Skip to content
MCP Gateway

MCP Gateway

Enterprise governed MCP runtime

Ship private tools to AI agents, governed.

MCP Gateway puts identity, default‑deny policy, credential brokering, private connectivity, and a complete audit trail in front of every MCP server and REST API your agents touch — so you can say yes to AI without rebuilding governance for each tool.

Get started Your first governed call
Cedar policy engine OpenAPI → MCP Credential broker Metadata‑only audit Self‑hosted & hybrid

Why MCP Gateway

Governance at the MCP boundary

One control layer for identity, policy, credentials, connectivity, sessions, and audit — so every team doesn’t rebuild it for every server.

Authorization

Default‑deny by design

Every discovery and tool call is evaluated by the Cedar policy engine. An explicit deny always wins, and anything unmatched is denied — and hidden from discovery, so agents never even learn a capability exists unless policy allows it.

Credential broker

Service‑account, user‑delegated, agent‑scoped, and workload‑mapped credentials resolved at the edge — secrets never reach the agent or the audit log.

OpenAPI → MCP

Turn selected REST operations into governed MCP tools. Host‑allowlisted, schema‑validated, approval‑gated — only what you choose is ever exposed.

Audit everything

Every decision is recorded with its policy version — searchable, exportable, SIEM‑ready, and metadata‑only by design.

Sessions & revocation

Stateful sessions with affinity, reconnect, and drain — plus instant fan‑out revocation that takes effect on the very next request.

Private connectivity

Reach private upstreams through direct routes and outbound connectors with SSRF‑safe boundaries — and see the blast radius before you disable one.

Architecture

Two planes, one source of truth

The control plane owns configuration and approvals. The data plane enforces it on every request — and reports audit straight back.

AI client / agent DATA PLANE · :8081 Authenticate & resolve agent Policy enforcement Credential broker MCP routing CONTROL PLANE · :8080 Registry Policy Approvals Audit Approved MCP servers & generated API tools request routed call config projection runtime audit
Configuration is projected from the control plane to the data plane; metadata‑only audit flows back.

Built for every workflow

One product, three interfaces

Every governed task is available — and documented — three ways. Click through the console, script the API, or run a command in CI.

Web UI

Five workspaces — Govern, Access, Operate, Investigate, Settings — for interactive review and investigation.

REST API

An OpenAPI 3.1 admin API on :8080 — the same surface the console itself calls.

gatewayctl CLI

A scriptable Go CLI for onboarding, policy, diagnostics, and ops — every verb speaks —format json.

Start governing in minutes

Authenticate to your gateway, make your first governed tool call, and watch policy and audit do their work.

Get started

Read the concepts
See it illustrated Prefer pictures? The illustrated guide walks through every concept visually.

Type set in Geist, Source Serif 4, and Departure Mono.