Developer primitive

Build agents with bounded economic authority

Issue scoped capabilities, enforce max budgets before upstream access, and return verifiable receipts your principal can trust.

SatGate is the Agent Authority & Accountability Layer. This is the developer surface: Capabilities in. Receipts out. Rails abstracted.

Read the docs View SDK examples

issue_pay_verify.py

import os
from satgate import SatGate

satgate = SatGate(api_key=os.getenv("SATGATE_API_KEY"))

capability = satgate.issue(
    task="research market prices",
    agent="research-agent",
    allow=["mcp:web.search", "api:prices.read"],
    budget_usd=25,
    expires_in="1h",
)

receipt = satgate.pay(
    upstream="https://api.example.com/search",
    capability=capability,
    max_usd=4.20,
)

verified = satgate.verify(receipt)
print(verified.decision, verified.evidence_pack_id)

SDK access

# Install today (public packages):
pip install satgate
npm install @satgate/sdk

The issue/pay/verify API namespace is in private beta. Request access →

Docs IA

Three voices, one proof spine.

SatGate docs now separate the buyer story from builder examples and verifier contracts: marketing says govern/enforce/prove, developers use issue/pay/verify, machines consume schemas/signatures/receipts.

govern / enforce / prove

Marketing voice

Explain the buyer outcome: scoped authority before action, policy enforcement before upstream access, and Evidence Pack proof after every decision.

issue / pay / verify

Developer voice

Give builders one primitive across SDKs, MCP, raw HTTP, OpenAI tools, Anthropic tools, LangChain, and CrewAI.

schemas / signatures / receipts

Machine voice

Anchor verifiers on canonical capability fields, receipt schema, JWKS discovery, RFC 8785 canonicalization, and Ed25519 signatures.

Three calls

Issue. Pay. Verify.

Developers should not wire settlement adapters, revocation logic, evidence exports, and tool policy by hand. SatGate makes agent authority feel like a simple primitive while preserving enterprise proof.

satgate.issue

Issue scoped capabilities

Give an agent bounded authority for one task, budget, route set, expiry window, and delegation depth.

satgate.pay

Consume upstream with max budget

Let the agent reach MCP tools, APIs, or paid routes through SatGate while a caller-supplied max budget and policy are enforced before execution or settlement.

satgate.verify

Verify receipts

Verify the receipt returned by pay, then attach or fetch Evidence Pack proof for audits, incidents, billing review, or revocation proof.

Rail-neutral by design

Authority and evidence sit above the rail.

Payment rails change. The Agent Authority & Accountability Layer is the durable abstraction. SatGate governs MCP tools, REST APIs, API-key billing, x402, L402, and enterprise ledgers today, and is designed to govern planned rails such as AgentCore Payments and Pay.sh without forcing your agent code to care which rail settled underneath.

The machine-readable /.well-known/satgate artifact is canonical for rail adapter status; marketing copy should defer to it when a rail is planned rather than already supported.

Humans and platforms deploy the policies. Agents consume capabilities. Upstreams receive verifiable proof that the action was authorized, bounded, and recorded.

Receipt previews

Allowed

{
  "receipt_id": "rcpt_7J4xQf9",
  "decision": "allowed",
  "decision_reason": "capability_scope_and_budget_ok",
  "agent_id": "research-agent",
  "capability_id": "cap_2Xn83k",
  "policy_version": "policy_2026_05_build_v1",
  "route_or_tool": "api.example.com/search",
  "amount_usd": "0.42",
  "rail": "enterprise_ledger",
  "evidence_pack_id": "ep_2026_05_12_001",
  "signature": "ed25519:demo_redacted"
}

Denied

{
  "receipt_id": "rcpt_9Kp1vM2",
  "decision": "denied",
  "decision_reason": "budget_exhausted",
  "agent_id": "research-agent",
  "capability_id": "cap_2Xn83k",
  "policy_version": "policy_2026_05_build_v1",
  "route_or_tool": "api.example.com/search",
  "attempted_amount_usd": "4.20",
  "remaining_budget_usd": "0.00",
  "evidence_pack_id": "ep_2026_05_12_001",
  "signature": "ed25519:demo_redacted"
}

What is evidence_pack_id? →How are signatures verified? →

Copy-paste paths

Use the same primitive from SDKs, MCP, or raw HTTP.

