LangChain4j
Idiomatic Java/JVM library for building LLM-powered applications with unified model APIs, tool calling, agentic workflows, RAG, chat memory, embedding stores, MCP client support, and Spring Boot, Quarkus, Helidon, and Micronaut integrations.
Open the source and read safety notes before installing.
Safety notes
- LangChain4j can bind model calls to Java tools, MCP tools, RAG retrievers, and framework services. Treat each tool as application code with permissions, side effects, and audit requirements.
- The MCP tutorial supports stdio, Streamable HTTP, WebSocket, Docker stdio, and legacy HTTP/SSE transports. Review subprocess commands, Docker socket access, server URLs, and credentials before connecting agents.
- Use MCP tool filtering and tool-name mapping when a server exposes many tools or overlapping tool names; do not expose write-capable tools by default.
- RAG examples may read local directories, parse documents, and store embeddings in external vector stores. Scope ingestion paths and retention rules before indexing private data.
- The agentic module is documented as experimental, so teams should pin versions, test workflows, and avoid relying on unstable APIs for critical production behavior.
Privacy notes
- Prompts, chat memory, tool arguments, tool outputs, retrieved document chunks, embeddings, vector-store metadata, model responses, logs, and MCP traffic may include private application or customer data.
- Model providers, embedding providers, vector stores, MCP servers, framework logs, tracing systems, and Java application logs may observe or retain LangChain4j workflow data.
- Do not commit provider keys, MCP server credentials, vector database secrets, local document paths, generated traces, or raw RAG datasets.
- If request/response or MCP transport logging is enabled for debugging, review logs before sharing them because they can include prompts, tool payloads, retrieved content, and credentials.
Prerequisites
- Java/JVM project using Maven, Gradle, Spring Boot, Quarkus, Helidon, Micronaut, or a plain Java build.
- Selected LangChain4j modules for the model provider, embedding store, RAG pipeline, MCP transport, framework integration, or agentic workflow you need.
- Provider credentials, model endpoints, vector database credentials, MCP server URLs, or local stdio/Docker server commands stored outside source control.
- Version alignment between LangChain4j core modules, beta modules, framework integrations, and enterprise dependency constraints.
- A review plan for any tool-calling, MCP-connected, browser-like, database, filesystem, or account-writing capability.
Schema details
- Install type
- cli
- Troubleshooting
- No
- Scope
- Source repo
- Estimated setup
- 25 minutes
- Difficulty
- intermediate
- Pricing
- free
- Disclosure
- editorial
- Application category
- DeveloperApplication
- Operating system
- Cross-platform
Full copyable content
<dependency>
<groupId>dev.langchain4j</groupId>
<artifactId>langchain4j</artifactId>
</dependency>About this resource
Overview
LangChain4j is an idiomatic Java/JVM library for building LLM-powered applications. It provides unified APIs over model providers and embedding stores, plus higher-level abstractions for chat memory, tools, RAG, AI services, agentic workflows, MCP tool providers, and framework integrations.
This is a high-value directory gap because most agent framework coverage is Python or TypeScript-heavy. LangChain4j targets Java teams that want typed APIs, POJOs, annotations, interfaces, dependency injection, Maven/Gradle modules, and enterprise framework support without porting Python agent examples into a JVM codebase.
Install
LangChain4j is distributed as Java modules. Add the module coordinates needed for the selected model, tool, RAG, MCP, or framework integration.
Base Maven shape:
<dependency>
<groupId>dev.langchain4j</groupId>
<artifactId>langchain4j</artifactId>
</dependency>
MCP Docker stdio support uses a separate module:
<dependency>
<groupId>dev.langchain4j</groupId>
<artifactId>langchain4j-mcp-docker</artifactId>
</dependency>
Check the official docs and Maven Central for current versions and module names, especially when mixing core, beta, community, Spring Boot, Quarkus, Helidon, or Micronaut dependencies.
