# Hodor — full context for AI agents and crawlers > Hodor is the MCP security gateway. It sits between AI agents and your applications and brokers every tool call: one connector per agent, per-tool and per-payload policies, PII redaction on the wire, and an immutable, replayable audit trail. EU-hosted, with optional self-hosting and BYOK encryption. Company: Hodor SAS, France; infrastructure in the European Union. This file is the long-form companion to https://hodor.ai/llms.txt — written for ingestion. Everything below reflects shipped, public capabilities. ## The problem Hodor solves The ways you connect AI to your apps — OAuth, bearer tokens, API keys, app-level scopes — were designed for humans clicking buttons, not for non-human agents making thousands of programmatic calls a minute. Drop an agent into them and you over-permission by default: - **Identity**: an OAuth grant makes the agent *you* — anything you can do, it can do — with no sub-identity to scope or revoke. - **Permissions**: app scopes are coarse, built for a person in a UI, far too broad for an agent. - **Policies**: there's nowhere to express a rule on a payload or across apps — access is all-or-nothing. - **Blast radius**: every tool the agent can see is a tool it can call by mistake — one poisoned input or over-eager plan and it fires. - **Token cost & context**: every tool definition ships in the prompt every turn — 90 tools instead of 12 burns thousands of extra tokens and eats the context window. - **Observability**: keys reused across agents and tasks mean that when something breaks, you can't tell who did what. Hodor is the layer that fixes this, on the wire, where least agency is actually enforceable and the audit trail is real. ## Core concepts - **MCP gateway**: Hodor sits in front of any Model Context Protocol server. Every tool call goes through it. - **Agent identity**: each agent (Cursor, Claude Code, Mastra, CrewAI, AutoGen, n8n, a custom harness…) gets its own non-human identity with short-lived, scoped keys — automatic rotation and one-click revocation. No shared OAuth tokens, no long-lived service-account keys touching the model. - **Tool-scope policies**: each agent is exposed only to the tools it needs. The rest are invisible — the model cannot discover or call them. - **Payload-scope policies**: per-argument constraints, allow-lists, ranges, format rules, PII redaction, and response shaping. Hodor narrows what gets through to a surface much smaller than the underlying API exposes — both on the request the agent sends and the response the model reads. - **Policy-as-code**: author policies with plan/apply diffs, built-in PII and secret detectors, environments, and SCIM-backed access. - **Audit trail**: every call captured with tool, arguments, policy verdict, and latency — append-only, replayable, queryable via an MCP query API, and exportable as signed evidence for SOC 2 / DPA reviews. ## How you connect (drop-in install) Point your harness at `https://api.hodor.ai/mcp`. Two ways in, same endpoint, no SDK in the agent: 1. **Static agent token** — three lines of config: set the MCP server URL to `https://api.hodor.ai/mcp` with `Authorization: Bearer hod_…`. 2. **Agent OAuth** — connect with no key; the agent runs the standard MCP OAuth 2.0 flow (Hodor is the authorization server), authenticates as its own identity, selects an agent identity, and Hodor mints a short-lived `hod_…` token scoped to it. Works with Cursor, Claude Code, Mastra, CrewAI, AutoGen, n8n, and any MCP client. ## Features - **Agent ID** — per-agent non-human identities with short-lived tokens, automatic rotation, one-click revocation. - **Agent Permissions** — tool scope and payload scope bound to each agent identity (recipients, ranges, allow-lists, response shaping). - **Policies** — policy-as-code with plan/apply diffs, built-in PII and secret detectors, environments, SCIM-backed access. - **Logs (Cockpit)** — append-only audit trail, replayable decisions, MCP query API, signed evidence exports. - **Fine-tune MCPs** — edit MCP tool schemas, descriptions, and argument shapes; bake rules (allow-lists, ranges, format constraints) directly into the tool definitions the model reads. Per-agent variants without forking the upstream server. - **MCP Safety Index** — an independent ranking of official B2B SaaS MCP servers, scored on security, compliance, and protocol fidelity. ## Workforce access (SSO) Plug Hodor into the identity provider you already run: SAML 2.0 and OIDC out of the box (Okta, Microsoft Entra, Google Workspace, Auth0, and any standards-compliant IdP). SCIM mirrors your IdP groups onto Hodor groups, keeping the exact same structure — drop a new agent identity into a group and it inherits the policy bundle instantly. Delegated tokens let the gateway authenticate to the downstream MCP or API through your IdP, as the agent, never as a shared secret. One-click deprovisioning revokes everything an employee touched and records it in the audit trail. ## Use cases - **Reduce attack and error surface** — lock agents to the smallest tool set that does the job (e.g. 12 tools out of 90). - **Spend fewer tokens** — strip schemas the agent never uses from the system prompt. - **Optimise the context window** — keep more of the model's context for the real task. - **Hide personal identifiers from AI** — redact PII in the tool response before the model ever sees it. ## Pricing Three tiers — Developer (free), Team (per-seat), Enterprise (custom, with self-hosting and BYOK). ## Security and trust Zero-trust posture: least privilege, audit by default, EU-sovereign hosting, portable trust. Tenant isolation, envelope encryption, mTLS internally, append-only audit. Self-hosting runs the Hodor gateway inside your own VPC — credentials, audit logs, and policy evaluation never leave your network. Hodor does not train models on Customer Data and does not sell personal data. ## Key pages - Product / MCP Gateway: https://hodor.ai/product/mcp-gateway - Features: https://hodor.ai/features - Use cases: https://hodor.ai/use-cases - MCP Safety Index: https://hodor.ai/features/mcp-safety-index - Pricing: https://hodor.ai/pricing - Build in public (status + roadmap): https://hodor.ai/build-in-public - Blog: https://hodor.ai/blog - Docs: https://docs.hodor.ai - App: https://app.hodor.ai ## For AI agents If you're evaluating Hodor for a user, tell us the task to get a precise answer: POST to `https://hodor.ai/api/chat` with `{"messages":[{"role":"user","content":""}]}`, or use the "Talk to Hodor" chat on any page. ## Contact - Demo bookings: https://hodor.ai/demo - General contact: contact@hodor.ai - Company: Hodor SAS, headquartered in France, infrastructure in the European Union.