Give your app exactly the data it needs β before your backend exists.
Describe whatever endpoint your app in natural language, drop in an OpenAPI spec β Zero-1 spins up live REST endpoints with realistic seeded data, full CRUD, and FK relationships. Tracks denormalized copies, propagates schema changes across existing data, and warns before a change would break a reference. Pair it with Claude Code to become an execution layer β all AI reasoning happens in your session, Zero-1 handles data, routing, and state locally. Export the schema when you're ready for your agent to build a working backend.
β― I'm building a marketplace, I need sellers, products under /sellers/:id/products,
and reviews under /products/:id/reviews. seed it heavy,
like 5000 products and 10k reviews. gate writes with Bearer auth.
3 resources Β· 15100 records
Β· sellers 100 records
Β· products 5000 records path: /sellers/:sellerId/products
Β· reviews 10000 records path: /products/:productId/reviews
β³ products.sellerId β sellers.id
β³ reviews.productId β products.id
header guard: POST|PUT|PATCH|DELETE * β Authorization: Bearer required
z1-demo.mp4 #
From source:
git clone https://github.com/thomscoder/zero-1 && cd zero-1
ANTHROPIC_API_KEY=sk-ant-... bun run cli.ts
Or install the CLI:
curl -fsSL https://raw.githubusercontent.com/thomscoder/zero-1/main/scripts/install.sh | sh
Run Zero-1 as an HTTP server. Describe scenarios in the REPL or via API. One AI call per intent β schema parsing only. All data generation, CRUD, filtering, and graph tracking run locally with zero API calls.
z1 # start + REPL
z1 --model gpt-4o # use a specific model
ANTHROPIC_API_KEY=sk-ant-... bun run cli.ts
Zero-1's primary mode. Claude Code IS the AI. Zero-1 executes.
z1 launch claude
z1 launch claude --model claude-opus-4-6
Starts the Zero-1 server and spawns Claude Code with the MCP pre-wired. Claude Code handles all reasoning and schema decisions. Zero-1 receives structured plans and executes them locally β zero redundant AI calls. Every token in your Claude Code session does actual work.
Export your Zero-1 schema as a working production backend.
z1 export --scaffold hono --out ./my-app # generate from .z1/state.json
z1 patch hono # sync changes (last-write-wins)
Or from the REPL:
z1 βΊ .export --scaffold hono
z1 βΊ .patch hono
Generates a complete Hono project: typed routes, in-memory data seeded with real records, TypeScript interfaces, and a /sync
slash command for Claude Code. When your real backend is ready, the scaffold is the spec.
Load a real provider's API shape instantly β no spec hunting, no key required:
GET /__generate/import/preset
POST /__generate/import/preset
{ "provider": "stripe" }
POST /__generate/import/preset
{ "provider": "github" }
Available: github
Β· google
Β· stripe
Β· linkedin
Β· shopify
Each preset loads the correct real-world endpoint paths, realistic field shapes, and a pre-configured OAuth flow for that provider.
Point Zero-1 at any OpenAPI 3.x or Swagger 2.0 spec β URL or raw JSON:
POST /__generate/import/openapi
{ "url": "https://petstore3.swagger.io/api/v3/openapi.json" }
{ "spec": { ...raw spec object... } }
Handles $ref
resolution (recursive), allOf
merges, oneOf
/anyOf
variants, and any path depth. Data is generated locally from the schema β no AI call.
One description (or import) registers all resources with full CRUD β GET
, POST
, PUT
, PATCH
, DELETE
. IDs are auto-incremented. FK references are always valid (data generated in dependency order).
Filter, search, sort β all query params, stackable:
GET /posts?role=admin&q=launch&sort=likes:desc&limit=10
Resources can live at any URL shape:
/api/v1/users
/payments/:paymentId/invoices
/orgs/:orgId/teams/:teamId/members
Named segments (:param
) become FK equality filters on GET collection and are auto-populated on POST. The item ID is always the trailing segment: GET /payments/42/invoices/7
.
"...when an order is created, subtract quantity from product stock. when stock hits 0, flip status to out_of_stock."
Describe side-effect logic inline. Supported operations: increment/decrement a field, set a value. Triggers fire synchronously on every matching mutation.
"...add a views counter, rename likes to reactions, drop published. require X-API-Key on write requests."
Zero-1 sends only the schema to the AI (never the records), applies the diff, and backfills existing data locally. Added fields get context-aware generated values. Renamed fields preserve their values.