Agent Capabilities
| Area | LangChain4j Coverage |
|---|---|
| JVM application layer | Typed AI services, Java interfaces, annotations, POJOs, dependency injection, fluent builders, and framework integration |
| Model APIs | Unified access patterns for many chat, language, image, embedding, and streaming model providers |
| RAG | Easy RAG, naive RAG, advanced RAG, document loading, splitting, embedding, retrieval, reranking, and vector-store integrations |
| Agents | langchain4j-agentic workflows, @Agent, AgenticServices, AgenticScope, sequential workflows, loops, and composed subagents |
| Tools | Java tool calling, tool providers, tool specifications, and integration with AI services |
| MCP | MCP client/tool-provider support for stdio, Streamable HTTP, WebSocket, Docker stdio, and legacy HTTP/SSE transports |
| Frameworks | Spring Boot, Quarkus, Helidon, Micronaut, Payara Micro, Kotlin, testing, observability, and guardrails tutorials |
MCP Fit
LangChain4j is not a standalone MCP server entry. It belongs in tools because it
lets JVM applications consume MCP tools and connect them to AI services. The MCP
tutorial documents McpTransport, McpClient, McpToolProvider, tool-name
filters, tool-name mapping, multiple MCP clients, and dynamic client/filter
management.
That makes it useful for Java teams building Claude-adjacent agent products where MCP servers provide the external tool surface. It also means teams need strict permission design: use read-only tools first, filter tools by name, map conflicting tool names, and avoid handing broad filesystem, Docker, SaaS, or database access to a model loop without review.
Use Cases
- Build Java or Kotlin LLM applications with model-provider abstraction.
- Add RAG over internal docs, support content, code search, or product data.
- Connect Spring Boot or Quarkus services to model calls and tool calling.
- Let AI services call selected MCP tools through stdio, HTTP, WebSocket, or Docker stdio transports.
- Compose typed agentic workflows with shared state and subagents.
- Use enterprise JVM observability, tests, dependency management, and deployment practices around agent workflows.
Source Review
Verified on 2026-06-18:
- GitHub reports
langchain4j/langchain4jas an Apache-2.0 repository with active development, 12,000+ stars, and latest release tag1.16.3. - The repository description and README identify LangChain4j as an idiomatic Java/JVM library for LLM applications with unified model APIs, embedding stores, tool calling, agents, RAG, and enterprise Java integrations.
- The README says LangChain4j supports 20+ LLM providers, 30+ embedding stores, low-level prompt/chat-memory/function-calling abstractions, high-level agents and RAG patterns, and examples for plain Java, Quarkus, Spring Boot, Helidon, and Micronaut.
- The agents tutorial documents the experimental
langchain4j-agenticmodule,@Agent,AgenticServices,AgenticScope, sequential workflows, loop workflows, and shared variables across agents. - The MCP tutorial documents stdio, Streamable HTTP, WebSocket, Docker stdio,
and legacy HTTP/SSE transports, plus
McpClient,McpToolProvider, tool-name filtering, tool-name mapping, and binding MCP tools into AI services. - The RAG tutorial documents indexing, retrieval, Easy RAG, naive RAG, advanced RAG, embedding stores, document loading, splitting, and retrieval patterns.
Safety and Privacy
LangChain4j runs inside the JVM application boundary, so its safety depends on normal application engineering: dependency pinning, secrets management, tool authorization, logging policy, tenant isolation, and tests. Treat model-visible tools as public method surfaces until each one has scoped input validation, authorization, rate limiting, and audit logging.
MCP integration deserves extra review. A stdio server may start a local subprocess, a Docker transport may touch container runtime access, and HTTP or WebSocket transports may send user context to remote services. Filter tools aggressively and avoid exposing write-capable tool sets before an operator has a clear approval path.
