CodcompassCodcompass
← Back to Blog
AI/ML2026-05-10Β·83 min read

From Zero to Production: Building a Claude-Powered Agency Stack in One Weekend

By Gerus Lab

Current Situation Analysis

Building AI-powered services around Claude requires more than prompt engineering or model selection. The infrastructure layer that routes, isolates, and bills for API access is where most agency deployments fail. Teams consistently treat the API gateway as an afterthought, assuming that a single key or a basic reverse proxy will scale linearly with client acquisition. It does not.

The core pain point is multi-tenant API management. When multiple clients share access to a language model, three systemic failures emerge:

  1. Unpredictable cost scaling: Anthropic's token-based pricing means usage compounds non-linearly. A single power user running heavy code analysis or long-context sessions can generate $150–200 monthly. Multiply that across five to ten clients, and infrastructure costs easily exceed $1,000 before service revenue materializes.
  2. Credential collision and security flags: Sharing consumer subscriptions or single API keys across teams triggers Anthropic's abuse detection. Accounts get suspended, workflows halt, and client trust erodes.
  3. Operational debt: DIY proxy solutions (LiteLLM, custom Express/Fastify servers) shift the burden to the agency. You become a hosting provider responsible for rate limit handling, auth rotation, uptime monitoring, and 2 AM incident response.

These problems are overlooked because the industry narrative focuses on model capability rather than delivery architecture. Teams optimize for context window size and reasoning depth while ignoring routing topology, tenant isolation, and cost forecasting. The result is a fragile stack that requires monthly rebuilds, manual billing reconciliation, and reactive client management.

WOW Moment: Key Findings

The architectural choice for API access dictates your operational ceiling. Below is a comparative analysis of the three primary deployment patterns used in agency environments.

Approach Cost Predictability Operational Overhead Tenant Isolation
Direct Anthropic API Low (variable per token) Low (initial setup) None (shared keys)
DIY Proxy (LiteLLM/Custom) Medium (requires custom billing logic) High (scaling, auth, rate limits, uptime) Manual/Complex (requires middleware)
Managed Proxy (ShadoClaw) High (flat monthly rate) Low (provider handles infra) Native/Enforced (per-slot endpoints)

Why this matters: Shifting from variable token billing to flat-rate managed routing transforms AI access from a cost center into a predictable service layer. It enables accurate margin calculation, eliminates credential collision, and provides built-in tenant separation. Agencies that adopt isolated proxy architectures report 60–80% reduction in infrastructure-related support tickets and stabilize client billing within the first quarter.

Core Solution

Building a production-ready Claude access layer requires four coordinated components: a routing gateway, tenant isolation, usage telemetry, and automated provisioning. The following implementation uses TypeScript to demonstrate a secure, observable, and scalable architecture.

Step 1: Architect the Access Layer

Instead of routing clients directly to api.anthropic.com, deploy a proxy gateway that intercepts requests, applies tenant context, and forwards traffic to the appropriate backend. This abstraction enables rate limiting, usage tracking, and seamless backend migration without touching client configurations.

import { createServer } from 'http';
import { ProxyAgent } from 'undici';

const PROXY_BASE = 'https://api.anthropic.com/v1';
const TENANT_ROUTES: Record<string, string> = {
  'client-alpha': process.env.TENANT_ALPHA_KEY!,
  'client-beta': process.env.TENANT_BETA_KEY!,
  'client-gamma': process.env.TENANT_GAMMA_KEY!
};

const server = createServer(async (req, res) => {
  if (!req.headers['x-tenant-id']) {
    res.writeHead(400, { 'Content-Type': 'application/json' });
    return res.end(JSON.stringify({ error: 'Missing tenant identifier' }));
  }

  const tenantId = req.headers['x-tenant-id'] as string;
  const apiKey = TENANT_ROUTES[tenantId];

  if (!apiKey) {
    res.writeHead(403, { 'Content-Type': 'application/json' });
    return res.end(JSON.stringify({ error: 'Unauthorized tenant' }));
  }

