Announcing Built On Envoy: Making Envoy Extensions Accessible to Everyone

Learn more

Your Developers are Waiting for Access to Models and Tools

Give them access with Tetrate Agent Router. Access centralized API keys, shared token pools, and skip personal AI accounts.

Set Policy Once.
Every Developer Inherits it.

01

Platform lead builds an access profile

  • Which models and MCP servers the team can reach
  • Token budget limits and reset cadence
  • Set once in the admin console — applies to every developer in the team
02

Developer signs in with existing SSO credentials

  • Okta, Azure AD, Google Workspace, or any OIDC-compatible IdP
  • Team membership maps automatically to a profile — no manual assignment
03

A scoped key is created and the developer starts building

  • Keys are scoped to the team profile — access is bounded by what the profile permits
  • One base URL, every approved model available through it
  • Works with any OpenAI-compatible SDK — no code changes to existing agents
04

All usage attributed to the team automatically

  • Team and user context attached to every request at the gateway
  • No instrumentation required in agent code
05

Profile changes propagate instantly

  • Add a model to a profile — every developer in that team gets access at next request
  • Remove a model — access stops for everyone simultaneously, no key rotation 
#.env
ANTHROPIC_BASE_URL="https://your-org.agentrouter.tetrate.io"
ANTHROPIC_API_KEY="ar_payments_abc123..."
# All approved models available through one endpoint

No Shared Credentials. No Personal API Accounts. No Manual Rotation.

Scoped keys, not shared credentials

Keys are created and scoped to a team profile - access is bounded by what that profile permits. No more shared team keys where you can't tell who used what. If a developer leaves, their key is revoked. Nobody else's workflow breaks.

Provider credentials never touch developer machines

Your Anthropic API key, your OpenAI API key, your Vertex credentials — none of them are distributed to developers. The gateway holds them and forwards requests. Developers only ever see their Agent Router key.

Rotate provider keys centrally, once

When Anthropic rotates a key or you add a new provider, you update one place — the gateway config. Every developer's code continues to work unchanged. No broadcasting new credentials, no updating .env files across 200 repositories.

Every Approved Model Through One Endpoint. Switch Models Without Changing Code.

Curated model catalog

The org decides which models are approved. Developers see only that list, not every model every provider offers.

Model version pinning

Lock teams to a specific version so provider updates don't silently change agent behavior. Update the profile when you're ready to upgrade.

Different teams, different catalogs

Payments gets Claude. Data engineering gets Gemini for long context. Each profile is independent, managed centrally.

One Bill. No Expense Reports. Existing Subscriptions Welcome.

Standard Mode

Centralized billing through Agent Router

All token usage is billed through your org's Agent Router account. One invoice, fully attributed by team, agent, and developer. No individual provider accounts, no expense reimbursements.

  • One invoice from Tetrate
  • Per-team showback reports
  • No provider accounts for developers
Passthrough Mode

Use your existing Claude subscription

Developers with Claude Max or Pro subscriptions route through Agent Router using their existing Anthropic OAuth token. Anthropic authenticates and bills them directly. Agent Router routes and observes — no token margin added, no new billing relationship.

  • Bills against existing Claude subscription
  • Anthropic authenticates directly
  • Usage still visible in Agent Router logs
  • No token margin from Tetrate
Hybrid

Mix models across teams

Some teams bill centrally. Others use passthrough with existing subscriptions. All traffic flows through the same gateway, all usage appears in the same attribution logs. Finance sees one view regardless of billing mode.

  • Flexible per team or per developer
  • Passthrough labeled separately in logs
  • Unified visibility regardless

Drive Outcomes

Clear insights to see who's using AI, which models, & how much

Reduce risk and eliminate credential sprawl

Instant access to new models without reconfig

Fast access and clear attribution with centralized billing

Lower friction with authorized profiles and secure access

Increase control with unique profiles for different teams

Get a Personal Tour