SatGate checks scoped authority, budgets, delegation, MCP tool access, and paid-rail policy before execution — then exports Evidence Packs proving every decision.
Authority before execution. Evidence after every approval, denial, spend event, delegation, and revocation.
Agents badge in once. Every request - verified, metered, budget-enforced.
See how it worksAgents act across tools, APIs, and paid rails. SatGate enforces policy before they act — and leaves evidence after. 30 seconds.
Free agent governance tools
Start with the flagship tools and benchmark. The full tools hub has the calculators, policy generators, and readiness checks for deeper planning.
Model loop, retry, fanout, and paid tool-call exposure before detection.
Open toolUse original JSON/CSV benchmark data to quantify agent loops, retry storms, and avoidable spend.
Open toolScore identity, budgets, MCP tools, revocation, Evidence Packs, routing, and paid-rail governance.
Open toolStart with internal agents: scope authority, enforce policy at runtime, and preserve evidence. Then open external rails - on your terms.
Always-on for non-PUBLIC routes
Every protected route requires valid credentials (Macaroons). Capabilities, caveats, delegation, and revocation-built into the protocol, not bolted on.
Your Agents - Govern Authority and Spend
verify → allow → meter/log
Start here. No workflow changes. Map authority, tools, and spend before enforcing policy.
verify → enforce budget → allow
Now enforce it. Policy and budget caps stop agents before unauthorized work executes.
Their Agents - Prevent Unauthorized Access
verify → payment proof → allow
Govern external agent access without making payment proof equal authorization proof.
API keys are all-or-nothing. Delegated capability tokens let you set any budget, scope, and expiry per agent - and agents can't escalate beyond what they're given. Trust flows down, never up.
PUBLIC is the explicit opt-out for probes (/healthz), docs, and webhooks. Everything else is protected by default.
Agents get a credential at startup - like mounting an EZ Pass. Every request after that flows through the gateway: verified, metered, no slowdowns.
No identity lookups on the hot path. No per-request auth round-trips. Just cryptographic verification at wire speed.
Recent research on intelligent AI delegation points to a control problem we see in practice: agents need bounded authority, clear caveats, and safe ways to delegate across trust boundaries. One proposed path is attenuated capability tokens, including macaroons, that restrict what each sub-agent can access.
SatGate implements one version of that control layer.
Agents only get the permissions they need, attenuated at each delegation layer.
Per-agent and per-route economic policy, enforced before upstream execution.
When limits hit, requests stop. Not after billing. Now.
We built SatGate because standing API keys and after-the-fact alerts are a bad fit for autonomous systems. The research gives useful language for a problem we were already seeing in deployed agent workflows. - Tomasev et al., 2026
Three deployment modes. Drop-in. No rip-and-replace.
REST, GraphQL, any HTTP endpoint
Route only agent traffic through SatGate
Per-tool budgets, delegation trees
Four steps to govern agent traffic. No code changes required.
Define routes with economic policies. PUBLIC for probes/docs, protected for everything else.
routes:
- path: /healthz
policy: public
- path: /v1/*
policy: observe
- path: /premium/*
policy: chargeApply when ready. Version history + audit log. Rollback if needed.
v3 (applied) ← current v2 (available) v1 (available) Audit: who, when, diff
Use *.satgate.cloud or your custom domain. Traffic flows through SatGate.
# Your domain api.yoursite.com CNAME → satgate.cloud # Or use ours yourapp.satgate.cloud
Real-time verified, denied, and metered decisions with evidence you can export.
Verified: 1,203 requests Denied: 12,847 policy hits Metered: $847 usage → Export Evidence Pack
FAQ
SatGate is an economic control plane for internal enterprise agents. It sits in the request path to scope authority, enforce policy and budgets, prove revocation, and preserve evidence across internal APIs and paid external calls.
SatGate applies scoped authority, per-agent policy, revocation, and budgets before each request reaches an API or MCP tool, so unauthorized actions and expensive calls can be blocked before they happen.
Observe tracks agent traffic and cost without blocking. Control enforces budgets and scoped policy for internal agents. Charge preserves authorization evidence around external paid access across L402, x402, API-key, or enterprise billing rails.