Node example

import { SatGate } from "@satgate/sdk";

const satgate = new SatGate({ apiKey: process.env.SATGATE_API_KEY });

const capability = await satgate.issue({
  task: "compare supplier prices",
  agent: "procurement-agent",
  allow: ["mcp:browser.search", "api:supplier.quote"],
  budgetUsd: 25,
  expiresIn: "1h",
});

const receipt = await satgate.pay({
  upstream: "https://api.example.com/search",
  capability,
  maxUsd: 4.20,
});

const verified = await satgate.verify(receipt);
console.log(verified.decision, verified.evidencePackId);

HTTP example

curl https://api.satgate.io/v1/issue \
  -H "Authorization: Bearer $SATGATE_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "agent": "research-agent",
    "task": "research market prices",
    "allow": ["mcp:web.search", "api:prices.read"],
    "budget_usd": 25,
    "expires_in": "1h"
  }'

curl https://api.satgate.io/v1/pay \
  -H "Authorization: Bearer $SATGATE_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"capability":"cap_...","upstream":"https://api.example.com/search","max_usd":4.20}'

curl https://api.satgate.io/v1/verify \
  -H "Authorization: Bearer $SATGATE_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"receipt":"rcpt_..."}'

Agent integrations

Give every runtime bounded authority.

The runtime changes. The contract stays the same: capability before action, receipt after decision. The machine-readable trust metadata lives at /.well-known/satgate.

Works with:MCP OpenAI tools Anthropic tools LangChain CrewAI Raw HTTP

Quickstart

Start with the issue/pay/verify primitive and local gateway compatibility path.

Open doc

Capability schema

The bounded authority contract: issuer, subject, allowlist, budget, expiry, caveats, and delegation depth.

Open doc

Receipt schema

The signed decision artifact for allowed, denied, delegated, revoked, and paid outcomes.

Open doc

Open verifier

Verify a live Evidence Pack from the issuer JWKS with RFC8785 canonicalization and Ed25519 signatures.

Open doc

MCP integration

Put SatGate in front of MCP tools and preserve a receipt per tool invocation.

Open doc

Raw HTTP

Copy-paste curl for issue, pay, and verify without an SDK.

Open doc

OpenAI tools

Wrap OpenAI tool execution with SatGate authority and receipt verification.

Open doc

Anthropic tools

Govern Anthropic tool use outside the provider boundary.

Open doc

LangChain

Keep LangChain orchestration, add SatGate at the tool authority boundary.

Open doc

CrewAI

Give each CrewAI tool wrapper scoped authority and Evidence Pack proof.

Open doc

API overview

Low-level gateway compatibility APIs and how they relate to issue/pay/verify.

Open doc

Python SDK

Python SDK setup and compatibility paths.

Open doc

Node.js SDK

Node.js SDK setup and compatibility paths.

Open doc

Not a new marketplace. Not a separate brand.

Start with the primitive. Let network effects come from receipts.

A trusted agent is one that can prove what it was allowed to do, what it actually did, and which policy governed the outcome. Build that path first; reputation and upstream acceptance can grow from the receipt trail later.

Scoped authority before every action

Receipts for allowed, denied, delegated, revoked, and paid decisions

Evidence Pack IDs your principal can audit

Rail adapters below the Agent Authority & Accountability Layer

Developer docs instead of payment-company ceremony

Build the agent path, then prove every decision.

Start with issue/pay/verify. Keep the buyer story on Economic Firewall and Policy-to-Proof. Let agents consume the primitives.

Open docs Capability auth model