Enforgate
Start free
MCP gateway · action-boundary security

The security gateway for AI agents

Agents route their tool calls through Enforgate — you set the rules, approve sensitive actions, and audit everything.

Start freeRead the docs

Free to start · no credit card · open standards (MCP)

Live tool callsenforgate /mcp
github__list_issuesAllowed

A boundary around what your agent can do

Enforgate sits between your agent and its tools. Every call is evaluated, decided, and recorded — so autonomy never means unchecked access.

Action-boundary enforcement

Policies decide every tool call before it runs — glob rules, per-argument conditions, priority ordering, and default-deny. The boundary is the action itself, not the model's text.

Human-in-the-loop approvals

Hold risky calls for a human. Notify by email, Slack, Teams, or Telegram; approve once or grant a time-boxed allowance. No answer in time fails closed.

Full audit trail

Every call, verdict, and approval is recorded — who, what, when, and the rule that decided it. Arguments are never stored in the clear, only hashed.

MCP-native, drop-in

Point your agent at the gateway's /mcp endpoint and it proxies your existing MCP servers, guarding each tool. No SDK rewrite, no app changes.

Guarded in three steps

1

Get an API key

Create a key in the dashboard and attach a policy. Keys are stored hashed — you see the secret once.

2

Point your agent at Enforgate

Set your agent's MCP server to the gateway's /mcp endpoint with your key. It now reaches your tools through the boundary.

3

Set the rules

Write policies that allow, deny, or require approval. Test them in the playground and watch verdicts land in the live feed.

Drop it into Claude Desktop

Add one MCP server entry and your agent reaches its tools through the gateway. The same key works from cURL, TypeScript, Python, and LangChain — see the integration guides.

claude_desktop_config.json
{
  "mcpServers": {
    "enforgate": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote",
        "https://api.enforgate.com/mcp",
        "--header",
        "Authorization: Bearer bwb_your_api_key"
      ]
    }
  }
}

Simple, usage-based pricing

More guarded calls, team seats, and capabilities as you grow. Start free — upgrade when you need standing grants, more channels, white-label, and beyond.

Free

Everything you need to guard a single agent.

$0forever

1,000 calls / month

  • 1,000 guarded calls / month
  • 1 team member
  • 2 API keys · 2 upstreams · 3 policies
  • Email approval alerts
  • 7-day audit retention
Start free
Most popular

Pro

For teams putting agents in production.

$29per month

50,000 calls / month

  • 50,000 guarded calls / month
  • 5 team members
  • 20 API keys · 20 upstreams · Unlimited policies
  • Email, Slack, Teams & Telegram alerts
  • Standing grants
  • Custom SMTP
  • Webhooks
  • Authenticated approvals & reversal
  • 90-day audit retention
Coming soon

Scale

High-volume fleets and strict compliance.

$199per month

1,000,000 calls / month

  • 1,000,000 guarded calls / month
  • Unlimited team members
  • Unlimited API keys · Unlimited upstreams · Unlimited policies
  • Email, Slack, Teams & Telegram alerts
  • Standing grants
  • Custom SMTP
  • Webhooks
  • Authenticated approvals & reversal
  • White-label branding & custom domain
  • SSO / SAML
  • 365-day audit retention + export
Coming soon

Built for teams shipping autonomous agents

NorthwindAcme AIGlobexInitechHooli

Put a boundary around your agents

Create a key, set a policy, and guard your first tool call in minutes.

Start freeRead the quickstart