{"slug": "show-hn-instant-live-endpoints-your-front-end-needs-from-natural-language", "title": "Show HN: Instant live endpoints your front end needs, from natural language", "summary": "Zero-1, an open-source tool from developer thomscoder, generates live REST endpoints with realistic seeded data from natural language descriptions or OpenAPI specs, enabling frontend development before a backend exists. It runs locally with zero API calls after initial schema parsing, supports full CRUD, foreign key relationships, and can export schemas to production-ready backends like Hono. The tool integrates with Claude Code as an execution layer, handling data, routing, and state locally.", "body_md": "Give your app exactly the data it needs — before your backend exists.\n\nDescribe whatever endpoint your app in natural language, drop in an OpenAPI spec — Zero-1 spins up live REST endpoints with realistic seeded data, full CRUD, and FK relationships. Tracks denormalized copies, propagates schema changes across existing data, and warns before a change would break a reference. Pair it with Claude Code to become an execution layer — all AI reasoning happens in your session, Zero-1 handles data, routing, and state locally. Export the schema when you're ready for your agent to build a working backend.\n\n```\n❯ I'm building a marketplace, I need sellers, products under /sellers/:id/products,\n  and reviews under /products/:id/reviews. seed it heavy,\n  like 5000 products and 10k reviews. gate writes with Bearer auth.\n\n3 resources · 15100 records\n\n· sellers    100   records\n· products   5000  records  path: /sellers/:sellerId/products\n· reviews    10000 records  path: /products/:productId/reviews\n\n↳ products.sellerId  → sellers.id\n↳ reviews.productId  → products.id\n\nheader guard: POST|PUT|PATCH|DELETE * — Authorization: Bearer required\n```\n\n## z1-demo.mp4\n\nFrom source:\n\n```\ngit clone https://github.com/thomscoder/zero-1 && cd zero-1\n\nANTHROPIC_API_KEY=sk-ant-... bun run cli.ts\n# → http://localhost:7777  +  z1 › REPL\n```\n\nOr install the CLI:\n\n```\ncurl -fsSL https://raw.githubusercontent.com/thomscoder/zero-1/main/scripts/install.sh | sh\n```\n\nRun Zero-1 as an HTTP server. Describe scenarios in the REPL or via API. One AI call per intent — schema parsing only. All data generation, CRUD, filtering, and graph tracking run locally with zero API calls.\n\n```\nz1                    # start + REPL\nz1 --model gpt-4o     # use a specific model\nANTHROPIC_API_KEY=sk-ant-... bun run cli.ts\n```\n\nZero-1's primary mode. Claude Code IS the AI. Zero-1 executes.\n\n```\nz1 launch claude\nz1 launch claude --model claude-opus-4-6\n```\n\nStarts the Zero-1 server and spawns Claude Code with the MCP pre-wired. Claude Code handles all reasoning and schema decisions. Zero-1 receives structured plans and executes them locally — **zero redundant AI calls**. Every token in your Claude Code session does actual work.\n\nExport your Zero-1 schema as a working production backend.\n\n```\nz1 export --scaffold hono --out ./my-app   # generate from .z1/state.json\nz1 patch hono                              # sync changes (last-write-wins)\n```\n\nOr from the REPL:\n\n```\nz1 › .export --scaffold hono\nz1 › .patch hono\n```\n\nGenerates a complete Hono project: typed routes, in-memory data seeded with real records, TypeScript interfaces, and a `/sync`\n\nslash command for Claude Code. When your real backend is ready, the scaffold is the spec.