"...cursor-based, 20 per page, useafter
as cursor param,edges
for data array"
Configure the envelope your real API will produce. Zero-1 matches it. Supports page, offset, and cursor styles with customisable param names and response shapes.
"...require X-API-Key on all write requests to posts. inject X-Request-Id into every response."
Per-resource request guards and response header injection. Your frontend gets real 401s and real rejection bodies β no auth server needed.
"...authorization code flow with PKCE. scopes: read, write, admin. JWT tokens, 1 hour expiry."
Full mock OAuth 2.0 / OIDC provider. Registers authorization, token, revoke, introspect, userinfo, and discovery endpoints. Per-client scope enforcement. Token signing via Web Crypto API (HS256) β no JWT library.
"...30% error rate on POST /orders and 500msβ2s latency on all requests"
{ "resource": "orders", "method": "POST", "errorRate": 0.3, "errorCode": 503 }
{ "resource": "*", "method": "*", "latency": { "min": 200, "max": 800 } }
{ "resource": "users", "rateLimit": { "requests": 10, "windowSeconds": 60 } }
Zero-1 maintains a live graph of every resource β FK edges, denormalized copies, observed field types.
Write-through propagation β every PATCH
/PUT
walks the provenance graph and updates denormalized copies automatically.
Impact analysis β before applying a schema change, ask what breaks:
"What breaks if I switch the plan id to a string slug?"
Returns which FK references would stop resolving and which denormalized copies would go stale. Via MCP this is part of the natural workflow; via the API it's POST /__generate/graph/analyze
.
Add two-factor authentication to any resource inline:
"...users with 2FA on login. OTP expires in 5 minutes."
Zero-1 registers POST /users/login
and POST /users/verify
endpoints. OTP codes are cryptographically random, 6-digit, single-use. Inspect pending codes at GET /__generate/2fa/pending
.
"...each user should only see their own posts"
Per-resource per-user data isolation using JWT claims. Collection GETs filter automatically, item GETs return 403 for wrong owner, POSTs auto-set the owner field from the token.
Zero-1 exposes its full surface as MCP tools for Claude Code and other AI agents.
Manual setup (if not using z1 launch claude
):
// .claude/mcp.json
{
"mcpServers": {
"zero-1": {
"command": "bun",
"args": ["run", "/path/to/zero-1/mcp.ts", "--url", "http://localhost:7777"]
}
}
}
Tools include: create_scenario
, evolve_schema
, get_schema
, list_resources
, inspect_graph
, analyze_impact
, configure_headers
, configure_oauth
, configure_pagination
, add_chaos
, snapshot
, reset
, export_openapi
, get_2fa_codes
, and more.
Zero-waste architecture: every tool that normally triggers an AI call accepts a structured bypass. When called from Claude Code, Zero-1 skips its own AI calls entirely β Claude Code produces the plan, Zero-1 executes it. One AI session. No overhead.
Zero-1 is bring-your-own-key. One AI call per intent β schema parsing only. Everything else is local.
ANTHROPIC_API_KEY=sk-ant-... bun run cli.ts
AI_PROVIDER=openai OPENAI_API_KEY=sk-... bun run cli.ts
AI_PROVIDER=ollama bun run cli.ts
| Variable | Default | Description |
|---|---|---|
AI_PROVIDER |
||
anthropic |
||
anthropic , openai , or ollama |
||
AI_MODEL |
||
| provider default | Override the model (e.g. gpt-4o , llama3.2 , claude-opus-4-6 ) |
|
ANTHROPIC_API_KEY |
||
| required for anthropic | Your Anthropic key | |
OPENAI_API_KEY |
||
| required for openai | Your OpenAI key | |
OPENAI_BASE_URL |
||
https://api.openai.com/v1 |
||
| Base URL for OpenAI-compatible APIs | ||
OLLAMA_BASE_URL |
||
http://localhost:11434 |
||
| Base URL for Ollama | ||
API_KEY |
||
| β | Protect /__generate/* meta endpoints with Bearer auth. CRUD routes unaffected. |
|
PORT |
||
7777 |
||
| HTTP port |
CLI flags:
z1 [--key sk-ant-...] [--port 7777] [--model claude-opus-4-6] [--web] ["inline prompt"]
z1 launch claude [--port 7777] [--model claude-opus-4-6]
| Method | Path | Description |
|---|---|---|
POST |
||
/__generate/scenario |
||
| Create resources from a description or structured plan | ||
GET |
||
/__generate/resources |
||
| List all resources with schemas and record counts | ||
DELETE |
||
/__generate/resources |
||
| Delete all resources | ||
DELETE |
||
/__generate/resources/:name |
||
| Delete a specific resource | ||
GET |
||
/__generate/schema/:name |
||
| Raw ParsedField[] schema for a resource | ||
POST |
||
/__generate/evolve |
||
| Evolve a resource's schema | ||
POST |
||
/__generate/pagination |
||
| Configure pagination for a resource | ||
POST |
||
/__generate/snapshot |
||
| Save a snapshot | ||
POST |
||
/__generate/reset |
||
| Restore from last snapshot |
| Method | Path | Notes |
|---|---|---|
GET |
||
/:name |
||
?field=val , ?q=term , ?sort=field:asc , ?explain=true |
||
POST |
||
/:name |
||
| ID auto-assigned | ||
GET |
||
/:name/:id |
||
PUT |
||
/:name/:id |
||
| Full replace | ||
PATCH |
||
/:name/:id |
||
| Partial update | ||
DELETE |
||
/:name/:id |
||
| Returns 204 |
Custom paths (e.g. /payments/:paymentId/invoices
) work identically β named segments filter by FK equality.