Duplicate Check
Checked current content/tools/, content/mcp/, content/agents/,
content/skills/, guides, collections, open pull requests, and repository-wide
content for langchain4j/langchain4j, LangChain4j, dev.langchain4j,
langchain4j-agentic, Java AI agents, Java RAG framework, Spring Boot AI
agents, Quarkus LangChain4j, LangChain4j MCP, and JVM LLM framework. Existing
entries cover adjacent Python/TypeScript frameworks, RAG stores, MCP SDKs, and
agent platforms such as LangChain, LangGraph, LlamaIndex, Haystack, Agno,
Pydantic AI, Mastra, CrewAI, AutoGen, CAMEL, Smolagents, and the official MCP
SDKs, but no dedicated LangChain4j tools entry, exact source URL duplicate,
target file, or open duplicate PR was found.
Source citations
Add this badge to your README
Show that LangChain4j is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.
[](https://heyclau.de/entry/tools/langchain4j)How it compares
LangChain4j side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.
| Field | LangChain4j Idiomatic Java/JVM library for building LLM-powered applications with unified model APIs, tool calling, agentic workflows, RAG, chat memory, embedding stores, MCP client support, and Spring Boot, Quarkus, Helidon, and Micronaut integrations. Open dossier | Koog JetBrains incubator Kotlin and JVM agent framework for building predictable, fault-tolerant AI agents with graph workflows, tools, MCP integration, memory, streaming, OpenTelemetry, Spring/Ktor integrations, and multiple LLM providers. Open dossier | CAMEL-AI CAMEL Open-source Python multi-agent framework for building agent societies, role-playing agents, stateful ChatAgent workflows, RAG agents, synthetic data generation, MCP-enabled use cases, and research-scale agent experiments. Open dossier | AG2 Agent Framework Open-source Python AgentOS and multi-agent framework, evolved from AutoGen, for building conversable agents, group chats, swarms, human-in-the-loop workflows, tool use, RAG, code execution, and provider-backed agent systems. Open dossier |
|---|---|---|---|---|
| Trust | ||||
| Install risk | Review first | Review first | Review first | Review first |
| Notes | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ |
| Category | tools | tools | tools | tools |
| Source | source-backed | source-backed | source-backed | source-backed |
| Author | LangChain4j | JetBrains | CAMEL-AI | AG2 |
| Added | 2026-06-18 | 2026-06-18 | 2026-06-18 | 2026-06-18 |
| Platforms | CLI | CLI | CLI | CLI |
| Source repo | — | — | — | — |
| Safety notes | ✓LangChain4j can bind model calls to Java tools, MCP tools, RAG retrievers, and framework services. Treat each tool as application code with permissions, side effects, and audit requirements. The MCP tutorial supports stdio, Streamable HTTP, WebSocket, Docker stdio, and legacy HTTP/SSE transports. Review subprocess commands, Docker socket access, server URLs, and credentials before connecting agents. Use MCP tool filtering and tool-name mapping when a server exposes many tools or overlapping tool names; do not expose write-capable tools by default. RAG examples may read local directories, parse documents, and store embeddings in external vector stores. Scope ingestion paths and retention rules before indexing private data. The agentic module is documented as experimental, so teams should pin versions, test workflows, and avoid relying on unstable APIs for critical production behavior. | ✓Koog is marked as a JetBrains incubator project and the README uses Kotlin Alpha language/project signals; production adopters should pin versions, test upgrades, and track breaking changes. Agents can call custom tools, MCP tools, graph workflow nodes, provider APIs, memory stores, and enterprise integrations; review permissions and side effects for every tool before enabling it. Fault tolerance, retries, state restoration, history compression, and graph workflows can replay or resume actions; design idempotency, compensation, and escalation behavior for side-effecting tools. Spring Boot, Ktor, Android, iOS, JS, WasmJS, and backend deployments each need separate security, platform, and packaging review. OpenTelemetry traces and model/tool logs help debug agents, but they can also expose sensitive prompts, tool results, and application state. | ✓CAMEL agents can coordinate multi-step tasks, call tools, use web/search integrations, connect to MCP examples, and run with provider credentials; review tool permissions before giving agents write access or account access. Large-scale agent societies and role-playing workflows can generate high volumes of model calls, tool calls, logs, synthetic data, and intermediate artifacts; set budgets, rate limits, and stop conditions before long runs. RAG, document, media, browser, communication, and