How SailPoint makes use of Anthropic’s Claude on Amazon Bedrock to routinely generate TypeScript code for SaaS connectors

October 20, 2024 thefutureofworkinfo


Generative AI is revolutionizing the best way builders strategy programming by offering clever help and automation all through the coding course of. With the facility of superior language fashions and machine studying (ML) algorithms, generative AI can perceive the context and intent behind a programmer’s code, providing useful recommendations, finishing code snippets, and even producing complete features or modules primarily based on high-level descriptions. This know-how empowers builders to give attention to higher-level problem-solving and structure, whereas the AI handles the tedious and repetitive features of coding. One of many key benefits of huge language fashions (LLMs) in programming is their means to be taught from the huge quantities of current code and programming patterns they have been skilled on. This data permits them to generate context-aware code, detect potential bugs or vulnerabilities, and supply optimizations to enhance code high quality and efficiency.

On this publish, we spotlight how the AWS Generative AI Innovation Center collaborated with SailPoint Technologies to construct a generative AI-based coding assistant that makes use of Anthropic’s Claude Sonnet on Amazon Bedrock to assist speed up the event of software as a service (SaaS) connectors.

Amazon Bedrock is a completely managed service that gives a alternative of high-performing basis fashions (FMs) from main AI corporations like AI21 Labs, Anthropic, Cohere, Meta, Mistral AI, Stability AI, and Amazon via a single API, together with a broad set of capabilities to construct generative AI functions with safety, privateness, and accountable AI.

SailPoint makes a speciality of enterprise id safety options. Over 3,000 enterprises worldwide use SailPoint to assist defend towards immediately’s dynamic, identity-centric cyber threats whereas enhancing productiveness and effectivity. Their merchandise are designed to handle and safe entry to functions and information via the lens of id, at velocity and scale, for customers inside a corporation and for exterior events resembling non-employees. SailPoint’s unified, clever, and extensible setting gives complete id governance capabilities, together with entry certifications, coverage administration, entry request and provisioning, password administration, and information entry governance. This helps organizations make certain the proper people have the proper entry to the proper assets on the proper occasions, thereby imposing safety insurance policies and compliance necessities. Based in 2005, SailPoint has grown to be a key participant in id safety, serving clients globally throughout varied industries.

SailPoint connectors and SaaS connectivity

SailPoint’s id safety options interface with varied software program as a service (SaaS) functions to retrieve the mandatory info, resembling account and entry info, from an id safety standpoint. Every SaaS software implements these functionalities in barely other ways and may expose their implementation via REST-based net APIs which can be usually supported by OpenAPI specifications. SailPoint connectors are TypeScript modules that interface with a SaaS software and map the related id safety info (resembling accounts and entitlements) to a standardized format understood by SailPoint. Primarily based on the APIs uncovered by the appliance, SailPoint connectors can create, replace, and delete entry on these accounts. SailPoint connectors assist handle person identities and their entry rights throughout completely different environments inside a corporation, supporting the group’s compliance and safety efforts.

Though a typical connector exposes a number of features, for this publish, we give attention to growing the checklist person perform of a connector that connects to an API endpoint for itemizing customers, retrieving all of the customers, and remodeling them into the format required by SailPoint.

Within the following sections, we element how we used Anthropic’s Claude Sonnet on Amazon Bedrock to routinely create the checklist person connector, a vital part of the broader SaaS connectivity.

Understanding the checklist person connector

Connectors are modules that may connect with an exterior service and retrieve and replace related info from a SaaS software. To raised perceive how connectors are constructed, we give an instance of the connector perform that connects to DocuSign’s REST API’s getUsers endpoint. The next TypeScript code defines an asynchronous perform listUsers that retrieves a listing of person accounts from an exterior API and constructs a structured output for every person:

// imports
import { Context, Response, StdAccountListHandler, StdAccountListOutput } from '@sailpoint/connector-sdk';

const listUsers: StdAccountListHandler = async (context: Context, enter: undefined, res: Response<StdAccountListOutput>) => {
    // retrieve api key and host url from context
    let apiKey = context.apiKey;
    let hostUrl = context.hostUrl;
    let hasMore = true;
    
    // url building
    let url = `https://${hostUrl}/Administration/v2/organizations/${context.organizationId}/customers`;
    
    // loop via pages
    whereas (hasMore) {
        // fetch response from the endpoint
        let response = await fetch(url, {
          headers: {
            'Authorization': `Bearer ${apiKey}`
          }
        });
        let outcomes = await response.json();
  
        // processing customers from response
        let customers = outcomes.customers;
        for (const person of customers) {
            const output: StdAccountListOutput = {
                id: person.id,
                attributes: {
                    user_name: person.user_name,
                    first_name: person.first_name,
                    last_name: person.last_name,
                    user_status: person.user_status, 
                    membership_status: person.membership_status, 
                    electronic mail: person.electronic mail,
                    created_on: person.created_on, 
                    membership_created_on: person.membership_created_on,                     
                    ds_group_id: person.company_groups.map(group => group.ds_group_id),
                    ds_group_account_id: person.company_groups.map(group => group.ds_group_account_id)                   
                }
            };
        }
        // pagination
        if (outcomes.paging.subsequent) {
          url = outcomes.paging.subsequent;
        } else {
          hasMore = false;
        }
    }
}

