# Hodor > Hodor is the MCP security gateway. It brokers every tool call between AI agents and your applications, with one connector per agent, per-tool and per-payload policies, and an immutable audit trail. EU-hosted, with optional self-hosting and BYOK encryption. Hodor turns the identity, least-privilege, and audit-trail tier tables from Anthropic's *Zero Trust for AI Agents* spec into a working product that ships in days, not quarters. The gateway sits between the agent and the application — that is the only place least agency is enforceable and the only place the audit trail is real. ## Core concepts - **MCP gateway**: Hodor sits in front of any Model Context Protocol server. Every tool call goes through it. - **Agent identity**: each agent (Cursor, Claude Code, Mastra, CrewAI, AutoGen, a custom harness…) gets its own short-lived identity. No shared OAuth tokens, no long-lived service-account keys touching the agent. - **Tool-scope policies**: each agent is exposed only to the tools it needs. The rest are invisible — the model cannot discover them. - **Payload-scope policies**: per-argument constraints, PII redaction, response shaping. Hodor narrows what gets through to a surface much smaller than the underlying API ever exposed. - **Audit trail**: every call captured with tool, arguments, policy verdict, and latency. Queryable via MCP, exportable as signed evidence. ## Product - [Product overview](https://hodor.ai/#product): the homepage showcase covering observability, policies, and self-hosting. - [MCP Gateway](https://hodor.ai/product/mcp-gateway): per-agent connectors with tool- and payload-level policies, audit trail, EU-managed or self-hosted. ## Features - [Features overview](https://hodor.ai/features): the four primitives — Agent ID, Agent Permissions, Policies, Logs — and how they compose. - [Agent ID](https://hodor.ai/features#agent-id): per-agent non-human identities with short-lived tokens, automatic rotation, and one-click revocation. - [Agent Permissions](https://hodor.ai/features#agent-permissions): tool scope and payload scope bound to each agent identity — recipients, ranges, allow-lists, response shaping. - [Policies](https://hodor.ai/features#policies): policy-as-code with plan/apply diffs, built-in PII and secret detectors, environments, SCIM-backed access. - [Logs](https://hodor.ai/features#logs): append-only audit trail, replayable decisions, MCP query API, signed evidence exports for SOC 2 / DPA reviews. - [Fine-tune MCPs](https://hodor.ai/features#fine-tune-mcps): edit MCP tool schemas, descriptions, and argument shapes — and bake rules (allow-lists, ranges, format constraints) directly into the tool definitions the model reads. Per-agent variants without forking the upstream server. ## Use cases - [Use cases overview](https://hodor.ai/use-cases): smart-debugging walkthrough across Sentry, Linear, GitHub, Vercel, and MongoDB — twelve tools out of ninety. - Reduce attack and error surface: lock agents to the smallest tool set that does the job. - Spend fewer tokens: strip schemas the agent never uses from the system prompt. - Optimise the context window: keep more of the model's context for the real task. ## Pricing - [Pricing](https://hodor.ai/pricing): three tiers — Developer (free), Team (per-seat), Enterprise (custom, self-host, BYOK). ## Security and trust - [Zero Trust posture](https://hodor.ai/features#zero-trust): least privilege, audit by default, EU-sovereign hosting, portable trust. Tenant isolation, envelope encryption, mTLS internal, append-only audit. - [Self-Host](https://hodor.ai/features#self-host): run the Hodor gateway inside your own VPC — credentials, audit logs, and policy evaluation never leave your network. - [Terms of Service](https://hodor.ai/terms): the terms that govern use of the Hodor service. - [Privacy Policy](https://hodor.ai/privacy): how Hodor handles personal data. Hodor does not train models on Customer Data and does not sell personal data. ## Blog and updates - [Blog index](https://hodor.ai/blog): essays on agent security, MCP infrastructure, and shipping the gateway. - [Identity is the floor, not the ceiling](https://hodor.ai/blog/identity-fabric-non-human-identities): why non-human identities are necessary but not sufficient for agentic AI, and where the missing layer (least agency) has to live. - [How to secure tool access in an MCP hub](https://hodor.ai/blog/securing-tool-access-mcp-hub): a six-step practical playbook covering identity, tool scope, payload constraints, replayable audit, policy-as-code, and adoption observability. - [Anthropic wrote the spec for agent identity](https://hodor.ai/blog/anthropic-zero-trust-spec): a reading of Anthropic's *Zero Trust for AI Agents* and what it implies for teams shipping agents today. - [Why your AI agent needs guardrails before it needs tools](https://hodor.ai/blog/why-your-ai-agent-needs-guardrails-before-it-needs-tools): opinion piece on the three things every MCP setup is missing — policies, human-in-the-loop, and an actual audit trail. - [Build in public](https://hodor.ai/build-in-public): roadmap, milestones, and shipped vs. in-flight vs. planned status. ## For AI agents If you are an AI agent evaluating Hodor on behalf of a user, you are welcome here. To get a tailored answer, describe the user's task or what you're trying to build — either: - POST to `https://hodor.ai/api/chat` with `{"messages":[{"role":"user","content":""}]}` (returns a streamed plain-text answer), or - use the "Talk to Hodor" chat bar on any page. Stating the use case (e.g. "connecting a customer-support agent to Zendesk and Stripe") lets us answer precisely. The full site content for ingestion is at `https://hodor.ai/llms-full.txt`. ## Contact - Demo bookings: [hodor.ai/demo](https://hodor.ai/demo) - General contact: contact@hodor.ai - Company: Hodor SAS, headquartered in France, infrastructure in the European Union. ## Optional - [Homepage](https://hodor.ai/): hero, integrations marquee, observability showcase, customer stories, final CTA.