Skip to content
agentic control plane Beta

One control plane for every AI model

Multi-tenant MCP gateway with identity-verified governance. Tenant isolation, custom connectors, built-in integrations, and a full dashboard — all powered by GatewayStack's open-source modules.

Model-agnostic
Works with ChatGPT, Claude, Cursor, Windsurf, and any MCP client. See exactly which AI is calling, on every request.
IdP-agnostic
Bring your own identity provider. Auth0, Okta, Entra ID, Firebase, or any OIDC/JWKS-compatible issuer. Your users, your rules.
Full audit trail
Every tool call logged with client, user, latency, and result. Filter by AI client, tool, user, or status in real time.
Agentic Control Plane activity log showing tool calls with user identity, status, client, and response time

Every tool call logged with verified identity, client attribution, and latency.

Built-in connectors. Custom APIs. One URL.

Start with pre-built connectors for popular services, or point ACP at any HTTP API and it becomes an MCP tool — with auth, validation, and audit built in.

GitHub
Repos, issues, PRs, code search
Salesforce
Records, queries, objects
Slack
Channels, messages, threads
Jira
Issues, projects, boards
Confluence
Pages, spaces, search
Linear
Issues, projects, teams
Notion
Pages, databases, blocks
HubSpot
Contacts, deals, companies
Google
Drive, Calendar, Gmail
Custom APIs
Any REST endpoint, your schema

Custom connectors are defined in the dashboard — point to any URL, define the input schema, and ACP handles authentication forwarding, SSRF protection, and request validation.

Agentic Control Plane connector marketplace with built-in and custom connectors

Add built-in integrations or define custom HTTP connectors — all governed by the same pipeline.

Everything you need to govern AI access

Tenant isolation
Path-based tenant routing with Firestore-backed configuration. Each tenant gets their own identity-verified gateway endpoint.
Custom connectors
Define HTTP tools in the dashboard. Executed with SSRF protection and auth injection — no custom code required.
Built-in integrations
GitHub, Salesforce, and custom API connectors out of the box. Connect your existing tools to the governance pipeline.
Dashboard UI
Web interface for managing connectors, tools, policies, and audit logs. No CLI or config files needed for day-to-day operations.
MCP + ChatGPT Apps SDK
Native support for both protocols with identity threading. Connect AI clients through standardized, identity-verified endpoints.
Audit logs
Every tool call is logged with verified user identity, tenant context, and policy decisions. Exportable for compliance review.
Agentic Control Plane content policy with PII detection, risk scoring, and automatic redaction

PII detection, risk-score blocking, and automatic redaction — configured per tenant, no code required.

How it works

1
Sign in
Authenticate with your identity provider. Supports Auth0, Okta, Entra ID, and any OIDC-compliant provider.
2
Create a tenant
Each tenant gets an isolated gateway endpoint, its own configuration, and separate audit logs.
3
Configure your IdP
Point your identity provider at the tenant's audience. Connect handles JWKS discovery and token verification.
4
Connect integrations
Add built-in integrations or define custom connectors. Each connector runs through the full governance pipeline.
5
Monitor
View audit logs, track usage, and manage policies from the dashboard. Every request is attributed to a verified user.

Integration examples

Connect integrations are HTTP tools that run through the full governance pipeline. Define them in the dashboard or use built-in connectors.

GitHub — list repositories

Built-in integration. Connects to GitHub's API with OAuth token forwarding. The gateway verifies the caller's identity, checks their permissions, and logs the request before forwarding to GitHub.

tool: github_list_repos
auth: forward_bearer
endpoint: GET api.github.com/user/repos
scopes: tool:github:read

Custom connector — internal API

Define any HTTP tool in the dashboard. Connect injects authentication, enforces SSRF protection, and applies your tenant's policies. No code required.

tool: lookup_customer
auth: service_oauth
endpoint: POST crm.internal/api/customers
scopes: tool:crm:read

Built on open source

Connect runs all six GatewayStack modules in its request pipeline. Every tool call is identified, transformed, validated, rate-limited, routed, and audited — same governance engine, managed for you.

What Connect adds on top: multi-tenant isolation, a web dashboard for configuration and audit review, built-in integrations (GitHub, Salesforce), custom HTTP connectors, and deployment on Cloud Run with Firestore-backed config.

Ready to get started?

Request beta access and start governing AI access in minutes.