The next is a breakdown of what every a part of the code does:

  • Imports – The code imports a number of varieties and interfaces from @sailpoint/connector-sdk. These embrace Context, Response, StdAccountListHandler, and StdAccountListOutput, that are used to deal with the enter and output of the perform in a standardized manner inside a SailPoint setting.
  • Operate definitionlistUsers is outlined as an asynchronous perform appropriate with the StdAccountListHandler It makes use of the Context to entry configuration particulars like API keys and the bottom URL, and a Response to construction the output.
  • Retrieve API key and host URL – These are extracted from the context parameter. They’re used to authenticate and assemble the request URL.
  • URL building – The perform constructs the preliminary URL utilizing the hostUrl and organizationId from the context. This URL factors to an endpoint that returns customers related to a particular group.
  • Loop via pages – The whereas loop continues so long as there are extra pages of knowledge (hasMore is true). It serves the next features:
    • Fetch information – Contained in the whereas loop, a fetch request is made to the API endpoint. The request contains an Authorization header that makes use of the apiKey. The API’s response is transformed to JSON format.
    • Course of customers – Contained in the whereas loop, it extracts person information from the API response. The method loops via every person, developing an StdAccountListOutput object for every one. This object contains person identifiers and attributes like person names, names, standing, electronic mail, and group IDs.
    • Pagination – Contained in the whereas loop, it checks if there’s a subsequent web page URL within the pagination info (outcomes.paging.subsequent). If it exists, it updates the url for the subsequent iteration of the loop. If not, it units hasMore to false to cease the loop.

Understanding this instance helps us perceive the step-by-step technique of constructing this perform in a connector. We goal to breed this course of utilizing an LLM with a immediate chaining technique.

Generate a TypeScript connector utilizing an LLM immediate chain

There are a number of approaches to utilizing pre-trained LLMs for code technology, with various ranges of complexity:

  • Single immediate – You should utilize fashions like Anthropic’s Claude to generate code by direct prompting. These fashions can generate code in quite a lot of languages, together with TypeScript, however they don’t inherently possess domain-specific data related to the duty of constructing a connector. All of the required info, together with API specs and formatting directions, have to be supplied within the immediate, much like the directions that might be given to a developer. Nevertheless, LLMs are likely to battle when given a protracted checklist of complicated directions. It’s additionally troublesome for the immediate engineer to know which steps are difficult for the LLM.
  • Agentic frameworks with LLMs – Brokers are a complicated framework that may use instruments to carry out a sequence of complicated duties. On this case, the agent begins by breaking down the person requests into steps, searches for mandatory info utilizing instruments (a data base or net browser), and autonomously generates code from begin to end. Though they’re highly effective, these frameworks are complicated to implement, typically unstable of their conduct, and fewer controllable in comparison with different strategies. Brokers additionally require many LLM calls to carry out a activity, which makes them slightly sluggish in apply. Within the case the place the logic to carry out a activity is a set sequence of steps, brokers usually are not an environment friendly choice.
  • Immediate chain – An answer that finds a very good trade-off between the 2 earlier approaches entails utilizing a immediate chaining approach. This technique breaks the complicated downside right into a sequence of extra manageable steps and integrates them to craft the ultimate code. Every step has clear directions which can be simpler for the LLM to comply with, and a human within the loop can management the output of every step and proper the LLM if wanted. This strategy strikes a stability between flexibility and management, avoiding the extremes of the opposite two strategies.

We initially examined the LLM’s means to generate connector code primarily based on a single immediate and realized that it struggles to generate code that addresses all features of the issue, resembling pagination or nested information buildings. To verify the LLM would cowl all the mandatory elements of the connector features, and since making a connector follows a set sequence of steps, immediate chaining was essentially the most pure strategy to enhance the generated code.

The chain we used for connector technology consists of the next high-level steps:

  1. Parse the information mannequin of the API response into prescribed TypeScript courses.
  2. Generate the perform for person flattening within the format anticipated by the connector interface.
  3. Perceive the pagination of the API specs and formulate a high-level answer.
  4. Generate the code for the ListUsers perform by combining all of the intermediate steps.

Step 1 is used as an enter to Step 2, however Step 3 is separate. Each Step 2 and Step 3 outcomes are fed to Step 4 for the ultimate consequence. The next diagram illustrates this workflow.

Within the following sections, we are going to dive into the prompting strategies we used for every of those steps.

System immediate

The system immediate is a vital part of LLM prompting that usually gives the preliminary context to information the mannequin’s response. For all of the prompts within the chain, we used the next system immediate:

"""
You're an skilled net developer who has a wonderful understanding of REST APIs and backend
API growth utilizing TypeScript. Your aim is to know API specification supplied in 
OpenAPI specification or Swagger specification as YAML information and to jot down TypeScript code,
XML, API descriptions and many others. as requested within the activity description. Don't deviate from the 
supplied specification and documentation and if one thing is unclear within the specification then 
point out your uncertainty within the feedback don't make up info that isn't out there in 
the specs or description.