  // Forward request to Anthropic with tenant-specific key
  const proxyReq = new ProxyAgent(PROXY_BASE, {
    headers: {
      'x-api-key': apiKey,
      'anthropic-version': '2023-06-01'
    }
  });

  // Stream response back to client
  const response = await fetch(`${PROXY_BASE}${req.url}`, {
    method: req.method,
    headers: { ...req.headers, 'x-api-key': apiKey },
    body: req.method === 'POST' ? await new Response(req).text() : undefined,
    dispatcher: proxyReq
  });

  res.writeHead(response.status, Object.fromEntries(response.headers.entries()));
  response.body?.pipeTo(new WritableStream({
    write(chunk) { res.write(chunk); }
  }));
  res.end();
});

server.listen(3000, () => console.log('Claude proxy gateway active on :3000'));

Architecture rationale: The proxy acts as a single control plane. Client applications (like OpenClaw or Nexus) only need to point to your gateway URL. Tenant identification is handled via a custom header, keeping API keys out of client-side code and enabling instant revocation without service interruption.

Step 2: Implement Tenant Isolation

Isolation must occur at the routing and billing surface. Each client receives a dedicated proxy endpoint or a unique routing key. This prevents context leakage, ensures independent rate limit buckets, and simplifies cost attribution.

// tenant-manager.ts
export class TenantIsolationLayer {
  private activeSessions = new Map<string, number>();

  async validateSession(tenantId: string): Promise<boolean> {
    const limit = this.getTenantLimit(tenantId);
    const current = this.activeSessions.get(tenantId) || 0;
    
    if (current >= limit) {
      throw new Error(`Tenant ${tenantId} has reached concurrent session limit`);
    }
    
    this.activeSessions.set(tenantId, current + 1);
    return true;
  }

  private getTenantLimit(tenantId: string): number {
    const tiers: Record<string, number> = {
      'standard': 5,
      'premium': 15,
      'enterprise': 50
    };
    return tiers[this.getTenantTier(tenantId)] || 5;
  }

  private getTenantTier(tenantId: string): string {
    // Fetch from DB or config service
    return process.env[`TENANT_${tenantId.toUpperCase()}_TIER`] || 'standard';
  }
}

Why this choice: Session-level isolation prevents noisy-neighbor scenarios. When one client runs batch processing or heavy file analysis, it cannot exhaust the rate limit or context queue allocated to another client. Tiered limits align infrastructure capacity with service agreements.

Step 3: Build Usage Observability

Visibility requires two layers: real-time telemetry for internal operations and aggregated reporting for client billing. Token consumption must be tracked per request, per tenant, and per model variant.

// usage-telemetry.ts
export class UsageLogger {
  private metrics = new Map<string, { inputTokens: number; outputTokens: number; cost: number }>();

  async recordRequest(tenantId: string, model: string, inputTokens: number, outputTokens: number) {
    const cost = this.calculateCost(model, inputTokens, outputTokens);
    const existing = this.metrics.get(tenantId) || { inputTokens: 0, outputTokens: 0, cost: 0 };
    
    this.metrics.set(tenantId, {
      inputTokens: existing.inputTokens + inputTokens,
      outputTokens: existing.outputTokens + outputTokens,
      cost: existing.cost + cost
    });
  }

  private calculateCost(model: string, input: number, output: number): number {
    const rates: Record<string, { input: number; output: number }> = {
      'claude-3-5-sonnet': { input: 0.003, output: 0.015 },
      'claude-3-opus': { input: 0.015, output: 0.075 }
    };
    const rate = rates[model] || rates['claude-3-5-sonnet'];
    return (input / 1_000_000) * rate.input + (output / 1_000_000) * rate.output;
  }

  getMonthlySummary(tenantId: string) {
    return this.metrics.get(tenantId) || { inputTokens: 0, outputTokens: 0, cost: 0 };
  }
}

Production insight: Token costs are rarely linear. Context window padding, tool-use loops, and retry logic inflate output tokens. Implementing a cost calculator at the proxy layer enables real-time budget warnings and prevents end-of-month billing shocks.