data-tool extras may access local files, third-party APIs, vector stores, notebooks, or generated datasets; isolate experiments from production systems. CAMEL examples include MCP-oriented use cases, but MCP does not make connected tools safe by default. Scope server permissions, credentials, filesystem access, and approval gates separately. Do not treat generated code, generated datasets, citations, research summaries, or multi-agent decisions as verified until they have been reviewed against source data and policy requirements. | ✓AG2 agents can converse, call tools, execute code, use retrieval systems, run browser workflows, and coordinate group chats; require explicit permissions and approval gates for high-impact actions. The upstream install docs and examples commonly involve provider credentials; keep API keys, config files, notebooks, and `.env` files out of commits and support tickets. Code execution, Docker, Jupyter, browser-use, and RAG extras can touch local files, network services, notebooks, databases, and external websites; scope them tightly before granting agent access. Multi-agent conversations can continue through nested chats, swarms, group chats, and custom reply handlers; define termination, escalation, retry, and human takeover behavior. Track the release roadmap before upgrading because deprecations and the v1.0 transition can change which APIs should be used for new work. |
| Privacy notes | ✓Prompts, chat memory, tool arguments, tool outputs, retrieved document chunks, embeddings, vector-store metadata, model responses, logs, and MCP traffic may include private application or customer data. Model providers, embedding providers, vector stores, MCP servers, framework logs, tracing systems, and Java application logs may observe or retain LangChain4j workflow data. Do not commit provider keys, MCP server credentials, vector database secrets, local document paths, generated traces, or raw RAG datasets. If request/response or MCP transport logging is enabled for debugging, review logs before sharing them because they can include prompts, tool payloads, retrieved content, and credentials. | ✓Prompts, system instructions, chat history, tool schemas, tool arguments, tool outputs, graph state, memory records, embeddings, traces, model responses, and errors can be sent to configured model providers or observability backends. MCP tools and custom Kotlin/JVM tools may expose databases, application internals, filesystem data, cloud resources, user records, credentials, or private business logic to the agent loop. History compression, persistence, shared memory, vector embeddings, and ranked document storage can retain user or workspace data across runs unless retention and deletion rules are explicit. Do not publish provider keys, internal service URLs, trace exports, memory dumps, mobile app data, user records, or production incident logs in examples, issues, screenshots, or PRs. | ✓Prompts, model responses, agent messages, tool arguments, tool outputs, retrieved documents, search results, logs, generated datasets, traces, and errors may include user or workspace data. Model providers, search providers, MCP servers, vector stores, web tools, document parsers, browser tools, and observability integrations may receive data from CAMEL workflows. Keep provider API keys, OAuth tokens, MCP server credentials, vector database URLs, generated logs, and synthetic datasets out of committed examples, screenshots, public issues, and shared notebooks. If `CAMEL_MODEL_LOG_ENABLED` or other logging/tracing integrations are enabled, review request/response logs and model configuration logs before sharing or retaining them. | ✓Prompts, messages, tool arguments, tool outputs, code snippets, notebook state, retrieved documents, vector-store contents, provider responses, traces, and execution logs may contain sensitive user or workspace data. Do not expose secrets, API keys, private file paths, customer records, internal documents, database rows, or raw exceptions through agent messages, logs, notebooks, screenshots, or public examples. Provider extras and retrieval integrations can route data through OpenAI, Anthropic, Google, AWS, local model servers, databases, vector stores, browser automation, or other third-party services. If AG2 is used for code execution or browser automation, define which files, domains, credentials, downloads, screenshots, and logs can be read or retained. |
| Prerequisites |
|
|
|
|
| Install | | | | |
| Config | — | — | — | — |
| Citations | ||||
| Claim | Unclaimed | Unclaimed | Unclaimed | Unclaimed |
Featured in
Signals
Loading live community signals…
A short, calm digest of reviewed Claude resources. Unsubscribe any time.