When writing TypeScript code, present minimal however significant feedback.
"""

Extra particularly, the system immediate is used to ascertain the function of the LLM (skilled net developer), give it a normal aim (perceive API specs and write TypeScript code), give high-level directions (add feedback within the code) and set boundaries (don’t make up info).

Information mannequin parsing

On this step, we immediate the LLM to know the construction of the API response and create TypeScript courses similar to the objects within the response. Though this step isn’t strictly mandatory for producing the response, it could assist the LLM immensely in producing an accurate connector. Much like chain-of-thought reasoning for arithmetic issues, it’s forcing the LLM to “assume” earlier than responding.

This step presents two main advantages:

  • Verbose API response simplification – API responses specified within the documentation may be fairly verbose. By changing the response construction into TypeScript courses, we compress the data into fewer strains of code, making it extra concise and easier for the LLM to grasp. This step helps be certain that the important info is prominently displayed initially.
  • Dealing with fragmented person responses – In some APIs, the person response consists of a number of fragments due to the reuse of knowledge buildings. The OpenAPI specification makes use of the $ref tag to reference these reusable elements. By changing the person response into TypeScript courses, we are able to consolidate all of the related info right into a single location. This consolidation simplifies the downstream steps by offering a centralized supply of data.

We use the next activity immediate to transform the API response into prescribed TypeScript courses:

"""
You're given an API spec of OpenAPI or Swagger for a REST API endpoint
that serves a listing of customers for Software program as a Service (SaaS) software. You'll 
be requested to extract the construction of the Person within the JSON response from the API endpoint. 

Right here is the API spec supplied between the XML tags <api-spec> </api-spec>. 
Perceive and bear in mind the API spec nicely.

<api-spec>
{api_spec}
</api-spec>

Use the next directions to create TypeScript interfaces primarily based on the construction 
of the Person. 
<directions>
- Present the code in between <data-model> </data-model> XML tags. 
- If there are any nested objects, broaden them into their very own interfaces.
- Be complete and embrace all attributes.
- Retrieve all attributes, together with these marked as not obligatory, not required, or nullable.
- The attributes are listed below `properties` part.
- Output just one Person interface that features all of the attributes from any interfaces it extends.
</directions>

The anticipated format of the output is as follows: 
<data-model> 
// Person
interface Person {{
  id: quantity;
  first_name: string;
  last_name: string;
  electronic mail: string;
  is_active: boolean;
  company_groups_ids: quantity[];
  other_attribute: string;
  nested_type: NestedType[];
}}

// Some complicated sort
interface NestedType {{
    type_id: string;
    some_string_attribute: string;
    some_number_attribute: quantity;
}}

</data-model>
"""

Within the previous immediate template, the variable {api_spec} is changed with the API specification of the endpoint. A particular instance for a DocuSign ListUsers endpoint is supplied within the appendix.

The next code is an instance of the LLM-generated courses when utilized to the DocuSign API specs. This has been parsed out of the <data-model> tags.

// Person
interface Person  'created' 
  
// DsGroup
interface DsGroup {
    ds_group_id: string; // format: uuid
    account_id: string; // format: uuid
    source_product_name: string;
    group_id: string;
    group_name: string;
    description: string;
    is_admin: boolean;
    last_modified_on: string; // format: date-time
    user_count: quantity; // format: int32
    external_account_id: quantity; // format: int64
    account_name: string;
    membership_id: string; // format: uuid
}

Person flattening perform technology

The anticipated construction for every person is an object consisting of two properties: an identifier and a dictionary of attributes. The attributes dictionary is a map that associates string keys with both primitive attributes (quantity, Boolean, or string) or an array of primitive attributes. due to the potential for arbitrarily nested JSON object buildings within the response, we use the capabilities of an LLM to generate a person flattening and conversion perform. Each the person ID and the attributes are extracted from the response. By using this strategy, we successfully separate the intricate activity of changing the person construction from the REST API response into the required format for the SailPoint connector SDK (hereafter known as the connector SDK).

The advantages of this strategy are twofold. First, it permits for a cleaner and extra modular code design, as a result of the complicated conversion course of is abstracted away from the principle code base. Second, it allows larger flexibility and adaptableness, as a result of the conversion perform may be modified or regenerated to accommodate adjustments within the API response construction or the connector SDK necessities, with out necessitating intensive modifications to the encircling code base.

We use the next immediate to generate the conversion perform, which takes as enter the information mannequin generated within the earlier step:

"""
Perceive and bear in mind the next information mannequin supplied 
as a set of TypeScript class definitions.
You can be required to generate a TypeScript perform primarily based on the 
information mannequin supplied between <data-model> </data-model> XML tags.

<data-model>
{data_model}
</data-model>

DO NOT use the TypeScript interfaces outlined above within the code you write, 
as they are going to be unavailable. Substitute them with the sort `any` the place required 
to jot down code that works with strict TypeScript.