\n\nLoad a real provider's API shape instantly — no spec hunting, no key required:\n\n```\n# List available presets\nGET /__generate/import/preset\n\n# Load Stripe (customers, products, prices, payment intents, subscriptions at /v1/* paths)\nPOST /__generate/import/preset\n{ \"provider\": \"stripe\" }\n\n# Load GitHub (users, repos, issues at /api/v3/* paths + OAuth pre-configured)\nPOST /__generate/import/preset\n{ \"provider\": \"github\" }\n```\n\nAvailable: `github`\n\n· `google`\n\n· `stripe`\n\n· `linkedin`\n\n· `shopify`\n\nEach preset loads the correct real-world endpoint paths, realistic field shapes, and a pre-configured OAuth flow for that provider.\n\nPoint Zero-1 at any OpenAPI 3.x or Swagger 2.0 spec — URL or raw JSON:\n\n```\nPOST /__generate/import/openapi\n{ \"url\": \"https://petstore3.swagger.io/api/v3/openapi.json\" }\n# or\n{ \"spec\": { ...raw spec object... } }\n```\n\nHandles `$ref`\n\nresolution (recursive), `allOf`\n\nmerges, `oneOf`\n\n/`anyOf`\n\nvariants, and any path depth. Data is generated locally from the schema — no AI call.\n\nOne description (or import) registers all resources with full CRUD — `GET`\n\n, `POST`\n\n, `PUT`\n\n, `PATCH`\n\n, `DELETE`\n\n. IDs are auto-incremented. FK references are always valid (data generated in dependency order).\n\nFilter, search, sort — all query params, stackable:\n\n```\nGET /posts?role=admin&q=launch&sort=likes:desc&limit=10\n```\n\nResources can live at any URL shape:\n\n```\n/api/v1/users\n/payments/:paymentId/invoices\n/orgs/:orgId/teams/:teamId/members\n```\n\nNamed segments (`:param`\n\n) become FK equality filters on GET collection and are auto-populated on POST. The item ID is always the trailing segment: `GET /payments/42/invoices/7`\n\n.\n\n\"...when an order is created, subtract quantity from product stock. when stock hits 0, flip status to out_of_stock.\"\n\nDescribe side-effect logic inline. Supported operations: increment/decrement a field, set a value. Triggers fire synchronously on every matching mutation.\n\n\"...add a views counter, rename likes to reactions, drop published. require X-API-Key on write requests.\"\n\nZero-1 sends only the schema to the AI (never the records), applies the diff, and backfills existing data locally. Added fields get context-aware generated values. Renamed fields preserve their values.\n\n\"...cursor-based, 20 per page, use`after`\n\nas cursor param,`edges`\n\nfor data array\"\n\nConfigure the envelope your real API will produce. Zero-1 matches it. Supports page, offset, and cursor styles with customisable param names and response shapes.\n\n\"...require X-API-Key on all write requests to posts. inject X-Request-Id into every response.\"\n\nPer-resource request guards and response header injection. Your frontend gets real 401s and real rejection bodies — no auth server needed.\n\n\"...authorization code flow with PKCE. scopes: read, write, admin. JWT tokens, 1 hour expiry.\"\n\nFull mock OAuth 2.0 / OIDC provider. Registers authorization, token, revoke, introspect, userinfo, and discovery endpoints. Per-client scope enforcement. Token signing via Web Crypto API (HS256) — no JWT library.\n\n\"...30% error rate on POST /orders and 500ms–2s latency on all requests\"\n\n```\n{ \"resource\": \"orders\", \"method\": \"POST\", \"errorRate\": 0.3, \"errorCode\": 503 }\n{ \"resource\": \"*\", \"method\": \"*\", \"latency\": { \"min\": 200, \"max\": 800 } }\n{ \"resource\": \"users\", \"rateLimit\": { \"requests\": 10, \"windowSeconds\": 60 } }\n```\n\nZero-1 maintains a live graph of every resource — FK edges, denormalized copies, observed field types.\n\n**Write-through propagation** — every `PATCH`\n\n/`PUT`\n\nwalks the provenance graph and updates denormalized copies automatically.\n\n**Impact analysis** — before applying a schema change, ask what breaks:\n\n\"What breaks if I switch the plan id to a string slug?\"\n\nReturns which FK references would stop resolving and which denormalized copies would go stale. Via MCP this is part of the natural workflow; via the API it's `POST /__generate/graph/analyze`\n\n.