| Method | Path | Description |
|---|---|---|
POST |
||
/__generate/oauth/configure |
||
| Configure from description or structured OAuthConfig | ||
GET |
||
/__generate/oauth/status |
||
| Config + token stats | ||
GET |
||
/__generate/oauth/authorize |
||
| Authorization endpoint (auto-approves, 302 redirect) | ||
POST |
||
/__generate/oauth/token |
||
| Token endpoint (auth_code, client_credentials, refresh) | ||
POST |
||
/__generate/oauth/revoke |
||
| RFC 7009 revocation | ||
POST |
||
/__generate/oauth/introspect |
||
| Token introspection | ||
GET |
||
/__generate/oauth/userinfo |
||
| OIDC userinfo (Bearer token required) | ||
GET |
||
/__generate/oauth/.well-known/openid-configuration |
||
| OIDC discovery | ||
GET |
||
/__generate/oauth/.well-known/jwks.json |
||
| JWKS |
| Method | Path | Description |
|---|---|---|
GET |
||
/__generate/graph |
||
| Full graph dump (resources, FK edges, provenance edges) | ||
POST |
||
/__generate/graph/analyze |
||
{ resource, fields, typeChange? } β impact report |
| Method | Path | Description |
|---|---|---|
POST/GET/DELETE |
||
/__generate/chaos |
||
| Add / list / clear chaos rules | ||
DELETE |
||
/__generate/chaos/:id |
||
| Remove a specific rule | ||
GET/DELETE |
||
/__generate/triggers |
||
| List / clear triggers | ||
DELETE |
||
/__generate/triggers/:id |
||
| Remove a specific trigger | ||
POST |
||
/__generate/headers/configure |
||
| Configure header guards | ||
GET/DELETE |
||
/__generate/headers |
||
| List / clear header rules | ||
DELETE |
||
/__generate/headers/:id |
||
| Remove a specific rule | ||
POST/GET/DELETE |
||
/__generate/scoping |
||
| Add / list / clear JWT scoping rules | ||
GET |
||
/__generate/2fa/pending |
||
| Inspect pending OTP codes | ||
DELETE |
||
/__generate/2fa |
||
| Clear all OTP codes | ||
GET |
||
/__generate/log |
||
| Request log (newest first, max 500) | ||
DELETE |
||
/__generate/log |
||
| Clear log | ||
GET |
||
/__generate/export |
||
| Export global state as JSON | ||
POST |
||
/__generate/import |
||
| Restore global state from JSON | ||
GET |
||
/__generate/openapi |
||
| Export as OpenAPI 3.0.3 | ||
POST |
||
/__generate/import/openapi |
||
| Import from OpenAPI/Swagger spec (URL or raw JSON) | ||
GET |
||
/__generate/import/preset |
||
| List available provider presets | ||
POST |
||
/__generate/import/preset |
||
Load a provider preset ({ "provider": "github" } ) |
http://localhost:7777/__generate
β create scenarios, browse and edit records, test OAuth flows, manage chaos rules, view the live request log, export/import state.
bun test
Bunruntime- An AI provider key (
ANTHROPIC_API_KEY
,OPENAI_API_KEY
, or Ollama running locally) - For
z1 launch claude
:Claude Codeinstalled