Given the TypeScript class definitions and information mannequin above, your objectives is to
write a TypeScript perform that transforms the person into an object containing two
keys - an `id` and `attributes`. The attributes is a listing of attributes
apart from the identifier attribute.

Listed below are the foundations for mapping attributes from the person object to attributes discipline:

<instructions-for-mapping>
- The perform takes in a person and return StdAccountListOutput.
- Extract all attributes specified within the person schema above within the <data-model>
- attributes can solely comprise both primitives values or array of primitive values.
- Decide the kind of the attribute from the <data-model> above. Don't guess it from the
names of the attributes. E.g. if the identify is plural do not assume it's an array.
- All primitive attributes resembling string and numbers are copied with out transformation.
- All arrays of primitive attributes are copied with out transformation.
- All objects are flattened out and their attributes are copied as easy attributes.
- All arrays of objects are transformed into a number of attributes the place every attribute is an array of primitive sort. 
See additional instruction under between the XML tags <object-array-instructions>.
- Use `any` sort in features and arrow perform definitions in order that it really works with TypeScript.
</instructions-for-mapping>


<object-array-instructions>

Take into account the next construction of the response the place `obj_array` is an attribute that's array of objects of sort `MyObj`.
Then within the flattening course of, for the response, you will have to transform the `obj_array` attribute 
into a number of attributes like `obj_array_attribute1`, `obj_array_attribute2` every of which is an array of strings on this case.

interface Person {{
  id: string; // format: uuid
  user_name: string;
  first_name: string;
  obj_array: MyObject[];
}}

interface MyObj {{
  attribute1: string; // format: uuid
  attribute2: string; // format: uuid
  attribute3: string;
}}
 </object-array-instructions>


Output the code based on the template program under enclosed between the <user-mapping-function> XML tags.

This perform is a component of a bigger program so preserve the StdAccountListOutput within the perform as it's.
Don't overcomplicate and write easy, nicely readable code. 

<user-mapping-function>

perform flattenUser(person: any): StdAccountListOutput {{
  return {{
    id: person.id,
    attributes: {{
      first_name: person.first_name,
      last_name: person.last_name,
      user_type: person.sort,
      login: person.login,
      electronic mail: person.electronic mail,
      location: person.location,
      employee_id: person.employee_id,
      reviewer_id: person.reviewer_id,
      is_active: person.is_active,
      struct_array_attribute: person.struct_array.map( (val: any) => val.struct_attribute)
    }}
  }}
}};

</user-mapping-function>
"""

Within the previous immediate template, we substitute the {data_model} variable with the information mannequin of TypeScript courses extracted within the earlier technology step of parsing the information mannequin.

The next code is an instance of the LLM-generated person flattening perform when utilized to the DocuSign API:

perform flattenUser(person: any): StdAccountListOutput {
    const id = person.id;
    const attributes: { [key: string]: any } = {};
  
    // Copy primitive attributes
    attributes.user_name = person.user_name;
    attributes.first_name = person.first_name;
    attributes.last_name = person.last_name;
    attributes.user_status = person.user_status;
    attributes.membership_status = person.membership_status;
    attributes.electronic mail = person.electronic mail;
    attributes.created_on = person.created_on;
    attributes.membership_created_on = person.membership_created_on;
  
    // Convert array of objects to a number of attributes
    const dsGroupAttributes: { [key: string]: any[] } = {};
    person.ds_groups.forEach((dsGroup: any) => );
  
    Object.assign(attributes, dsGroupAttributes);
  
    return {
      id,
      attributes
    };
}

Pagination understanding

As talked about earlier, the REST API can implement a number of pagination schemes. Usually, the pagination particulars aren’t explicitly talked about. Throughout the growth of the chain, we discovered that when there are a number of pagination schemes, the LLM would combine up components of various pagination schemes and output code that isn’t coherent and generally additionally comprises errors. As a result of looping over the paged outcomes is an important step, we separate out this step within the code technology to let the LLM perceive the pagination scheme applied by the API and formulate its response at a excessive degree earlier than outputting the code. This enables the LLM to assume step-by-step in formulating the response. This step generates the intermediate reasoning, which is fed into the subsequent and ultimate step: producing the checklist customers perform code.

We use the next immediate to get the pagination logic. As a result of we’re utilizing Anthropic’s Claude Sonnet on Amazon Bedrock, we ask the LLM to output the logic in XML format, which is thought to be an environment friendly technique to construction info for that mannequin.

"""
Perceive and bear in mind the next OpenAPI specification supplied between the
<api-spec> </api-spec> XML tags. You'll reply questions primarily based on this specification,
which describes an endpoint for itemizing customers from a SaaS software. 

<api-spec>
{api_spec}
</api-spec>

Along with the specification, use the next details about the API to 
perceive the small print that aren't out there within the spec. The main points
are included in between XML tags <api-info> </api-info>.

