Show HN: Instant live endpoints your front end needs, from natural language

Zero-1, an open-source tool from developer thomscoder, generates live REST endpoints with realistic seeded data from natural language descriptions or OpenAPI specs, enabling frontend development before a backend exists. It runs locally with zero API calls after initial schema parsing, supports full CRUD, foreign key relationships, and can export schemas to production-ready backends like Hono. The tool integrates with Claude Code as an execution layer, handling data, routing, and state locally.

Give your app exactly the data it needs — before your backend exists. Describe whatever endpoint your app in natural language, drop in an OpenAPI spec — Zero-1 spins up live REST endpoints with realistic seeded data, full CRUD, and FK relationships. Tracks denormalized copies, propagates schema changes across existing data, and warns before a change would break a reference. Pair it with Claude Code to become an execution layer — all AI reasoning happens in your session, Zero-1 handles data, routing, and state locally. Export the schema when you're ready for your agent to build a working backend. ❯ I'm building a marketplace, I need sellers, products under /sellers/:id/products, and reviews under /products/:id/reviews. seed it heavy, like 5000 products and 10k reviews. gate writes with Bearer auth. 3 resources · 15100 records · sellers 100 records · products 5000 records path: /sellers/:sellerId/products · reviews 10000 records path: /products/:productId/reviews ↳ products.sellerId → sellers.id ↳ reviews.productId → products.id header guard: POST|PUT|PATCH|DELETE — Authorization: Bearer required z1-demo.mp4 From source: git clone https://github.com/thomscoder/zero-1 && cd zero-1 ANTHROPIC API KEY=sk-ant-... bun run cli.ts → http://localhost:7777 + z1 › REPL Or install the CLI: curl -fsSL https://raw.githubusercontent.com/thomscoder/zero-1/main/scripts/install.sh | sh Run Zero-1 as an HTTP server. Describe scenarios in the REPL or via API. One AI call per intent — schema parsing only. All data generation, CRUD, filtering, and graph tracking run locally with zero API calls. z1 start + REPL z1 --model gpt-4o use a specific model ANTHROPIC API KEY=sk-ant-... bun run cli.ts Zero-1's primary mode. Claude Code IS the AI. Zero-1 executes. z1 launch claude z1 launch claude --model claude-opus-4-6 Starts the Zero-1 server and spawns Claude Code with the MCP pre-wired. Claude Code handles all reasoning and schema decisions. Zero-1 receives structured plans and executes them locally — zero redundant AI calls . Every token in your Claude Code session does actual work. Export your Zero-1 schema as a working production backend. z1 export --scaffold hono --out ./my-app generate from .z1/state.json z1 patch hono sync changes last-write-wins Or from the REPL: z1 › .export --scaffold hono z1 › .patch hono Generates a complete Hono project: typed routes, in-memory data seeded with real records, TypeScript interfaces, and a /sync slash command for Claude Code. When your real backend is ready, the scaffold is the spec. Load a real provider's API shape instantly — no spec hunting, no key required: List available presets GET / generate/import/preset Load Stripe customers, products, prices, payment intents, subscriptions at /v1/ paths POST / generate/import/preset { "provider": "stripe" } Load GitHub users, repos, issues at /api/v3/ paths + OAuth pre-configured POST / generate/import/preset { "provider": "github" } Available: github · google · stripe · linkedin · shopify Each preset loads the correct real-world endpoint paths, realistic field shapes, and a pre-configured OAuth flow for that provider. Point Zero-1 at any OpenAPI 3.x or Swagger 2.0 spec — URL or raw JSON: POST / generate/import/openapi { "url": "https://petstore3.swagger.io/api/v3/openapi.json" } or { "spec": { ...raw spec object... } } Handles $ref resolution recursive , allOf merges, oneOf / anyOf variants, and any path depth. Data is generated locally from the schema — no AI call. One description or import registers all resources with full CRUD — GET , POST , PUT , PATCH , DELETE . IDs are auto-incremented. FK references are