watch

• Enable Amazon AWS CloudWatch for all central logging and use AWS X-Ray to trace requests through the application. 

• Turn on CloudTrail to track every API call across your account. 

• Enable GuardDuty for continuous threat detection. 

Automation has become a core part of modern work, allowing teams to reduce repetitive tasks, save time, and improve accuracy. Whether it’s generating weekly reports, organizing files, processing large amounts of data, or interacting with web applications, automation helps individuals and companies operate more efficiently. Among all programming languages used for automation, Python is one of the most widely adopted because of its simplicity and flexibility. 

Why Python Is Perfect for Automation 

Python is known for having a clean and readable syntax, which makes it easy for beginners to start writing scripts without needing deep programming knowledge. The language is simple enough for non-developers, yet powerful enough for complex automation tasks. Another major advantage is the availability of thousands of libraries. These libraries allow Python to handle file operations, manage Excel sheets, interact with APIs, scrape websites, schedule tasks, and even control web browsers – all with minimal code. Because of this, Python becomes a single tool capable of automating almost any repetitive digital task. 

What You Can Automate with Python 

Python can automate everyday tasks that would otherwise require significant manual effort. Simple tasks like renaming multiple files, organizing folders, or converting file formats can be completed instantly using small scripts. It is also commonly used for automating Excel-based workflows, such as cleaning datasets, merging sheets, generating monthly summaries, or transforming data between formats. Python is equally powerful for web-related automation: collecting data from websites, making API calls, sending automated emails, downloading content, and filling out online forms. For more advanced uses, Python can also automate browser testing, server monitoring, and deployment processes. 

Setting Up Your Python Automation Environment 

Getting started is straightforward. After installing Python, you can use an editor like VS Code or PyCharm to write your scripts. Libraries required for automation can be installed using a single command, making setup simple. Once you have your environment ready, writing your first script usually takes only a few minutes. For example, a short script can rename files in a folder, send an email, or run a function at a specific time of the day. Python’s structure is beginner-friendly, so even basic programming knowledge is enough to start automating everyday tasks. 

Examples of Simple Automation 

A typical example is a script that automatically renames files. Instead of renaming hundreds of files one by one, Python can loop through the folder and rename them instantly. Another example is an automated email script that can send daily reminders or reports. Python can also schedule tasks so that your code runs every morning, every hour, or at any time you choose. These examples show how even small scripts can add real value to your workflow by reducing repetitive manual tasks. 

Best Practices When Building Automation 

As you begin writing automation scripts, it helps to keep the code organized and reliable. Using virtual environments ensures that your project libraries remain clean. Adding error-handling prevents scripts from stopping unexpectedly. Logging enables you to track what your script does and when it executes. Once your automation is ready, you can run it automatically using tools like Task Scheduler on Windows or cron on Linux, so the script works in the background without your involvement. 

How Companies Use Python Automation 

Python automation is widely used across industries. IT teams rely on it to monitor servers, restart services, and handle deployment tasks. Business teams use it to generate reports, clean data, update dashboards, and manage document workflows. Marketing teams use automation for scraping competitor information, scheduling social media posts, or tracking engagement. For developers, Python helps with testing, error checking, and system integration via APIs. Across all these areas, automation improves efficiency and reduces human error. 

Conclusion 

Python is an excellent starting point for anyone who wants to begin automating daily tasks. Its simplicity, combined with its powerful ecosystem of libraries, makes it accessible to beginners and useful for professionals. Even basic automation scripts can save hours of work, and as you grow more comfortable, you can automate more complex processes involving data, web interactions, and system management. Learning Python for automation not only makes your work easier but also adds valuable skills for professional growth. 

Introduction

In today’s digital-first business landscape, streamlining document workflows is essential for operational efficiency and compliance. DocuSign, a global leader in electronic signatures, offers secure and legally binding digital signing capabilities. When integrated with Appian, a powerful low-code automation platform, organizations can automate approval processes, reduce manual effort, and enhance document governance.

This guide walks you through the process of integrating DocuSign as a Connected System within Appian, enabling seamless eSignature workflows across your enterprise applications.

Why DocuSign?

DocuSign empowers organizations to manage agreements digitally with features that ensure security, compliance, and scalability.

Key Capabilities:

• Legally Binding eSignatures compliant with ESIGN Act (U.S.), eIDAS (EU), and ISO 27001.
• Workflow Automation for multi-step approval processes.
• Audit Trails for full visibility into document activity.
• Reusable Templates for standardized agreements.
• Enterprise-Grade Security with encryption and access controls.
• Pre-built Integrations with platforms like CRM, ERP, and BPM—including Appian.