<api-info>
{api_info}
</api_info>

The checklist customers API is used to acquire a listing of customers from the API. This API
could implement a number of pagination schemes to retrieve the checklist of customers. 
Pagination is used to retrieve pages of outcomes one after the other as a substitute of 
suddenly.

Your aim is to know the a number of pagination schemes applied 
within the API finish level and use the only scheme to loop over the pages
to retrieve all of the customers. 

First describe in particulars how the pagination is applied by the API 
in a step-by-step method. Embody the small print of learn how to get the primary 
web page after which learn how to get the next pages. Present the output in between
the XML tags <pagination-logic> </pagination-logic>. If the API doesn't 
implement pagination then output "No pagination applied".

If the API implements a number of pagination schemes: 
- Choose the best scheme and implement utilizing solely that one scheme. 
- If the API response comprises a subsequent URL both within the response physique or the 
headers, choose that pagination scheme over extra complicated offset-based schemes.

If there's inadequate or lacking info within the specs then don't
make up or guess it. Specify it within the output.

Output the ends in the next format

<pagination-logic>
    <pagination-schemes> checklist all of the pagination schemes <pagination-schemes>
    <selected-scheme> choose one scheme to implement looping </selected-scheme>
    <steps-first-page> steps to get first web page </steps-first-page>
    <steps-next> steps to get subsequent web page </steps-next>
    <termination-logic> situation for exiting loop </termination-logic>
    <information-complete> sure/no </information-complete>
</pagination-logic>
"""

Within the previous immediate template, the variable {api_spec} is changed with the API specification. An instance of the DocuSign API is supplied within the appendix on the finish of this publish. The variable {api_info} may be changed with extra API documentation in pure language, which is left as an empty string within the DocuSign instance.

The next is the LLM’s response for the pagination logic extraction within the case of the DocuSign API, parsed out of the <pagination-logic> tags:

"""
<pagination-schemes>
1. Offset-based pagination utilizing the beginning and take question parameters. 
2. Index-based pagination utilizing the beginning and finish question parameters. 
3. Hyperlink-based pagination utilizing the subsequent and former hyperlinks within the response.
</pagination-schemes>

<selected-scheme>
Hyperlink-based pagination utilizing the subsequent and former hyperlinks within the response.
</selected-scheme>

<steps-first-page>
1. Make a GET request to the /v2/organizations/{organizationId}/customers endpoint with none pagination parameters. 
2. The response will comprise the primary web page of outcomes and a subsequent hyperlink for the subsequent web page (if there are extra outcomes).
</steps-first-page>

<steps-next>
1. Examine if the response comprises a subsequent hyperlink. 
2. If the subsequent hyperlink is current, make a GET request to the URL supplied within the subsequent hyperlink. 
3. The response will comprise the subsequent web page of outcomes and a subsequent hyperlink for the next web page (if there are extra outcomes).
</steps-next>

<termination-logic>
Proceed making requests to the subsequent hyperlink till the response now not comprises a subsequent hyperlink, indicating that there aren't any extra pages.
</termination-logic>

<information-complete>
sure
</information-complete>
"""

ListUsers perform technology

This ultimate step within the chain combines the data extracted within the earlier steps along with the person flattening perform generated within the earlier steps to formulate the ultimate response, which is the TypeScript perform that retrieves a listing of customers from the supplied API.

We use the next immediate to generate the whole TypeScript perform:

"""
Your activity is to jot down a TypeScript program to retrieve a listing of customers from REST API. Detailed
directions for the duty are supplied under. The API usually returns a set of customers at a
time, you'll have to paginate via the outcomes to retrieve all customers whereas there are extra 
outcomes remaining.

Perceive and bear in mind the next OpenAPI YAML specification supplied between the
<api-spec> </api-spec> XML tags you may be requested to jot down a TypeScript program primarily based on it.

<api-spec>
{api_spec}
</api-spec>

Along with the specs the next documentation and implementation particulars concerning the
API are supplied in between the XML tags <api-info> </api-info>.

<api-info>
{api_info}
</api_info>

The next pagination logic laid out in between <pagination-logic> </pagination-logic> XML 
tags gives excessive degree particulars on  learn how to implement looping over paginated outcomes to retrieve 
all of the customers. Choose the pagination based on the desire mentions within the pagination logic under.

<pagination-logic>
{pagination_logic}
</pagination-logic>


Now, implement a TypeScript perform that retrieves all of the customers following the directions under
<directions>
- Don't modify the `flattenUser` perform and reproduce it as it's.
- Change solely the BODY of `listUsers` perform however don't modify the perform signature as it's
a part of the massive program that expects this perform signature.
- Don't create or invent any new varieties.
- For pagination adhere to the directions supplied in <pagination-logic> and <api-spec>
- If pagination requires variety of outcomes, then fetch 50 customers at a time.
- Assume that `context.hostUrl` from the enter context will present the API hostname and port within the 
format "hostname:port_number" or "host_ip_address:port_number".
- If the API makes use of a Hyperlink primarily based pagination you then usually don't must reconstruct the url utilizing
`hostUrl` as the whole hyperlink shall be supplied within the subsequent url or within the hyperlink headers.
- substitute the `endpoint_url` with the endpoint url supplied within the specs.
- You possibly can assume that any required values resembling `apiKey` shall be supplied within the `context` variable.
- Change the authorization headers to match the data within the headers.
- Assume that any parameters which can be required to assemble the trail are equipped via `context` variable. The names of such variable 
will match precisely with the variable specified within the templated path within the API specs.
</directions>