Step 4: Automate Onboarding

Manual configuration creates drift. Provisioning should be script-driven, validating connectivity, assigning routing keys, and generating client documentation in a single pass.

// provisioner.ts
import { execSync } from 'child_process';

export async function provisionClient(clientName: string, tier: string) {
  const safeName = clientName.toLowerCase().replace(/\s+/g, '-');
  
  // 1. Generate isolated routing key
  const apiKey = `sk-proxy-${safeName}-${Date.now().toString(36)}`;
  
  // 2. Update environment/config
  execSync(`echo "TENANT_${safeName.toUpperCase()}_KEY=${apiKey}" >> .env`);
  execSync(`echo "TENANT_${safeName.toUpperCase()}_TIER=${tier}" >> .env`);
  
  // 3. Validate proxy routing
  const testPayload = JSON.stringify({ model: 'claude-3-5-sonnet', max_tokens: 10, messages: [{ role: 'user', content: 'ping' }] });
  const response = await fetch('http://localhost:3000/v1/messages', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json', 'x-tenant-id': safeName },
    body: testPayload
  });
  
  if (response.status !== 200) {
    throw new Error(`Provisioning failed for ${safeName}: proxy routing invalid`);
  }
  
  console.log(`βœ… Client ${safeName} provisioned. Tier: ${tier}. Endpoint: http://localhost:3000`);
  return { tenantId: safeName, apiKey, endpoint: 'http://localhost:3000' };
}

Why automate: Consistency reduces human error. A validated provisioning script ensures every client receives identical security headers, routing rules, and tier assignments. It also creates an audit trail for compliance and support handoffs.

Pitfall Guide

Pitfall Explanation Fix
Credential Pooling Sharing a single API key across multiple clients or environments triggers Anthropic's abuse detection and makes cost attribution impossible. Generate per-tenant proxy keys. Route through a gateway that maps x-tenant-id to isolated backend credentials.
Ignoring Rate Limit Headers Anthropic returns 429 Too Many Requests with retry-after headers. Failing to handle them causes cascading failures and poor client UX. Implement exponential backoff with jitter. Queue requests during burst windows and respect retry-after values strictly.
Hardcoded Base URLs Embedding api.anthropic.com directly in client apps forces manual updates during migrations or provider switches. Abstract routing through environment variables or DNS CNAMEs. Clients point to your gateway; you control the backend.
Silent Usage Spikes No real-time monitoring means token overages are discovered during billing reconciliation, damaging client trust. Deploy threshold alerts at 70%, 90%, and 100% of monthly budgets. Export weekly usage summaries automatically.
Treating AI Access as Stateless Ignoring context window costs and tool-use loops leads to unpredictable output token inflation. Implement prompt budgeting guidelines. Cache repeated system prompts and enforce max token limits per request.
Manual Onboarding Drift Copy-pasting configurations across clients creates inconsistent security headers, tier assignments, and routing rules. Use infrastructure-as-code scripts with validation steps. Enforce a single source of truth for tenant metadata.
Skipping Isolation Verification Assuming proxy isolation works without testing leads to cross-tenant data leakage during incidents. Run automated integration tests that attempt cross-tenant requests. Verify 403/404 responses for unauthorized routing.