Integration Overview

Appian’s native support for DocuSign as a Connected System simplifies integration, allowing developers to:

• Send documents for signature
• Track document status
• Retrieve signed documents
• Manage signers and templates

Prerequisites

Before starting, ensure you have:

1. Appian Environment with admin access
2. DocuSign Developer or Production Account
3. API Credentials: Integration Key, Client Secret, and RSA Key

Step-by-Step Integration

Step 1: Register Your App in DocuSign

1. Log in to the DocuSign Developer Portal
2. Navigate to Apps and Keys → Add App
3. Generate:
   • Integration Key
   • Secret Key
   • RSA Key

4. Add your Appian environment’s Redirect URI:

https://<your-appian-environment>/suite/rest/authentication/callback

5. Enable GET and POST methods and save changes.

Step 2: Configure OAuth in Appian

1. In Appian’s Admin Console, go to Authentication → Web API Authentication
2. Add DocuSign credentials under Appian OAuth 2.0 Clients
3. Ensure all integration details match those from DocuSign

Step 3: Create DocuSign Connected System

1. Open Appian Designer → Connected Systems
2. Create a new system:
   • Type: DocuSign
   • Authentication: Authorization Code Grant
   • Client ID: DocuSign Integration Key
   • Client Secret: DocuSign Secret Key
   • Base URL:
     • Development: https://account-d.docusign.com
     • Production: https://account.docusign.com

3. Click Test Connection to validate setup

Step 4: Build Integration Logic

1. Go to Integrations → New Integration
2. Select the DocuSign Connected System
3. Configure actions:
   • Send envelope
   • Check envelope status
   • Retrieve signed documents
4. Save and test the integration

Step 5: Embed Integration in Your Appian Application

1. Add integration logic to Appian interfaces and process models
2. Use forms to trigger DocuSign actions
3. Monitor API usage and logs for performance and troubleshooting

Integration Opportunities

Legal Document Processing

Automate the signing of SLAs, MOUs, and compliance forms using DocuSign within Appian workflows. Ensure secure access, maintain version control, and simplify recurring agreements with reusable templates.

Finance Approvals

Digitize approvals for budgets, expenses, and disclosures. Route documents to multiple signers with conditional logic and securely store signed records for audit readiness.

Healthcare Consent Forms

Send consent forms electronically before appointments. Automatically link signed forms to patient records while ensuring HIPAA-compliant data handling.

Conclusion

Integrating DocuSign with Appian enables organizations to digitize and automate document workflows with minimal development effort. This powerful combination enhances compliance, accelerates approvals, and improves user experience across business processes.

For further details, refer to:

• DocuSign API Documentation
• Appian Documentation

Introduction

In this blog, we’ll explore how to connect OpenAI’s API with a Spring Boot application, step by step.

We’ll cover the setup process, walk through the implementation with a practical example.

By integrating OpenAI with Spring Boot, you can create solutions that are not only powerful but also scalable and reliable.

Prerequisites

• Java 17+
• Maven
• Spring Boot (3.x recommended)
• OpenAI API Key (get it from platform.openai.com)
• Basic knowledge of REST APIs

OpenAI’s platform helps developers to understand how to prompt a models to generate meaningful text. It’s basically a cheat sheet for how to communicate to AI so it gives you smart and useful answers by providing prompts. 

Implementation in Spring Boot

To integrate OpenAI’s GPT-4o-mini model into a Spring Boot application, we analyzed the structure of a typical curl request and response provided by OpenAI.

API docs reference:

https://platform.openai.com/docs/overview

https://docs.spring.io/spring-boot/index.html

Curl Request

<html>
curl https://api.openai.com/v1/chat/completions \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d '{
    "model": "gpt-4o-mini",
    "messages": [
      {"role": "assistant", "content": "Hello"},
      {"role": "user", "content": "Hi"}
    ]
  }'
</html>

Note-

“role”: “user” – Represents the end-user interacting with the assistant

“role”: “assistant” – Represents the assistant’s response.

The response generated from the model and it looks like this:

{
  "id": "chatcmpl-B9MBs8CjcvOU2jLn4n570S5qMJKcT",
  "object": "chat.completion",
  "created": 1741569952,
  "model": "gpt-4o-mini-2025-04-14",
  "choices": [
    {
      "index": 0,
      "message": {
        "role": "assistant",
        "content": "Hello! How can I assist you today?",
        "refusal": null,
        "annotations": []
      },
      "logprobs": null,
      "finish_reason": "stop"
    }
  ],
  "usage": {
    "prompt_tokens": 19,
    "completion_tokens": 10,
    "total_tokens": 29,
    "prompt_tokens_details": {
      "cached_tokens": 0,
      "audio_tokens": 0
    },
    "completion_tokens_details": {
      "reasoning_tokens": 0,
      "audio_tokens": 0,
      "accepted_prediction_tokens": 0,
      "rejected_prediction_tokens": 0
    }
  },
  "service_tier": "default"
}

Controller Class:

In below snippet, we will explore a simple spring boot controller to interact with Open AI’s API. When end user sends a prompt to that url (e.g /bot/chat?prompt=what is spring boot), the controller reads the model name and API url from applocation.properties file. It then creates a request using prompt provided and sends it to Open AI using rest call(RestTemplate). After verifying the request, OpenAI sends back a response.