Right here is the instance output

<example-template>
import {{ Context, Response, StdAccountListHandler, StdAccountListOutput }} from '@sailpoint/connector-sdk';

{flatten_user_function}

const listUsers: StdAccountListHandler = async (context: Context, enter: undefined, res: Response<StdAccountListOutput>) => {{
    let apiKey = context.apiKey;
    let hostUrl = context.hostUrl;
    let hasMore = true;

    let url="http://${{hostUrl}}/{{endpoint_path}}";
    whereas (hasMore) {{

        // fetch response from the endpoint
        let response = await fetch(url, {{
          headers: {{
            'Authorization': `${{apiKey}}`
          }}
        }});
        let outcomes = await response.json();

        // get the customers from the returned outcomes
        let customers = outcomes.customers;
        for (let person of customers) {{
            flattened_user = flattenUser(person)
            res.ship(flattened_user);
        }}

        // Set the url to the "subsequent" URL from the response whether it is out there
        if (outcomes.subsequent) {{
          url = outcomes.subsequent;
        }} else {{
          hasMore = false;
        }}
    }}
}}
</example-template>

Output the generated code between the XML tags <list-users-code> </list-users-code> and 
solely output the code with none extra formatting like triple quotes.
"""

On this immediate, we substitute {flatten_user_function} with the flattenUser that was generated earlier and {pagination_logic} with the one which was generated earlier. We offer a template for the listUsers perform to ensure the ultimate output meets the necessities for the connector perform. The ensuing output is the next listUsers perform, which makes use of the flattenUser perform from earlier:

const listAccounts: StdAccountListHandler = async (context: Context, enter: undefined, res: Response<StdAccountListOutput>) => {
    let apiKey = context.apiKey;
    let hostUrl = context.hostUrl;
    let organizationId = context.organizationId;
    let hasMore = true;

    let url = `https://${hostUrl}/Administration/v2/organizations/${organizationId}/customers`;
    whereas (hasMore) {

        // fetch response from the endpoint
        let response = await fetch(url, {
          headers: {
            'Authorization': `Bearer ${apiKey}`
          }
        });
        let outcomes = await response.json();

        // get the customers from the returned outcomes
        let customers = outcomes.customers;
        for (let person of customers) {
            let flattened_user = flattenUser(person)
            res.ship(flattened_user);
        }

        // Set the url to the "subsequent" URL from the response whether it is out there
        if (outcomes.paging.subsequent) {
          url = outcomes.paging.subsequent;
        } else {
          hasMore = false;
        }
    }
}

Classes discovered

On this publish, we demonstrated how LLMs can tackle complicated code technology issues by using varied core prompting ideas and the immediate chaining approach. Though LLMs excel at following clearly outlined directions and producing small code snippets, this use case concerned a considerable quantity of contextual info within the type of API specs and person directions. Our findings from this train are the next:

  • Decomposing complicated issues – Breaking down a posh code technology downside into a number of intermediate steps of decrease complexity enhances the LLM’s efficiency. Offering a single complicated immediate may end up in the LLM lacking some directions. The immediate chaining strategy enhances the robustness of the technology, sustaining higher adherence to directions.
  • Iterative optimization – This technique permits for iterative optimization of intermediate steps. Every a part of the chain may be refined independently earlier than shifting to the subsequent step. LLMs may be delicate to minor adjustments in directions, and adjusting one facet can unintentionally have an effect on different goals. Immediate chaining presents a scientific technique to optimize every step independently.
  • Dealing with complicated selections – Within the part on understanding pagination, we illustrated how LLMs can purpose via varied choices and make complicated selections earlier than producing code. As an example, when the enter API specification helps a number of pagination schemes, we prompted the LLM to resolve on the pagination strategy earlier than implementing the code. With direct code technology, with out utilizing an intermediate reasoning step, the LLM tended to combine components of various pagination schemes, leading to inconsistent output. By forcing decision-making first, in pure language, we achieved extra constant and correct code technology.

By means of automated code technology, SailPoint was in a position to dramatically cut back connector growth time from hours or days to mere minutes. The strategy additionally democratizes code growth, so that you don’t want deep TypeScript experience or intimate familiarity with SailPoint’s connector SDK. By accelerating connector technology, SailPoint considerably shortens the general buyer onboarding course of. This streamlined workflow not solely saves useful developer time but in addition allows sooner integration of various techniques, in the end permitting clients to make use of SailPoint’s id safety options extra quickly and successfully.

