Developer primitive

Build agents that can spend safely

Issue scoped capabilities, route paid calls, and return verifiable receipts your principal can trust.

SatGate is the Economic Firewall for AI agents. This is the developer surface: Capabilities in. Receipts out. Rails abstracted.

Read the docs View SDK examples See proof model

issue_pay_verify.py

from satgate import SatGate

satgate = SatGate(api_key=os.environ["SATGATE_API_KEY"])

capability = satgate.issue(
    task="research market prices",
    agent="research-agent",
    allow=["mcp:web.search", "api:prices.read"],
    budget_usd=25,
    expires_in="1h",
)

receipt = satgate.pay(
    upstream="https://api.example.com/search",
    capability=capability,
    max_usd=4.20,
)

verified = satgate.verify(receipt)
print(verified.decision, verified.evidence_pack_id)

SDK access

# Public packages are available today.
# The issue/pay/verify namespace is private beta API access.
pip install satgate
npm install @satgate/sdk

Public packages install today; the issue/pay/verify API namespace is in private beta. Request API access in the docs.

Duration fields accept human-readable values like 1h; ISO 8601 duration support belongs in the integration docs for clients that require structured durations.

Three calls

Issue. Pay. Verify.

Developers should not wire payment rails, revocation logic, audit trails, and tool policy by hand. SatGate makes agent authority feel like a simple primitive while preserving enterprise proof.

satgate.issue

Issue scoped capabilities

Give an agent bounded authority for one task, budget, route set, expiry window, and delegation depth.

satgate.pay

Route paid calls

Let the agent reach MCP tools, APIs, or paid rails through SatGate while policy is enforced before value moves.

satgate.verify

Verify receipts

Return a signed decision receipt that can feed an Evidence Pack for audits, incidents, billing review, or revocation proof.

Rail-neutral by design

Authority and evidence sit above the rail.

Payment rails change. The authority and evidence layer is the durable abstraction. SatGate can govern MCP tools, REST APIs, API-key billing, x402, L402, AgentCore Payments, Pay.sh, and enterprise ledgers without forcing your agent code to care which rail settled underneath.

Humans and platforms deploy the policies. Agents consume capabilities. Upstreams receive verifiable proof that the action was authorized, bounded, and recorded.

Receipt previews

Allowed

{
  "receipt_id": "rcpt_7J4xQf9",
  "decision": "allowed",
  "decision_reason": "capability_scope_and_budget_ok",
  "agent_id": "research-agent",
  "capability_id": "cap_2Xn83k",
  "policy_version": "policy_2026_05_build_v1",
  "route_or_tool": "api.example.com/search",
  "amount_usd": "0.42",
  "rail": "enterprise_ledger",
  "evidence_pack_id": "ep_2026_05_12_001",
  "signature": "ed25519:demo_redacted"
}

Denied

{
  "receipt_id": "rcpt_9Kp1vM2",
  "decision": "denied",
  "decision_reason": "budget_exhausted",
  "agent_id": "research-agent",
  "capability_id": "cap_2Xn83k",
  "policy_version": "policy_2026_05_build_v1",
  "route_or_tool": "api.example.com/search",
  "attempted_amount_usd": "4.20",
  "remaining_budget_usd": "0.00",
  "evidence_pack_id": "ep_2026_05_12_001",
  "signature": "ed25519:demo_redacted"
}

What is evidence_pack_id? →How are signatures verified? →

Copy-paste paths

Use the same primitive from SDKs, MCP, or raw HTTP.

Open developer docs

Node example

import { SatGate } from "@satgate/sdk";

const satgate = new SatGate({ apiKey: process.env.SATGATE_API_KEY });

const capability = await satgate.issue({
  task: "compare supplier prices",
  agent: "procurement-agent",
  allow: ["mcp:browser.search", "api:supplier.quote"],
  budgetUsd: 25,
  expiresIn: "1h",
});

const receipt = await satgate.pay({
  upstream: "https://api.example.com/search",
  capability,
  maxUsd: 4.20,
});

const verified = await satgate.verify(receipt);
console.log(verified.decision, verified.evidencePackId);

HTTP example

curl https://api.satgate.io/v1/capabilities \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "agent": "research-agent",
    "task": "research market prices",
    "allow": ["mcp:web.search", "api:prices.read"],
    "budget_usd": 25,
    "expires_in": "1h"
  }'

curl https://api.satgate.io/v1/pay \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"capability":"cap_...","upstream":"https://api.example.com/search","max_usd":4.20}'

Agent integrations

Give every runtime bounded authority.

The runtime changes. The contract stays the same: capability before action, receipt after decision.

MCP Gateway

Put SatGate in front of MCP tools and preserve a receipt per tool invocation.

Open

Runtime integrations

See current agent-client surfaces and where OpenAI, Anthropic, LangChain, and CrewAI adapters fit.

Open

Developer docs

Use the docs for setup details while issue/pay/verify API access is in private beta.

Open

Not a new marketplace. Not a separate brand.

Start with the primitive. Let network effects come from receipts.

A trusted agent is one that can prove what it was allowed to do, what it actually did, and which policy governed the outcome. Build that path first; reputation and upstream acceptance can grow from the receipt trail later.

Scoped authority before every action

Receipts for allowed, denied, delegated, revoked, and paid decisions

Evidence Pack IDs your principal can audit

Rail adapters below the authority layer

Developer docs instead of payment-company ceremony

Build the agent path, then prove every decision.

Start with issue/pay/verify. Keep the buyer story on Economic Firewall and Policy-to-Proof. Let agents consume the primitives.

Open docs Capability auth model