MCP Gateway for Governed Agent Tool Access
SatGate is an MCP gateway for teams that need to observe, control, and charge for how agents use tools. Put policy in the request path before MCP calls execute.
What is an MCP gateway?
An MCP gateway is the control point between agent runtimes and Model Context Protocol servers. Instead of letting agents call tools directly, traffic flows through a policy layer that can identify the agent, price the tool, check budget, enforce scope, and record the decision.
That matters because MCP connections are not governance. Agents can trigger searches, code execution, paid APIs, database calls, browser sessions, and cloud tasks. SatGate makes those calls observable, controllable, and chargeable.
The request path
Observe, Control, Charge for MCP tools
SatGate turns MCP tool calls into governed economic events. The point is not just to connect agents to tools. The point is to prove what happened, stop what should not happen, and meter what should be paid for.
Observe MCP tool usage
Attribute each MCP call to tenant, agent, token, server, tool, customer, and workflow before finance or security asks for proof.
Control access and budgets
Enforce scoped capabilities, tool allowlists, per-tool prices, spend caps, delegation depth, expiry, and instant revocation.
Charge for tool access
Turn governed MCP usage into meterable events for chargeback, enterprise billing, or robot-customer monetization.
Run SaaS or Hybrid MCP
Use Fly-hosted SaaS MCP for fast onboarding or Hetzner-hosted Hybrid MCP when buyers need dedicated runtime control.
SaaS MCP vs Hybrid MCP
SaaS MCP is Fly-hosted
Use SaaS MCP when the buyer wants fast onboarding, managed runtime, and immediate visibility into MCP tool usage without operating infrastructure.
Hybrid MCP is Hetzner-hosted
Use Hybrid MCP when enterprise buyers need dedicated runtime boundaries, stronger operational control, and deployment evidence separate from the shared SaaS plane.
MCP gateway questions
What is an MCP gateway?
An MCP gateway sits between AI agents and Model Context Protocol servers. It observes tool calls, applies access policy and budgets, records audit trails, and can turn usage into chargeable events before tools execute.
Why do MCP tools need access control?
MCP makes tools easy for agents to reach, which also makes expensive or sensitive tools easy to overuse. Access control limits which agents can call which tools, for how long, under which budget, and with what delegation.
Can SatGate host MCP servers?
Yes. SatGate supports SaaS MCP for fast hosted deployment and Hybrid MCP for dedicated enterprise runtime control. The critical split is simple: SaaS MCP is Fly-hosted; Hybrid MCP is Hetzner-hosted.
How is an MCP gateway different from an API gateway?
A traditional API gateway mostly routes HTTP traffic and checks identity. An MCP gateway also understands agent tool calls, capability scope, per-tool cost, budget policy, delegation lineage, and audit outcomes.
Can MCP usage be monetized?
Yes. Once tool usage is identified, priced, and metered, SatGate can support chargeback, invoiceable usage, or Charge-mode payment flows where appropriate.
Related MCP gateway resources
Launch an MCP gateway agents can safely use.
Start with visibility, add budget and capability controls, then charge or bill for usage when tool access becomes economic activity.
Work with SatGate