Jentic Mini

Product Introduction

1. Definition: Jentic Mini is a self-hosted, open-source API execution layer specifically engineered for autonomous AI agents. Technically categorized as AI middleware or an agentic integration gateway, it serves as a secure bridge between Large Language Models (LLMs) and external software interfaces. It is built on a high-performance FastAPI framework with a SQLite backend, distributed as a Docker container for seamless deployment within private infrastructure.

2. Core Value Proposition: Jentic Mini exists to eliminate the security risks and developmental overhead associated with connecting AI agents to real-world data and services. By decoupling credential management from the agent logic, it ensures that sensitive API keys and OAuth tokens never enter the LLM's context window or prompt history. This "zero-exposure" architecture enables developers to build production-ready agents that can discover, search, and execute actions across a catalog of over 10,000 APIs without writing bespoke glue code or risking credential leaks through prompt injection.

Main Features

1. Encrypted Local Credentials Vault: Jentic Mini utilizes an encrypted local storage system for managing API keys, OAuth tokens, and other secrets. At runtime, the execution layer intercepts the agent's intent, retrieves the necessary credentials from the vault, and injects them directly into the HTTP request header. Because this process happens within the self-hosted environment, the raw secrets are never returned to the agent or the calling LLM, maintaining a strict security boundary.

2. Toolkit-Scoped Permission & Governance: The platform implements a "Toolkit" architecture where developers can bundle specific sets of APIs, credentials, and access policies into a single unit. Each AI agent is assigned a unique toolkit key, ensuring the principle of least privilege. This enables granular control, allowing administrators to monitor agent behavior, enforce AI-specific policies, and utilize a "killswitch" to instantly revoke an agent’s access to specific systems without affecting other integrations.

3. AI-Curated API and Workflow Catalog: Jentic Mini provides access to an expansive library of over 1,044 API specifications and 380+ workflow sources, curated by AI agents to be machine-readable. This catalog functions as a "Hugging Face for APIs," offering standardized maps of tools that agents can search using BM25 full-text search. It supports Arazzo workflows, allowing agents to understand and execute complex, multi-step API sequences visually edited and visualized via the Arazzo UI and Editor.

Problems Solved

1. Credential Exposure in Prompt Contexts: A primary security vulnerability in agentic workflows is the "secrets in prompts" problem. Traditional methods often require passing API keys within the prompt or hardcoding them into the agent's logic, making them susceptible to prompt injection or logging leaks. Jentic Mini solves this by acting as a broker that handles authentication externally to the model's inference process.

2. Target Audience:

• AI Developers and Engineers: Those building agents with frameworks like OpenClaw or NemoClaw who need a scalable way to handle integrations.
• DevSecOps Professionals: Teams responsible for securing enterprise data while enabling the use of autonomous AI tools.
• Product Managers: Individuals overseeing the transition from "chatbots" to "action-oriented agents" that must interact with internal production systems.

3. Use Cases:

• Autonomous CRM Management: An agent that needs to update records in Salesforce, pull data from HubSpot, and notify a team in Slack without the developer writing specific authentication logic for each service.
• Secure Enterprise Search: Connecting an LLM to internal private APIs where data privacy is paramount and credentials must remain within the corporate firewall.
• Automated DevOps Workflows: Enabling agents to trigger CI/CD pipelines or cloud infrastructure changes through a governed execution layer.

Unique Advantages

1. Self-Hosted Data Sovereignty: Unlike hosted integration platforms, Jentic Mini is entirely self-hosted. This ensures that all API traffic, credential storage, and execution logs remain within the user's controlled infrastructure, meeting strict compliance requirements like SOC 2 or GDPR that are often barriers for third-party AI services.

2. Standardized Agent-to-API Communication: Traditional integration requires "glue code" for every service. Jentic Mini replaces this with a standardized execution layer where the agent expresses intent, and the platform handles the technical specifics of the API call. This abstraction layer uses the Arazzo specification to transform complex API documentation into actionable workflows that AI agents can actually comprehend and execute reliably.

3. Open-Source Foundation (Apache 2.0): Jentic Mini provides a free, transparent foundation for agentic software development. This prevents vendor lock-in and allows the community to audit the security of the execution layer, while providing a clear upgrade path to Jentic's Hosted/VPC offerings for enterprises requiring advanced semantic search and scalable Lambda-based brokering.

Frequently Asked Questions (FAQ)

1. Is Jentic Mini free to use for commercial projects? Yes, Jentic Mini is released under the Apache 2.0 license, which permits free use, modification, and distribution for both personal and commercial applications. It is designed to be the open-source foundation for the next generation of agentic software.

2. How does Jentic Mini protect against prompt injection attacks stealing API keys? Jentic Mini prevents credential theft by ensuring that the AI agent never sees the API keys. The agent sends a request to the Jentic Mini local server; Jentic Mini then retrieves the secret from its encrypted vault and sends the request to the external API. The response is filtered before being sent back to the agent, ensuring secrets stay within the execution layer.

3. Can I use Jentic Mini with custom internal APIs not in the 10,000+ catalog? Absolutely. While Jentic Mini provides a massive catalog of public APIs, you can easily add credentials and import your own custom API specifications (Swagger/OpenAPI) and Arazzo workflows. Once imported, your agent can discover and interact with your internal systems just as it would with public services.