devsan
All work

Case study

No-Code AI Bot Platform

TaskBots and ChatBots across multiple LLM providers, with cost tracking and MFA.

shippedContributorAI AgentsFull StackDevOps2025
No-Code AI Bot Platform project cover: TaskBots and ChatBots across multiple LLM providers, with cost tracking and MFA.sanitized project cover

Summary

Owned major parts of a no-code AI platform: secure user workflows, an LLM relay proxy for routing and usage tracking, a dynamic cost engine, and MCP-based agentic capabilities.

Problem

A no-code AI platform lives or dies on three things: secure access, predictable cost, and bots that actually do work. Letting non-technical users compose TaskBots and ChatBots across multiple LLM providers means the platform has to swallow auth, model routing, usage metering, and agentic capability execution — without leaking one tenant's data or one tenant's bill into another's.

Approach

I owned several of the load-bearing pieces. On the auth side: MFA, JWT-based sessions, and role-aware access across tenants — set up so that adding a new role does not require touching every endpoint. The LLM relay proxy sits in front of the provider APIs. Every call routes through it, gets attributed to the right user/project/model, and emits a usage event. That event is what the dynamic cost engine consumes to apply pricing and generate receipts on the fly — finance does not wait for a nightly batch. For agentic capability, I integrated MCP so bots can call structured tools instead of free-form function-calling. That keeps the bots predictable enough for non-technical owners to ship them and trust the output.

Architecture

compose botsession + rolesbot callsmodel requestusage eventsreceiptsBot Ownernon-technicalPlatform AppRailsAuth + MFAJWT, rolesLLM Relay Proxyroutes + metersCost EnginereceiptsLLM ProvidersOpenAI, Claude, …
UserServiceExternal
The relay proxy is the choke point: every model call is routed, attributed, and priced.

Result

The platform runs in production with secure multi-tenant access, transparent cost attribution, and MCP-backed bots that customers actually use. Each piece I owned slotted into the larger product without requiring rework on adjacent surfaces. Shipped, indexed, and finding its first real users.

Highlights

  • LLM relay proxy that routes requests and tracks usage + cost
  • Dynamic cost engine with auto-generated receipts
  • MFA, JWT auth, role-aware access at the platform level

Have something similar?

Let's talk.

Get in touch