Conclusion

Our AI-powered answer for producing connector code opens up new prospects for integrating with REST APIs. By automating the creation of connectors from API specs, builders can quickly construct sturdy connections to any REST API, saving developer time and decreasing the time to worth for onboarding new clients. As demonstrated on this publish, this know-how can considerably streamline the method of working with various APIs, permitting groups to give attention to utilizing the information and performance these APIs present slightly than getting overwhelmed by connector code particulars. Take into account how such an answer may improve your personal API integration efforts—it might be the important thing to extra environment friendly and efficient use of the myriad APIs out there in immediately’s interconnected digital panorama.

Concerning the Authors

Erik Huckle is the product lead for AI at SailPoint, the place he works to unravel vital buyer issues within the id safety ecosystem via generative AI and information applied sciences. Previous to SailPoint, Erik co-founded a startup in robotic automation and later joined AWS as the primary product rent at Amazon One. Erik mentors native startups and serves as a board member and tech committee lead for a EdTech nonprofit group.

Tyler McDonnell is the engineering head of AI at SailPoint, the place he leads the event of AI options to drive innovation and impression in id safety world. Previous to SailPoint, Tyler led machine studying analysis and engineering groups at a number of early to late-stage startups and revealed work in domains spanning software program upkeep, info retrieval, and deep studying. He’s keen about constructing merchandise that use AI to convey optimistic impression to actual individuals and issues.

Anveshi Charuvaka is a Senior Utilized Scientist on the Generative AI Innovation Heart, the place he helps clients undertake Generative AI by implementing options for his or her vital enterprise challenges. With a PhD in Machine Studying and over a decade of expertise, he makes a speciality of making use of revolutionary machine studying and generative AI strategies to handle complicated real-world issues.

Aude Genevay is a Senior Utilized Scientist on the Generative AI Innovation Heart, the place she helps clients sort out vital enterprise challenges and create worth utilizing generative AI. She holds a PhD in theoretical machine studying and enjoys turning cutting-edge analysis into real-world options.

Mofijul Islam is an Utilized Scientist II on the AWS Generative AI Innovation Heart, the place he helps clients sort out complicated, customer-centric analysis challenges utilizing generative AI, giant language fashions (LLM), multi-agent studying, and multimodal studying. He holds a PhD in machine studying from the College of Virginia, the place his work targeted on multimodal machine studying, multilingual NLP, and multitask studying. His analysis has been revealed in top-tier conferences like NeurIPS, ICLR, AISTATS, and AAAI, in addition to IEEE and ACM Transactions.

Yasin Khatami is a Senior Utilized Scientist on the Generative AI Innovation Heart. With greater than a decade of expertise in synthetic intelligence (AI), he implements state-of-the-art AI merchandise for AWS clients to drive effectivity and worth for buyer platforms. His experience is in generative AI, giant language fashions (LLM), multi-agent strategies, and multimodal studying.

Karthik Ram is a Principal Options Architect with Amazon Internet Providers primarily based in Columbus, Ohio. He works with Impartial Software program Distributors (ISVs) to construct safe and revolutionary cloud options, together with serving to with their merchandise and fixing their enterprise issues utilizing data-driven approaches. Karthik’s space of depth is Cloud Safety with a give attention to Infrastructure Safety and menace detection.

Appendix

The next API specs have been used for the experiments on this publish:

Copyright (c) 2017- DocuSign, Inc. (https://www.docusign.com)
swagger: '2.0'
information:
  title: DocuSign API
  model: v2.1
host: api.docusign.internet
basePath: "/Administration"
schemes:
- https
consumes:
- software/json
produces:
- software/json
paths:
  "/v2/organizations/{organizationId}/customers":
    get:
      tags:
      - Customers
      abstract: Returns details about the customers in a corporation.
      description: |-
        Returns details about the customers in a corporation.

        You need to embrace no less than one of many following question parameters within the request:

        - `account_id`: The ID of an account related to the group.
        - `organization_reserved_domain_id`: The ID of one of many group's reserved domains.
        - `electronic mail`: An electronic mail tackle related to the customers that you simply need to return.
      operationId: OrganizationUser_OrganizationUsers_GetV2
      produces:
      - software/json
      parameters:
      - identify: organizationId
        in: path
        description: The group ID Guid
        required: true
        sort: string
        format: uuid
      - identify: begin
        in: question
        description: Index of first merchandise to incorporate within the response. The default worth
          is 0.
        required: false
        sort: integer
        format: int32
      - identify: take
        in: question
        description: Web page dimension of the response. The default worth is 20.
        required: false
        sort: integer
        format: int32
      - identify: finish
        in: question
        description: Index of the final merchandise to incorporate within the response. Ignored if
          `take` parameter is specified.
        required: false
        sort: integer
        format: int32
      - identify: electronic mail
        in: question
        description: E mail tackle of the specified person. A minimum of certainly one of `electronic mail`, `account_id`
          or `organization_reserved_domain_id` have to be specified.
        required: false
        sort: string
      - identify: email_user_name_like
        in: question
        description: Selects customers by sample matching on the person's electronic mail tackle
        required: false
        sort: string
      - identify: standing
        in: question
        description: Standing.
        required: false
        sort: string
      - identify: membership_status
        in: question
        description: |
          The person's membership standing. One among:

