Platform integration
Agents in production
Third party API change management is the operating cost agent projects underestimate. Why connector drift breaks silently and how to detect and absorb it.

Every agent project that reaches production inherits a maintenance problem it didn't budget for: the third-party APIs it depends on will change, and nobody will tell you first. That's the whole discipline of third party API change management — detecting upstream drift, absorbing it, and keeping tool calls working while the vendor ships breaking changes on their schedule, not yours. Most teams treat it as a bug backlog. It's an operating cost, and it's about to reprice how you think about integrations.
For twenty years, integration teams ran on a simple contract: the vendor publishes a changelog, your engineers read it, your code catches up before the deprecation window closes. It worked because integrations were rare, human-authored, and reviewed. A Salesforce API bump landed in a Jira ticket, a developer read the migration guide, and the connector shipped by the next sprint.
Agents break every assumption in that model. Instead of ten integrations maintained by a dedicated team, you now have hundreds of tools fanned out across dozens of third parties, invoked non-deterministically by agents that were never told a field renamed. The changelog is still published. Nobody's reading it in time.
We've watched teams discover this the hard way. A HubSpot endpoint returns a slightly different shape. A Stripe enum gains a new value. A Zendesk rate limit tightens on Tuesday. None of these are outages. All of them silently break agent behaviour, and the agent will happily hallucinate around the broken response rather than throw. You find out from a customer.
Call this what it is: connector drift. The tool definition your agent was given no longer matches the API it's calling. The gap can be tiny — a field went from required to optional, a status code changed from 200 to 202, a nested object flattened — and the agent will still get a response back. It just won't be the response the tool contract promised.
The reason drift is so hard to catch is that it fails soft. A gateway 500 sets off pagers. A quietly renamed field produces a plausible-looking agent answer that's wrong. Traditional API monitoring for integrations watches uptime, latency, and error rate. It doesn't watch semantic contracts, and semantic contracts are what agents actually depend on.
Three things make this worse than the human-developer era:
We've written before about the connector maintenance cost that most teams never model. Third party API change management is the operational half of that cost. The build isn't the expensive part. The staying-current is.
There are three places you can catch a provider API change, and mature teams run all three:
Spec diffing is the cheapest and the most oversold. It only works if the provider publishes an accurate spec, keeps it accurate, and ships spec updates before code updates. In our experience, only a minority of the third parties your agents touch clear that bar. We covered the mechanics of this in how to detect API breaking changes — the tooling is fine; the input data is the problem.
Response snapshotting is what actually catches upstream API breaks in the wild. You record the shape of responses on a schedule, diff against last week, and flag anything structural. It's boring infrastructure. It's also the only thing that reliably detects the changes a vendor didn't document.
Runtime canaries are the last line — synthetic tool calls run against live third-party APIs on a heartbeat, with assertions on the response contract. Expensive to run at scale. Non-negotiable for high-stakes tools.
If you're only running one of these, you have change detection theatre, not change management.
Detection tells you something moved. What happens next is where most teams lose weeks.
The wrong answer is a Slack channel where someone pages the on-call, an engineer reads the changelog, and a hotfix ships by Friday. That works once. It doesn't work when you have hundreds of tools across dozens of providers and drift is a weekly event. The heroics don't scale, and the engineer you're burning on connector fixes isn't building the product.
The right answer treats every detected change like any other code change: it enters CI, it has tests, it has a review, it ships through your normal pipeline. The tool contract is versioned. The regenerated connector is diffed against the old one. The agent's tool definition is updated in a controlled release, not a hot patch. Observability tells you which agents were using the old contract so you can roll forward with confidence.
This is the part where categories start to matter. An API gateway won't help — gateways front APIs you own, not third-party APIs that break upstream. iPaaS and unified-API platforms will absorb some of the change, but they typically hide it inside a normalized schema, which means you inherit their interpretation of the provider's semantics and lose the ability to reason about the drift directly. Neither category was built to keep an agent's tool contract honest against a changing provider.
What you actually need is generation-plus-maintenance treated as one system: the same pipeline that produced the connector produces the fix, on a schedule, with tests and observability wired in from day one.
This is the operating model Pontil is built around. Our Tools-as-a-Service platform generates connectors from the APIs that already exist, then keeps them current as those APIs change — automated maintenance is a first-class part of the runtime, not a services add-on. When an upstream provider ships a breaking change, the pipeline detects it, regenerates the affected tool, runs it through tests, and rolls the update through the same SDLC path any other code change takes. Your agents see a stable tool contract; the drift stays contained upstream of them.
That matters because change management is the compounding cost in agent projects. The team building the first fifty tools doesn't feel it. The team maintaining five hundred does. If you want to see how the numbers work at portfolio scale, we walk through the maintenance economics in the why agent projects stall resource.
Start by counting. How many third-party APIs do your agents call today? How many of those providers publish a spec you trust? What's your detection strategy for the ones that don't? If the answer to the last question is "we read the changelog," you have a change management gap, and it will show up as a customer-reported incident before it shows up on a dashboard.
Then decide where the work sits. Automated maintenance is not a heroic engineer with good taste; it's a pipeline. If you don't have one, the cost of running agents at portfolio scale isn't the model, the framework, or the orchestrator. It's the tax you're paying every week to keep last month's tools working against this month's APIs. That tax compounds. Budget for it, or build the pipeline that makes it disappear.
Stay up to date on the ever changing agentic landscape.