Enforgate
Start free
Browse documentation

How do I connect my agent to Enforgate?

Claude Desktop routes its MCP tools through the gateway; the other snippets ask the gateway for a verdict on a single call. Replace the key with one you created in the dashboard.

The dashboard's Connect page generates these same snippets with your real key already injected. The gateway URL below is https://api.enforgate.com — set NEXT_PUBLIC_GATEWAY_URL to change it.

Claude Desktop

Add this to claude_desktop_config.json — Claude Desktop will reach your upstream tools through the gateway, which guards every call.

Claude Desktop
{
  "mcpServers": {
    "enforgate": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote",
        "https://api.enforgate.com/mcp",
        "--header",
        "Authorization: Bearer bwb_your_api_key"
      ]
    }
  }
}

cURL

Ask the gateway for a verdict on a single tool call. Returns { decision, reason, policyId, latencyMs }.

cURL
curl -s https://api.enforgate.com/v1/check \
  -H "Authorization: Bearer bwb_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "serverName": "demo",
    "toolName": "send_email",
    "args": { "to": "someone@example.com" }
  }'

TypeScript

Check a call from Node or the browser before you run it. Anything but "allow" should not proceed.

TypeScript
const res = await fetch("https://api.enforgate.com/v1/check", {
  method: "POST",
  headers: {
    "Authorization": "Bearer bwb_your_api_key",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    serverName: "demo",
    toolName: "send_email",
    args: { to: "someone@example.com" },
  }),
});

const verdict = await res.json();
if (verdict.decision !== "allow") {
  throw new Error(`Blocked by policy: ${verdict.reason}`);
}

Python

The same verdict check with httpx. Raise (or hold) on anything but "allow".

Python
import httpx

resp = httpx.post(
    "https://api.enforgate.com/v1/check",
    headers={"Authorization": "Bearer bwb_your_api_key"},
    json={
        "serverName": "demo",
        "toolName": "send_email",
        "args": {"to": "someone@example.com"},
    },
)
verdict = resp.json()
if verdict["decision"] != "allow":
    raise RuntimeError(f"Blocked by policy: {verdict['reason']}")

LangChain

Wrap a LangChain tool so every invocation is checked by the gateway first — a drop-in action boundary.

LangChain
import httpx
from langchain_core.tools import tool

GATEWAY = "https://api.enforgate.com"
API_KEY = "bwb_your_api_key"

def _guard(server: str, name: str, args: dict) -> None:
    r = httpx.post(
        f"{GATEWAY}/v1/check",
        headers={"Authorization": f"Bearer {API_KEY}"},
        json={"serverName": server, "toolName": name, "args": args},
    )
    verdict = r.json()
    if verdict["decision"] != "allow":
        raise PermissionError(f"Enforgate blocked this call: {verdict['reason']}")

@tool
def send_email(to: str, subject: str) -> str:
    """Send an email (guarded by Enforgate)."""
    _guard("demo", "send_email", {"to": to, "subject": subject})
    # ... your real send logic here ...
    return "sent"

Next steps

For Claude Desktop and other MCP clients, register your tool servers as upstreams first so the gateway has something to proxy. The verdict-check snippets work as soon as you have a key and a policy.