          - `activation_required`
          - `activation_sent`
          - `energetic`
          - `closed`
          - `disabled`
        required: false
        sort: string
      - identify: account_id
        in: question
        description: Choose customers which can be members of the desired account. A minimum of
          certainly one of `electronic mail`, `account_id` or `organization_reserved_domain_id` have to be
          specified.
        required: false
        sort: string
        format: uuid
      - identify: organization_reserved_domain_id
        in: question
        description: Choose customers which can be within the specified area. A minimum of certainly one of
          `electronic mail`, `account_id` or `organization_reserved_domain_id` have to be specified.
        required: false
        sort: string
        format: uuid
      - identify: last_modified_since
        in: question
        description: Choose customers whose information have been modified for the reason that date specified.
          `account_id` or `organization_reserved_domain_id` have to be specified.
        required: false
        sort: string
      responses:
        '200':
          description: OK
          schema:
            sort: object
            properties:
              customers:
                sort: array
                gadgets:
                  sort: object
                  properties:
                    id:
                      format: uuid
                      sort: string
                      instance: 00000000-0000-0000-0000-000000000000
                      description: The person's distinctive ID.
                    user_name:
                      sort: string
                      description: The total identify of the person.
                    first_name:
                      sort: string
                      description: The person's first identify.
                    last_name:
                      sort: string
                      description: The person's final identify.
                    user_status:
                      sort: string
                      description: |
                        The person's standing. One among:

                        - `energetic`
                        - `created`
                        - `closed`
                    membership_status:
                      sort: string
                      description: |
                        The person's membership standing. One among:

                        - `activation_required`
                        - `activation_sent`
                        - `energetic`
                        - `closed`
                        - `disabled`
                    electronic mail:
                      sort: string
                      description: The e-mail tackle.
                    created_on:
                      format: date-time
                      sort: string
                      description: The date the person's account was created.
                    membership_created_on:
                      format: date-time
                      sort: string
                      description: The date on which the person turned a member of the group.
                    ds_groups:
                      sort: array
                      gadgets:
                        sort: object
                        properties:
                          ds_group_id:
                            format: uuid
                            sort: string
                            instance: 00000000-0000-0000-0000-000000000000
                            description: ''
                          account_id:
                            format: uuid
                            sort: string
                            instance: 00000000-0000-0000-0000-000000000000
                            description: Choose customers which can be members of the desired account. A minimum of
                              certainly one of `electronic mail`, `account_id` or `organization_reserved_domain_id` have to be
                              specified.
                          source_product_name:
                            sort: string
                          group_id:
                            sort: string
                          group_name:
                            sort: string
                          description:
                            sort: string
                          is_admin:
                            sort: boolean
                          last_modified_on:
                            format: date-time
                            sort: string
                          user_count:
                            format: int32
                            sort: integer
                          external_account_id:
                            format: int64
                            sort: integer
                          account_name:
                            sort: string
                          membership_id:
                            format: uuid
                            sort: string
                            instance: 00000000-0000-0000-0000-000000000000
                  description: Details about a person.
                description: A listing of customers.
              paging:
                  sort: object
                  properties:
                    result_set_size:
                      format: int32
                      sort: integer
                      description: The variety of gadgets in a consequence set (web page).
                    result_set_start_position:
                      format: int32
                      sort: integer
                      description: The index place of the primary consequence on this set.
                    result_set_end_position:
                      format: int32
                      sort: integer
                      description: The index place of the final consequence on this set.
                    total_set_size:
                      format: int32
                      sort: integer
                      description: The full variety of outcomes.
                    subsequent:
                      sort: string
                      description: 'A URL to the subsequent set of outcomes. '
                    earlier:
                      sort: string
                      description: 'A URL to the earlier set of outcomes. '
                  description: Incorporates details about paging via the outcomes.
            description: A response containing details about customers.

More Stories

LangChain’s Father or mother Doc Retriever — Revisited | by Omri Eliyahu Levy

November 21, 2024 thefutureofworkinfo

Automate Q&A e-mail responses with Amazon Bedrock Information Bases

November 21, 2024 thefutureofworkinfo

The best way to Construct a Information-Pushed Buyer Administration System | by Hans Christian Ekne | Nov, 2024

November 20, 2024 thefutureofworkinfo

Leave a Reply

Your email address will not be published. Required fields are marked *

You may have missed

LangChain’s Father or mother Doc Retriever — Revisited | by Omri Eliyahu Levy

November 21, 2024 thefutureofworkinfo

EON Actuality Launches Strategic Rollout Plan for Its Groundbreaking Direct-to-Shopper Platform in Q1 2025 – EON Actuality

November 21, 2024 thefutureofworkinfo

Automate Q&A e-mail responses with Amazon Bedrock Information Bases

November 21, 2024 thefutureofworkinfo

8 impressions from co-creating the sounds of the longer term

November 21, 2024 thefutureofworkinfo

2024 High On-line Furnishings Web sites – Greatest 3D Options

November 21, 2024 thefutureofworkinfo