@RestController
@RequestMapping("/bot")
public class GenAiController {

    @Value("${openai.model}")
    private String model;

    @Value(("${openai.api.url}"))
    private String apiURL;

    @Autowired
    private RestTemplate template;

    @GetMapping("/chat")
    public String chat(@RequestParam("prompt") String prompt) {
        GenAiRequest request = new GenAiRequest(model, prompt);
        System.out.println("Request: " + request );
        GenAIResponse genAIResponse = template.postForObject(apiURL, request, GenAIResponse.class);
        return genAIResponse.getChoices().get(0).getMessage().getContent();
    }

Configuration Class:

Annotated with @Configuration, this class defines beans and settings for the application context. Pulling the Open API key from properties file and the a customized RestTemplate is created and configured to include the Authorization Bearer <API_KEY> header in all requests. This setup ensures that every call to OpenAI’s API is authenticated without manually adding headers in each request.

@Configuration
public class OpenAIAPIConfiguration {

    @Value("${openai.api.key}")
     private String openaiApiKey;

    @Bean
    public RestTemplate template(){
        RestTemplate restTemplate=new RestTemplate();
        restTemplate.getInterceptors().add((request, body, execution) -> {
            request.getHeaders().add("Authorization", "Bearer " + openaiApiKey);
            return execution.execute(request, body);
        });
        return restTemplate;
    }
    
}

Require getters and setters for request and response classes:

Based on the Curl structure and response, we generated the corresponding request and response java classes with appropriate getters and setters with selected attributes to repsesent request and response object. These getter/setter classes help turn JSON data into objects we can use in code, and also turn our code’s data back into JSON when interacting to the OpenAI API. We implemented a bot using the gpt-4o-mini model, integrating it with a REST controller and also handled the authentication via the API key.

//Request
@Data
public class GenAiRequest {

    private String model;
    private List<GenAIMessage> messages;

    public List<GenAIMessage> getMessages() {
        return messages;
    }

    public GenAiRequest(String model, String prompt) {
        this.model = model;
        this.messages = new ArrayList<>();
        this.messages.add(new GenAIMessage("user",prompt));
    }
}

@Data
@AllArgsConstructor
@NoArgsConstructor
public class GenAIMessage {

    private String role;
    private String content;   
    
    public String getContent() {
        return content;
    }
    public void setContent(String content) {
        this.content = content;
    }
}

//Response
@Data
@AllArgsConstructor
@NoArgsConstructor
public class GenAIResponse {

    private List<Choice> choices;

    public List<Choice> getChoices() {
        return choices;
    }

    @Data
    @AllArgsConstructor
    @NoArgsConstructor
    public static class Choice {

        private int index;
        private GenAIMessage message;
        public GenAIMessage getMessage() {
            return message;
        }
        public void setMessage(GenAIMessage message) {
            this.message = message;
        }

    }

}

Essential Configuration for OpenAI Integration in Spring Boot

To connect your Spring Boot application with OpenAI’s API, you need to define a few key properties in your application.properties or application.yml file:

• server.port: Specifies the port on which your Spring Boot application will run. You can set it to any available port like 8080, 9090, etc. (The default port for a Spring Boot application is 8080)
• openai.model: Defines the OpenAI model to be used. In this case, gpt-4o-mini is selected for lightweight and efficient responses.
• openai.api.key: Your secret API key from OpenAI. This is used to authenticate requests. Make sure to keep it secure and never expose it publicly.
• openai.api.url: The endpoint URL for OpenAI’s chat completion API. (This is where your application sends prompts and receives responses)

server.port=<add server port>
openai.model=gpt-4o-mini
openai.api.key=	XXXXXXXXXXXXXXXXXXXXXXXXXXXX
openai.api.url=https://api.openai.com/v1/chat/completions

Postman Collection:

GET API: http://localhost:<port>/bot/chat?prompt=What is spring boot used for ?

Content-Type: application/json

Usage of Spring Boot + OpenAI Integration

• AI-Powered Chatbots: Build intelligent assistants for customer support, internal helpdesks, or onboarding systems.
• Content Generation Tools: Automate blog writing, email drafting, product descriptions, or documentation, generate personalized content based on user input.
• Code Assistance & Review: Create tools that help developers write, refactor, or review code using AI, Integrate with IDEs or CI/CD pipelines for smart suggestions.
• Data Analysis & Insights: Use AI to interpret data, generate summaries, answer questions about datasets combine with Spring Boot APIs to serve insights to dashboards or reports.
• Search Enhancement: Implement semantic search or question-answering systems over documents or databases, use embeddings and GPT to improve relevance and accuracy.
• Learning & Training Platforms: Provide personalized tutoring, quizzes, and explanations using AI & adapt content based on user performance and feedback.
• Email & Communication Automation: Draft, summarize, or translate emails and messages, integrate with enterprise communication tools.
• Custom usages: In a business-to-business context, usage can be customized according to specific client requirements.