Skip to main content
The Devctrl gateway is a managed service that sits between your AI agents and the tools they use. Every MCP request flows through the gateway — authenticated, authorized, rate-limited, and logged. Gateway endpoint: https://gateway.devctrl.ai/mcp

What it does

On every request, the gateway handles:
  1. Authentication — verifies the agent’s bearer token against identity credentials
  2. Rate limiting — enforces request limits at session, project, and global levels
  3. Policy enforcement — evaluates your CEL rules to allow or deny the tool call
  4. Proxying — forwards allowed requests to the correct upstream MCP server
  5. Audit logging — records every decision with full context

Endpoints

MethodPathDescription
*/mcpMCP StreamableHTTP endpoint — handles tools/list and tools/call
POST/v1/tasks/sessionsCreate a new task session
GET/v1/tasks/sessions/currentGet the current task session
DELETE/v1/tasks/sessions/currentDelete the current task session

Rate limiting

Requests are rate-limited at three levels to protect your project and the platform:
LevelScope
SessionPer agent session
ProjectAll agents in a project
GlobalAcross the platform
When a limit is exceeded, the gateway returns a 429 Too Many Requests response.

Upstream authentication

The gateway supports two methods for authenticating with your upstream MCP servers:
MethodDescription
Header-basedStatic headers (API keys, tokens) injected into every upstream request
OAuthFull OAuth lifecycle — automatic token refresh, retry on expiry
Credentials for upstream servers are encrypted at rest. Configure authentication when you register an MCP server in the console.

Next steps

Connect an agent

Point your AI agent at the gateway.

Task sessions

Create scoped, time-limited task tokens.