always valid data generated in dependency order . Filter, search, sort — all query params, stackable: GET /posts?role=admin&q=launch&sort=likes:desc&limit=10 Resources can live at any URL shape: /api/v1/users /payments/:paymentId/invoices /orgs/:orgId/teams/:teamId/members Named segments :param become FK equality filters on GET collection and are auto-populated on POST. The item ID is always the trailing segment: GET /payments/42/invoices/7 . "...when an order is created, subtract quantity from product stock. when stock hits 0, flip status to out of stock." Describe side-effect logic inline. Supported operations: increment/decrement a field, set a value. Triggers fire synchronously on every matching mutation. "...add a views counter, rename likes to reactions, drop published. require X-API-Key on write requests." Zero-1 sends only the schema to the AI never the records , applies the diff, and backfills existing data locally. Added fields get context-aware generated values. Renamed fields preserve their values. "...cursor-based, 20 per page, use after as cursor param, edges for data array" Configure the envelope your real API will produce. Zero-1 matches it. Supports page, offset, and cursor styles with customisable param names and response shapes. "...require X-API-Key on all write requests to posts. inject X-Request-Id into every response." Per-resource request guards and response header injection. Your frontend gets real 401s and real rejection bodies — no auth server needed. "...authorization code flow with PKCE. scopes: read, write, admin. JWT tokens, 1 hour expiry." Full mock OAuth 2.0 / OIDC provider. Registers authorization, token, revoke, introspect, userinfo, and discovery endpoints. Per-client scope enforcement. Token signing via Web Crypto API HS256 — no JWT library. "...30% error rate on POST /orders and 500ms–2s latency on all requests" { "resource": "orders", "method": "POST", "errorRate": 0.3, "errorCode": 503 } { "resource": " ", "method": " ", "latency": { "min": 200, "max": 800 } } { "resource": "users", "rateLimit": { "requests": 10, "windowSeconds": 60 } } Zero-1 maintains a live graph of every resource — FK edges, denormalized copies, observed field types. Write-through propagation — every PATCH / PUT walks the provenance graph and updates denormalized copies automatically. Impact analysis — before applying a schema change, ask what breaks: "What breaks if I switch the plan id to a string slug?" Returns which FK references would stop resolving and which denormalized copies would go stale. Via MCP this is part of the natural workflow; via the API it's POST / generate/graph/analyze . Add two-factor authentication to any resource inline: "...users with 2FA on login. OTP expires in 5 minutes." Zero-1 registers POST /users/login and POST /users/verify endpoints. OTP codes are cryptographically random, 6-digit, single-use. Inspect pending codes at GET / generate/2fa/pending . "...each user should only see their own posts" Per-resource per-user data isolation using JWT claims. Collection GETs filter automatically, item GETs return 403 for wrong owner, POSTs auto-set the owner field from the token. Zero-1 exposes its full surface as MCP tools for Claude Code and other AI agents. Manual setup if not using z1 launch claude : // .claude/mcp.json { "mcpServers": { "zero-1": { "command": "bun", "args": "run", "/path/to/zero-1/mcp.ts", "--url", "http://localhost:7777" } } } Tools include: create scenario , evolve schema , get schema , list resources , inspect graph , analyze impact , configure headers , configure oauth , configure pagination , add chaos , snapshot , reset , export openapi , get 2fa codes , and more. Zero-waste architecture : every tool that normally triggers an AI call accepts a structured bypass. When called from Claude Code, Zero-1 skips its own AI calls entirely — Claude Code produces the plan, Zero-1 executes it. One AI session. No overhead. Zero-1 is bring-your-own-key. One AI call per intent — schema parsing only. Everything else is local. Anthropic default ANTHROPIC API KEY=sk-ant-... bun run cli.ts OpenAI or any compatible endpoint AI PROVIDER=openai OPENAI API KEY=sk-... bun run cli.ts Ollama local, no key