Platform integration
Agents in production
Third party API integration best practices for the agent era: contracts as code, layered resilience, per-user auth, observability, and maintenance discipline.

Third party API integration used to be a back-office job. A nightly sync, a webhook handler, a connector to Salesforce or HubSpot, maintained by a small integrations team and ignored by everyone else until something broke. The traffic was predictable. The failure modes were known. The patterns were settled.
Agents change all of that. When an LLM is the caller, the integration sees burstier traffic, less predictable inputs, more sensitivity to schema drift, and zero tolerance for silent failure. The same connector that handled 200 calls a day from a scheduler now handles 20,000 from an agent loop, and every one of them needs to land cleanly or the agent makes the wrong decision.
This piece is a deep-dive on what third party API integration best practices actually look like in 2026 — when the consumer is an agent, not a cron job. We'll cover contract discipline, resilience patterns, third party API maintenance, observability, and the auth model that holds it all together.
The first mistake teams make is treating a third-party API the way they treat a partner's PDF: read it once, write the integration, move on. That worked when APIs changed twice a year and you noticed the change in a release-notes email. It does not work when Stripe, HubSpot, and Salesforce each ship dozens of changes a quarter and your agent is calling all three in a single workflow.
The fix is to make the contract a first-class artefact in your repo. If the third party publishes an OpenAPI spec, vendor it — commit the spec, version it, and diff it on every update. If they don't, generate one from your own observed traffic and treat that as the working contract. Tools like oasdiff will flag breaking changes in CI before they reach production. We've written about how to detect API breaking changes in more depth — the same techniques apply whether the API is yours or someone else's.
The principle: if a field can disappear without you knowing, your integration is not production-grade. Agents amplify this. A human developer reading a 500 will retry, read the docs, and adapt. An agent will retry, fail again, and either give up or hallucinate around the gap. Neither is acceptable.
Most integration code has resilience in exactly one place: a retry decorator on the HTTP client. That's table stakes, not a pattern. Production-grade integration resilience patterns operate at three layers, and you need all three.
The transport layer handles network-level failure: retries with exponential backoff and jitter, circuit breakers when a downstream is clearly unhealthy, and timeouts tight enough that a slow third party doesn't take your agent down. The numbers matter. A 30-second timeout sounds reasonable until you realise your agent is making twelve sequential calls and the user is waiting six minutes for a response.
The semantic layer handles partial failure. The call returned 200 but the body is missing a field. The pagination cursor came back malformed. The webhook arrived but the signature doesn't verify. These aren't transport problems and retrying won't help. They need explicit handlers that either degrade gracefully or fail loudly — never silently.
The business layer handles idempotency. Every state-changing call needs an idempotency key, every retry needs to reuse it, and every downstream needs to honour it. Without this, an agent that retries a payment creates two charges. We covered the same pattern from the producer side in webhook reliability patterns — the consumer side is the mirror image.
The table below summarises where each layer lives and what it costs to skip.
Third party API failures are not edge cases. At the volume agents generate, they are weekly events. A vendor pushes a bad deploy. A region goes down. Rate limits tighten without notice. A field gets renamed in a "minor" release. If your integration assumes the third party is up and correct, it will be wrong several times a month.
The practical implications:
Gartner's June 2025 forecast that over 40% of agentic AI projects will be cancelled by end of 2027 — citing escalating costs, unclear business value, and inadequate risk controls — is, in part, a forecast about this. Projects don't fail because the model is bad. They fail because the integrations underneath silently drift, retries cost real money, and nobody budgeted for the third party API maintenance work that compounds month after month.
Integration code tends to get auth right on day one and wrong on day ninety. The token works in staging, the OAuth flow completes in the demo, and then refresh tokens expire, scopes drift, and the integration starts failing for one user in fifty with no clear pattern.
Four rules that hold up in production:
You cannot manage what you cannot see, and integration code is famously opaque. The third party is a black box. The agent is a black box. The middle is your code, and if you don't instrument it heavily, you'll spend every incident reconstructing what happened from logs that weren't designed to answer the question.
The minimum bar:
This is where the difference between LLM observability tools and agent tracing platforms shows up sharply. LLM observability tells you what the model decided. Integration observability tells you whether the world actually changed the way the model thought it did. You need both, and they're not the same product.
The last best practice is the one teams skip because it doesn't ship features: budget for maintenance. Every third-party integration is a liability that grows over time. The vendor changes their API. Your product changes its data model. The auth flow needs an update. The rate limits get tighter. None of this is your team's fault and none of it is optional.
We've written about connector maintenance cost at length. The short version: across a portfolio, the engineering tax of keeping bespoke integrations current dwarfs the cost of building them in the first place. MuleSoft's 2025 Connectivity Benchmark Report estimates IT teams spend close to 39% of their time on custom integrations rather than new work, and that integration challenges cost the average organisation around $6.8M a year in lost productivity and delayed projects. Whether the exact numbers hold for your business, the shape is right: maintenance compounds, features don't.
The practical move is to consolidate. One pattern for how integrations are built, tested, monitored, and updated — applied across every third party you talk to. A connector that's a unique snowflake is a connector that breaks alone.
Most of what we've described — contract discipline, idempotency, scoped auth, replayable observability, drift detection — is work that has to happen for every third party your agent touches. Doing it once is reasonable. Doing it forty times, and keeping all forty current as the third parties evolve, is where agent projects stall.
This is the gap Pontil's Tools-as-a-Service platform is built to close. We generate tools from the APIs that already exist, run them through a managed runtime that handles retries, idempotency, and per-user auth as first-class concerns, and maintain them as the underlying products change. The patterns in this article aren't optional — they're table stakes for agents in production. The question is whether your team builds and maintains them connector by connector, or runs them through a layer that does it once and keeps doing it. If that trade-off is live for you, book a walkthrough and we'll show you the runtime.
The patterns above are best practices today because agents have surfaced failure modes that human-driven integrations could quietly tolerate. The direction of travel is clear: contracts become executable, not documented; resilience moves from a retry decorator to a layered model; auth becomes per-user by default; and maintenance becomes a continuous process rather than a quarterly project.
The teams that get there first will be the ones that stopped treating integration as plumbing and started treating it as a product surface in its own right. The teams that don't will keep shipping demos that work in the room and stall in production — not because the model was wrong, but because the integration underneath couldn't keep up with what the agent wanted to do.
The model isn't the bottleneck. It hasn't been for a while. The integrations are.
Stay up to date on the ever changing agentic landscape.