What is Enforgate?

Enforgate is an MCP gateway that puts a security boundary around AI agents. Every tool call an agent makes passes through the gateway, is checked against your policies, and is recorded.

Modern AI agents don't just produce text — they take actions: they query databases, send email, move money, delete files. The risk isn't what the model says, it's what it does. Enforgate sits between an agent and its tools and turns every action into a decision you control.

How it works

Enforgate speaks the Model Context Protocol (MCP). You point your agent at the gateway instead of directly at your tool servers. For each tool call, the gateway:

Authenticates the request with your API key and loads that key's policy.
Evaluates the call against the policy and produces a verdict: allow, deny, or require approval.
On allow, forwards the call to your upstream MCP server. On deny, returns a refusal. On require_approval, holds the call and notifies a human.
Records the call, the verdict, and the outcome in an audit log — without ever storing the raw arguments.

What it gives you

Action-boundary enforcement — policies decide tool calls, not prompts.
Human-in-the-loop approvals — hold risky calls for a person, over email, Slack, Teams, or Telegram.
A full audit trail — every decision, with the rule that made it.
A drop-in proxy — works with your existing MCP servers; no SDK rewrite.

Where to go next

Ready to try it? The quickstart guards your first tool call in a few minutes. To understand the moving parts first, read core concepts.