\n\nAdd two-factor authentication to any resource inline:\n\n\"...users with 2FA on login. OTP expires in 5 minutes.\"\n\nZero-1 registers `POST /users/login`\n\nand `POST /users/verify`\n\nendpoints. OTP codes are cryptographically random, 6-digit, single-use. Inspect pending codes at `GET /__generate/2fa/pending`\n\n.\n\n\"...each user should only see their own posts\"\n\nPer-resource per-user data isolation using JWT claims. Collection GETs filter automatically, item GETs return 403 for wrong owner, POSTs auto-set the owner field from the token.\n\nZero-1 exposes its full surface as MCP tools for Claude Code and other AI agents.\n\nManual setup (if not using `z1 launch claude`\n\n):\n\n```\n// .claude/mcp.json\n{\n  \"mcpServers\": {\n    \"zero-1\": {\n      \"command\": \"bun\",\n      \"args\": [\"run\", \"/path/to/zero-1/mcp.ts\", \"--url\", \"http://localhost:7777\"]\n    }\n  }\n}\n```\n\nTools include: `create_scenario`\n\n, `evolve_schema`\n\n, `get_schema`\n\n, `list_resources`\n\n, `inspect_graph`\n\n, `analyze_impact`\n\n, `configure_headers`\n\n, `configure_oauth`\n\n, `configure_pagination`\n\n, `add_chaos`\n\n, `snapshot`\n\n, `reset`\n\n, `export_openapi`\n\n, `get_2fa_codes`\n\n, and more.\n\n**Zero-waste architecture**: every tool that normally triggers an AI call accepts a structured bypass. When called from Claude Code, Zero-1 skips its own AI calls entirely — Claude Code produces the plan, Zero-1 executes it. One AI session. No overhead.\n\nZero-1 is bring-your-own-key. One AI call per intent — schema parsing only. Everything else is local.\n\n```\n# Anthropic (default)\nANTHROPIC_API_KEY=sk-ant-... bun run cli.ts\n\n# OpenAI or any compatible endpoint\nAI_PROVIDER=openai OPENAI_API_KEY=sk-... bun run cli.ts\n\n# Ollama (local, no key needed)\nAI_PROVIDER=ollama bun run cli.ts\n```\n\n| Variable | Default | Description |\n|---|---|---|\n`AI_PROVIDER` |\n`anthropic` |\n`anthropic` , `openai` , or `ollama` |\n`AI_MODEL` |\nprovider default | Override the model (e.g. `gpt-4o` , `llama3.2` , `claude-opus-4-6` ) |\n`ANTHROPIC_API_KEY` |\nrequired for anthropic | Your Anthropic key |\n`OPENAI_API_KEY` |\nrequired for openai | Your OpenAI key |\n`OPENAI_BASE_URL` |\n`https://api.openai.com/v1` |\nBase URL for OpenAI-compatible APIs |\n`OLLAMA_BASE_URL` |\n`http://localhost:11434` |\nBase URL for Ollama |\n`API_KEY` |\n— | Protect `/__generate/*` meta endpoints with Bearer auth. CRUD routes unaffected. |\n`PORT` |\n`7777` |\nHTTP port |\n\nCLI flags:\n\n```\nz1 [--key sk-ant-...] [--port 7777] [--model claude-opus-4-6] [--web] [\"inline prompt\"]\nz1 launch claude [--port 7777] [--model claude-opus-4-6]\n```\n\n| Method | Path | Description |\n|---|---|---|\n`POST` |\n`/__generate/scenario` |\nCreate resources from a description or structured plan |\n`GET` |\n`/__generate/resources` |\nList all resources with schemas and record counts |\n`DELETE` |\n`/__generate/resources` |\nDelete all resources |\n`DELETE` |\n`/__generate/resources/:name` |\nDelete a specific resource |\n`GET` |\n`/__generate/schema/:name` |\nRaw ParsedField[] schema for a resource |\n`POST` |\n`/__generate/evolve` |\nEvolve a resource's schema |\n`POST` |\n`/__generate/pagination` |\nConfigure pagination for a resource |\n`POST` |\n`/__generate/snapshot` |\nSave a snapshot |\n`POST` |\n`/__generate/reset` |\nRestore from last snapshot |\n\n| Method | Path | Notes |\n|---|---|---|\n`GET` |\n`/:name` |\n`?field=val` , `?q=term` , `?sort=field:asc` , `?explain=true` |\n`POST` |\n`/:name` |\nID auto-assigned |\n`GET` |\n`/:name/:id` |\n|\n`PUT` |\n`/:name/:id` |\nFull replace |\n`PATCH` |\n`/:name/:id` |\nPartial update |\n`DELETE` |\n`/:name/:id` |\nReturns 204 |\n\nCustom paths (e.g. `/payments/:paymentId/invoices`\n\n) work identically — named segments filter by FK equality.