// USE CASE / ORG-WIDE ROLLOUT

Your team is adopting MCP seat by seat. Roll it out with one set of controls.

PolicyLayer is the control plane your MCP traffic runs through. Connect your servers once, grant each person a scoped token, and every tool call from every seat is checked against your policy before it runs.

ROLL OUT UNDER POLICY → Free to start. No card required.

For platform and security teams running AI agents in production.

// THE PROBLEM

An MCP rollout without a control plane is shared keys and invisible access.

It rarely starts as a decision. It starts as one engineer's config file.

Everyone wires their own

Each person pastes the same admin API key into a local config. Access is granted by copy and paste, and nothing records who has what.

Access outlives the laptop

Keys live in dotfiles and never rotate. When someone leaves, their access does not, and rotating the shared key breaks everyone at once.

Nobody can answer for it

Something changes in a connected system and there is no record of which person's agent made which call, or why it was allowed.

// THE SURFACE AREA

One stack, every seat.

The servers a team connects first. PolicyLayer scopes each person's access to them individually.

GitHub

delete_file CRITICAL

Slack

slack_get_full_conversation HIGH
slack_send_message HIGH

Snowflake

drop_object CRITICAL
run_query HIGH

AWS

delete_resource CRITICAL
tf_destroy CRITICAL

Browse every MCP tool →

// HOW POLICYLAYER WORKS

PolicyLayer sits between your team's agents and everything they touch.

Drop PolicyLayer into your MCP request path. Your agents keep their tools. You keep control. Core concepts →

⬡

AGENT

Calls tools via MCP

tool_call

◆

POLICYLAYER

Enforces before execution

postgres.run_query read_only = true

ALLOW DENY RATE-LIMIT APPROVE

if allowed

⬢

MCP SERVER

Stripe, AWS, Postgres...

Add Stripe, GitHub, Postgres, Slack, AWS, or any other MCP server.

Define policy

Set defaults, rate limits, denials, approvals, hidden tools, and argument-level conditions.

Issue grants

Give each person, agent, CI job, or environment its own scoped token tied to a named policy.

Connect client

Paste the PolicyLayer proxy URL into your MCP client config. Agents keep the same tools. PolicyLayer enforces your rules before calls execute.

// ON EVERY CALL

What PolicyLayer enforces, on every call.

Per-person scoped tokens

Each person connects with their own grant. Upstream keys stay encrypted in the gateway and never land in a local config.

One central policy

Rules apply across every server and every seat. Change a rule once and it binds the next call. Writing policies →

Instant offboarding

Revoke one person's grant and their access ends with it. No upstream key needs rotating, and nobody else notices.

Audit by identity

Every call is logged with who made it, the tool, the arguments, and the allow or deny decision.

Deterministic, deny by default

Rules run as code, first denial wins. The same call gets the same decision every time.

// POLICY EDITOR

You decide what each seat can do.

Build policy around who is asking (team, role, agent) in the visual editor. Allow, deny, rate-limit, or require approval, per tool and per person. Writing policies →

PolicyLayer visual policy editor with allow, deny, hide and custom rules

Scope by team

Engineers get repos and CI. Support gets the CRM. Nobody gets both by default.

Approval on destructive

Deletes, drops, and payouts wait for a human, whoever asks.

Personal rate caps

Limits apply per token, so one runaway session cannot spend the team's whole quota.

Hide admin tools

Admin-only tools are invisible to every non-admin grant.

One-seat revocation

Pull one grant without rotating an upstream key or touching anyone else.

// THE PLATFORM

Not just rules. A platform.

Whatever your agents touch, the same engine, audit, and access model is doing the work underneath every rule you write.

Deterministic engine

Rules run as code, not model judgement: argument-level conditions, quotas, deny-by-default. The same call gets the same decision every time.

Writing policies →

Separation of duties

Your security or compliance team writes and attaches policy without ever holding the upstream credentials or grant tokens.

Roles →

Tamper-proof audit

Every call is logged with its decision and the rule that fired, attributed to the identity, in an append-only record. Argument values are redacted, never stored.

Logs & security →

Credentials never reach the agent

Upstream secrets are encrypted at rest and injected by the gateway. The agent only ever holds a scoped token.

Logs & security →

Per-identity access

Every person and agent connects with its own scoped grant. Rotate or revoke any one of them instantly, without disrupting the rest.

Core concepts →

Live in minutes

Hosted gateway. Point your clients at it, register a server, issue a token. Nothing to install.

Quick start →

//FAQ

Rollout and MCP questions.

How does each person connect?+

They add the gateway URL and their personal scoped token to Claude Code, Cursor, or any MCP client. No upstream API keys on laptops, and no per-server setup per person.

What happens when someone leaves?+

Revoke their grant and their access ends immediately. Nobody else is disrupted and no upstream key needs rotating.

Do we have to change our MCP servers?+

No. Register the servers you already use with the gateway once. Clients point at PolicyLayer instead of at each server directly.

Does PolicyLayer slow down MCP calls?+

Policy is evaluated in memory before the call is forwarded, so the overhead is negligible. Allowed calls pass straight through to your servers.

Where do my upstream API keys live?+

Upstream credentials are encrypted at rest and injected by the gateway. Your agents only ever hold a scoped token, never your upstream API keys.

// RELATED

Govern the same calls from another angle.

Give the whole team MCP without handing out the keys.

Per-person scoped tokens, one central policy, instant offboarding, and a tamper-proof audit log on every call. Route your existing MCP servers through the gateway, live in minutes.

ROLL OUT UNDER POLICY →

Free to start. No card required.