needed AI PROVIDER=ollama bun run cli.ts | Variable | Default | Description | |---|---|---| AI PROVIDER | anthropic | anthropic , openai , or ollama | AI MODEL | provider default | Override the model e.g. gpt-4o , llama3.2 , claude-opus-4-6 | ANTHROPIC API KEY | required for anthropic | Your Anthropic key | OPENAI API KEY | required for openai | Your OpenAI key | OPENAI BASE URL | https://api.openai.com/v1 | Base URL for OpenAI-compatible APIs | OLLAMA BASE URL | http://localhost:11434 | Base URL for Ollama | API KEY | — | Protect / generate/ meta endpoints with Bearer auth. CRUD routes unaffected. | PORT | 7777 | HTTP port | CLI flags: z1 --key sk-ant-... --port 7777 --model claude-opus-4-6 --web "inline prompt" z1 launch claude --port 7777 --model claude-opus-4-6 | Method | Path | Description | |---|---|---| POST | / generate/scenario | Create resources from a description or structured plan | GET | / generate/resources | List all resources with schemas and record counts | DELETE | / generate/resources | Delete all resources | DELETE | / generate/resources/:name | Delete a specific resource | GET | / generate/schema/:name | Raw ParsedField schema for a resource | POST | / generate/evolve | Evolve a resource's schema | POST | / generate/pagination | Configure pagination for a resource | POST | / generate/snapshot | Save a snapshot | POST | / generate/reset | Restore from last snapshot | | Method | Path | Notes | |---|---|---| GET | /:name | ?field=val , ?q=term , ?sort=field:asc , ?explain=true | POST | /:name | ID auto-assigned | GET | /:name/:id | | PUT | /:name/:id | Full replace | PATCH | /:name/:id | Partial update | DELETE | /:name/:id | Returns 204 | Custom paths e.g. /payments/:paymentId/invoices work identically — named segments filter by FK equality. | Method | Path | Description | |---|---|---| POST | / generate/oauth/configure | Configure from description or structured OAuthConfig | GET | / generate/oauth/status | Config + token stats | GET | / generate/oauth/authorize | Authorization endpoint auto-approves, 302 redirect | POST | / generate/oauth/token | Token endpoint auth code, client credentials, refresh | POST | / generate/oauth/revoke | RFC 7009 revocation | POST | / generate/oauth/introspect | Token introspection | GET | / generate/oauth/userinfo | OIDC userinfo Bearer token required | GET | / generate/oauth/.well-known/openid-configuration | OIDC discovery | GET | / generate/oauth/.well-known/jwks.json | JWKS | | Method | Path | Description | |---|---|---| GET | / generate/graph | Full graph dump resources, FK edges, provenance edges | POST | / generate/graph/analyze | { resource, fields, typeChange? } → impact report | | Method | Path | Description | |---|---|---| POST/GET/DELETE | / generate/chaos | Add / list / clear chaos rules | DELETE | / generate/chaos/:id | Remove a specific rule | GET/DELETE | / generate/triggers | List / clear triggers | DELETE | / generate/triggers/:id | Remove a specific trigger | POST | / generate/headers/configure | Configure header guards | GET/DELETE | / generate/headers | List / clear header rules | DELETE | / generate/headers/:id | Remove a specific rule | POST/GET/DELETE | / generate/scoping | Add / list / clear JWT scoping rules | GET | / generate/2fa/pending | Inspect pending OTP codes | DELETE | / generate/2fa | Clear all OTP codes | GET | / generate/log | Request log newest first, max 500 | DELETE | / generate/log | Clear log | GET | / generate/export | Export global state as JSON | POST | / generate/import | Restore global state from JSON | GET | / generate/openapi | Export as OpenAPI 3.0.3 | POST | / generate/import/openapi | Import from OpenAPI/Swagger spec URL or raw JSON | GET | / generate/import/preset | List available provider presets | POST | / generate/import/preset | Load a provider preset { "provider": "github" } | http://localhost:7777/ generate — create scenarios, browse and edit records, test OAuth flows, manage chaos rules, view the live request log, export/import state. bun test Bun https://bun.sh runtime- An AI provider key ANTHROPIC API KEY , OPENAI API KEY , or Ollama running locally - For z1 launch claude : Claude Code https://claude.ai/claude-code installed