[elgertam]

You know where LLMs boost me the most? When I need to integrate a bunch of systems together, each with their own sets of documentation. Instead of spending hours getting two or three systems to integrate with mine with the proper OAuth scopes or SAML and so on, an LLM can get me working integrations in a short time. None of that is ever going to be innovative; it's purely an exercise in perseverance as an engineer to read through the docs and make guesses about the missing gaps. LLMs are just better at that.

I spend the other time talking through my thoughts with AI, kind of like the proverbial rubber duck used for debugging, but it tends to give pretty thoughtful responses. In those cases, I'm writing less code but wanting to capture the invariants, expected failure modes and find leaky abstractions before they happen. Then I can write code or give it good instructions about what I want to see, and it makes it happen.

I'm honestly not sure how a non-practitioner could have these kinds of conversations beyond a certain level of complexity.

[jofzar]

> Instead of spending hours getting two or three systems to integrate with mine with the proper OAuth scopes or SAML and so on

As someone who's job is handling oauth and saml scope, I am not convinced anyone can get these right.

Saml atleast acts nice, oauth on the other hand is a fucking nightmare.

[elgertam]

Every time I request the wrong OAuth scope that doesn't have the authorization to do what I need, then make a failing request, I hear Jim Gaffigan affecting a funny authoritative voice saying, "No." I can't be the only one who defensively requests too much authority beyond what I need with extra OAuth scopes, hoping one of them will give me the correct access. I've had much better luck with LLMs telling me exactly which scopes to select.

[throwup238]

I always hear Little Britain’s “computer says nooooo”

[Tade0]

And the libraries provided by the various OAuth vendors are only adding fuel to the fire.

A while ago I spent some time debugging a superfluous redirect and the reason was that the library would always kick off with a "not authenticated" when it didn't find stored tokens, even if it was redirecting back after successful log in (as the tokens weren't stored yet).

[driftnode]

oauth is the one area where I genuinely trust the LLM more than myself. not because it gets it right but because at least it reads all the docs instead of rage-quitting after the third wrong scope

[kakacik]

Maybe you are already an expert in those so its fine. But for anybody else, using llms extensively would mean becoming way less proficient in those topics. Skip building some deeper senior knowledge and have a rather shallow knowledge. Anytime I grokked anything deeper like encryption, these saml/jwt auths, complex algorithms was only and unavoidably due to having to go deep with them.

Good for the company, not so much for the given engineer. But I get the motivation, we all are naturally lazy and normally avoid doing stuff if we can. Its just that there are also downsides, and they are for us, engineers.

[Terr_]

The worst integration problems tend to be conceptual mismatches between the systems, where--even with the same names--they have different definitions and ideas of how things work.

That's a category of problem I wouldn't expect a text-based system to detect very well.. Though it might disguise the problem with a solution that seems to work until it blows up one day or people discover a lot of hard-to-fix data.

[elgertam]

Well that's another use I have for LLMs: asking questions about these informational or architectural impedance mismatches. LLMs get it wrong sometimes, but with proper guidance (channel your inner Karl Popper), they can be quite helpful. But this doesn't really speed me up that much, though it makes me more confident that my deliverable is correct.

[sigbottle]

This is fundamental. Well, not really - a strategy SV tried to use is absolute market dominance to the point where you have to integrate with them. But in spaces where true interoperability is required, it's just philosophically hard. People don't mean the same thing.

[elgertam]

Yeah, semantics is extremely important. Just no way around it.

[jimbob45]

Couldn’t agree more and especially when some docs are incorrect and AI is able to guesstimate the correction based on other implementations or parallel docs that it’s found. Goes from “Let me spend a few days scouring the internet and our internal repo to see if I can maybe find a workaround” to “This can definitely get done”.

[holoduke]

Itops related work in general is so suitable for ai agents. Configuring clusters of barebone servers. I normaly spend days on configuring things like nfs, sysctls, firewalls, upgrades, disks, crons, monitoring etc. now it's hours max. I can literally ask it to ssh into 50 vps machines and perform all tasks I tell him to do.

[necovek]

You mean like

  for host in vps_hosts; do
     ssh $host < commands.sh > errors.log 2&>1 &
  done

I imagine what you are really getting out of it is not having to type the actual commands into commands.sh?

[pylua]

Isn’t this what mcp is supposed to solve?

[elgertam]

MCP connects the LLM to the APIs, which can be consulted with "tool calls." I'm talking about integrating the software I produce (with LLM assistance) to APIs. Traditionally, this is a nightmare given poor documentation. LLMs have helped me cut through the noise.

[pylua]

Right, I haven’t used it but thought at a high level it can do that integration on the fly.

I also do a lot of software system to system and in the long run I feel like ai will solve this.

[elgertam]

I built an MCP server to speak WHOIS/RDAP so I could have Claude give me better domain name suggestions that weren't already taken. It can also be used in LLM-enabled applications (provided that the model is "tool calling" and that there's an orchestrator).

In principle, MCP servers can be created for just about any OAuth-protected API. However, you still need to create the server, and this is where the usage I'm talking about shines: when working on the MCP server, an LLM can be quite helpful in getting the right APIs integrated.

The same goes for other development that doesn't need an LLM context built-in. If I wanted to sync two calendars, for instance, I wouldn't build an MCP that speaks CalDav and Exchange and then let it loose (though this so-called agentic workflow is becoming more popular); I'd want to build software with an LLM's help that can speak both protocols by having it generate code to handle whatever OAuth tokens and scopes are necessary and then help me deploy the thing.