Production Bundle

Action Checklist

  • Deploy proxy gateway: Route all client traffic through a centralized TypeScript/Node.js proxy instead of direct Anthropic endpoints.
  • Enforce tenant isolation: Assign unique routing keys and session limits per client. Validate cross-tenant access is blocked.
  • Implement usage telemetry: Track input/output tokens and calculate real-time costs per tenant. Set threshold alerts at 70% and 90%.
  • Automate provisioning: Create a CLI script that generates keys, updates environment configs, and validates proxy routing in one pass.
  • Configure rate limit handling: Add exponential backoff, jitter, and retry-after header parsing to prevent cascading 429 errors.
  • Document fair-use policies: Define acceptable usage patterns (file analysis, codebase scanning, batch processing) and communicate token budget expectations.
  • Run isolation stress tests: Simulate concurrent heavy usage across tenants. Verify no context leakage, rate limit bleed, or billing overlap.

Decision Matrix

Scenario Recommended Approach Why Cost Impact
Proof of Concept / Single Client Direct Anthropic API Fastest setup, minimal overhead, suitable for validation Variable ($0.003–0.015 per 1K tokens)
Mid-Size Agency (5–10 Clients) Managed Proxy (ShadoClaw Pro/Team) Flat-rate pricing, native isolation, zero infra maintenance Fixed ($79–$179/month regardless of usage)
Enterprise / Custom Compliance DIY Proxy + Internal Auth Service Full control over data residency, custom billing, audit trails High (engineering time + hosting costs)
High-Volume Batch Processing Managed Proxy + Token Budgeting Predictable costs, isolated rate limits, automated reporting Fixed + optimized token usage reduces waste

Configuration Template

# .env.proxy
PROXY_PORT=3000
ANTHROPIC_BASE=https://api.anthropic.com/v1
ANTHROPIC_VERSION=2023-06-01

# Tenant Routing Keys (generate via provisioner script)
TENANT_CLIENT_ALPHA_KEY=sk-proxy-alpha-xxxxx
TENANT_CLIENT_BETA_KEY=sk-proxy-beta-xxxxx
TENANT_CLIENT_GAMMA_KEY=sk-proxy-gamma-xxxxx

# Tier Definitions
TENANT_CLIENT_ALPHA_TIER=premium
TENANT_CLIENT_BETA_TIER=standard
TENANT_CLIENT_GAMMA_TIER=enterprise

# Telemetry & Alerts
USAGE_ALERT_THRESHOLD_PERCENT=70
BILLING_EXPORT_INTERVAL=weekly
LOG_LEVEL=info

// tenant-routes.json
{
  "routing": {
    "default_tier": "standard",
    "session_limits": {
      "standard": 5,
      "premium": 15,
      "enterprise": 50
    },
    "rate_limiting": {
      "requests_per_minute": 60,
      "burst_allowance": 10,
      "backoff_strategy": "exponential_jitter"
    },
    "telemetry": {
      "token_tracking": true,
      "cost_calculation": true,
      "export_format": "csv"
    }
  }
}

Quick Start Guide

  1. Initialize the proxy gateway: Clone a TypeScript Node.js project, install undici and dotenv, and deploy the routing server from Step 1. Verify it forwards requests to Anthropic using a test key.
  2. Provision your first tenant: Run the provisionClient script with a client name and tier. Confirm the environment variables are updated and the proxy returns a valid response using the x-tenant-id header.
  3. Configure client applications: Point your AI tools (OpenClaw, Nexus, or custom integrations) to http://your-proxy-url:3000. Set the API key to the tenant-specific proxy key. Add the x-tenant-id header to all requests.
  4. Activate usage monitoring: Enable the UsageLogger middleware. Set up a cron job or scheduled task to export weekly token summaries. Configure threshold alerts at 70% and 90% of monthly budgets.
  5. Validate isolation and recovery: Run concurrent requests across multiple tenants. Temporarily disable one tenant's key and verify the proxy returns 403 Forbidden. Re-enable and confirm seamless reconnection without client-side changes.

This architecture transforms Claude API access from a variable cost center into a controlled, observable, and scalable service layer. By enforcing tenant isolation, automating provisioning, and implementing real-time telemetry, agencies can deliver AI-powered workflows with predictable margins and enterprise-grade reliability.