\n\n| Method | Path | Description |\n|---|---|---|\n`POST` |\n`/__generate/oauth/configure` |\nConfigure from description or structured OAuthConfig |\n`GET` |\n`/__generate/oauth/status` |\nConfig + token stats |\n`GET` |\n`/__generate/oauth/authorize` |\nAuthorization endpoint (auto-approves, 302 redirect) |\n`POST` |\n`/__generate/oauth/token` |\nToken endpoint (auth_code, client_credentials, refresh) |\n`POST` |\n`/__generate/oauth/revoke` |\nRFC 7009 revocation |\n`POST` |\n`/__generate/oauth/introspect` |\nToken introspection |\n`GET` |\n`/__generate/oauth/userinfo` |\nOIDC userinfo (Bearer token required) |\n`GET` |\n`/__generate/oauth/.well-known/openid-configuration` |\nOIDC discovery |\n`GET` |\n`/__generate/oauth/.well-known/jwks.json` |\nJWKS |\n\n| Method | Path | Description |\n|---|---|---|\n`GET` |\n`/__generate/graph` |\nFull graph dump (resources, FK edges, provenance edges) |\n`POST` |\n`/__generate/graph/analyze` |\n`{ resource, fields, typeChange? }` → impact report |\n\n| Method | Path | Description |\n|---|---|---|\n`POST/GET/DELETE` |\n`/__generate/chaos` |\nAdd / list / clear chaos rules |\n`DELETE` |\n`/__generate/chaos/:id` |\nRemove a specific rule |\n`GET/DELETE` |\n`/__generate/triggers` |\nList / clear triggers |\n`DELETE` |\n`/__generate/triggers/:id` |\nRemove a specific trigger |\n`POST` |\n`/__generate/headers/configure` |\nConfigure header guards |\n`GET/DELETE` |\n`/__generate/headers` |\nList / clear header rules |\n`DELETE` |\n`/__generate/headers/:id` |\nRemove a specific rule |\n`POST/GET/DELETE` |\n`/__generate/scoping` |\nAdd / list / clear JWT scoping rules |\n`GET` |\n`/__generate/2fa/pending` |\nInspect pending OTP codes |\n`DELETE` |\n`/__generate/2fa` |\nClear all OTP codes |\n`GET` |\n`/__generate/log` |\nRequest log (newest first, max 500) |\n`DELETE` |\n`/__generate/log` |\nClear log |\n`GET` |\n`/__generate/export` |\nExport global state as JSON |\n`POST` |\n`/__generate/import` |\nRestore global state from JSON |\n`GET` |\n`/__generate/openapi` |\nExport as OpenAPI 3.0.3 |\n`POST` |\n`/__generate/import/openapi` |\nImport from OpenAPI/Swagger spec (URL or raw JSON) |\n`GET` |\n`/__generate/import/preset` |\nList available provider presets |\n`POST` |\n`/__generate/import/preset` |\nLoad a provider preset (`{ \"provider\": \"github\" }` ) |\n\n`http://localhost:7777/__generate`\n\n— create scenarios, browse and edit records, test OAuth flows, manage chaos rules, view the live request log, export/import state.\n\n```\nbun test\n```\n\n[Bun](https://bun.sh)runtime- An AI provider key (\n`ANTHROPIC_API_KEY`\n\n,`OPENAI_API_KEY`\n\n, or Ollama running locally) - For\n`z1 launch claude`\n\n:[Claude Code](https://claude.ai/claude-code)installed", "url": "https://wpnews.pro/news/show-hn-instant-live-endpoints-your-front-end-needs-from-natural-language", "canonical_source": "https://github.com/thomscoder/zero-1", "published_at": "2026-06-15 08:21:48+00:00", "updated_at": "2026-06-15 08:42:51.284194+00:00", "lang": "en", "topics": ["developer-tools", "artificial-intelligence", "large-language-models", "ai-agents", "generative-ai"], "entities": ["Zero-1", "thomscoder", "Claude Code", "Hono", "OpenAPI", "GitHub", "Stripe", "Shopify"], "alternates": {"html": "https://wpnews.pro/news/show-hn-instant-live-endpoints-your-front-end-needs-from-natural-language", "markdown": "https://wpnews.pro/news/show-hn-instant-live-endpoints-your-front-end-needs-from-natural-language.md", "text": "https://wpnews.pro/news/show-hn-instant-live-endpoints-your-front-end-needs-from-natural-language.txt", "jsonld": "https://wpnews.pro/news/show-hn-instant-live-endpoints-your-front-end-needs-from-natural-language.jsonld"}}