Govern every tool call your agents make — on the harnesses you already use. No switch required, nothing to bypass.
Works with Claude Code, Cursor, and custom harnesses · OIDC / SAML / SCIM · Cedar policy
The problem
AI agents post to Slack, push to GitHub, and touch production APIs on behalf of employees — with shared credentials, no per-user identity, no policy, and no audit trail.
Agents act as shared API keys. No one can say which employee was behind an action.
One credential in an agent's context can read, write, and delete everything it reaches.
When something goes wrong, there is no record of who asked, what ran, or why it was allowed.
The platform
Every agent action is tied to a verified employee via your identity provider — OIDC, SAML, SCIM. No anonymous automation.
Per-role, per-tool policy in Cedar. Allow the read, deny the post — decided on every call, before it reaches the vendor.
Every decision logged — who, what, when, allow or deny — in a stream your SIEM can read. Answers, not forensics.
How it works
The dhvati Gateway holds your vendor credentials. It verifies the acting employee against your IdP, evaluates Cedar policy, then injects the credential and forwards — or blocks.
Step 1
Claude Code, Cursor, or a custom harness makes a tool call — with no credential of its own.
Step 2
Verifies the employee via your IdP, checks Cedar policy, audits the decision — then injects the credential and forwards, or blocks.
Step 3
Slack, GitHub, internal APIs, MCP servers — reached only through the Gateway, only with an allowed call.
"Bypass the Gateway and you get no credential — so there's nothing to bypass."
Why dhvati
Works with Claude Code, Cursor, and custom harnesses. Govern the agents you already use — no switch required.
Credential custody means the Gateway is the only place credentials exist. Going around it yields nothing.
Run it in your datacenter or your cloud of choice. No hard dependency on any US cloud provider.
Cedar for policy, OIDC / SAML / SCIM for identity. No proprietary lock-in, nothing exotic to learn.
Who it's for
Security teams
Take vendor credentials out of agent contexts entirely. Enforce least privilege per employee, per tool, per action.
Platform & IT
Roll agents out to the whole org with SCIM-provisioned access and policy that follows people through role changes.
Compliance
A complete, queryable record of every agent action and decision — ready for auditors, regulators, and incident review.