One Gateway.
Govern Every Agent.
Palma.ai provides the governance and orchestration layer between your AI agents and MCP servers—enforcing policies, approvals, and audit at scale.
Simple, not complex
How it works
Register servers
Register MCP servers in the control plane (vendor‑official or your own). We pull live list_tools so policies stay current.
One endpoint
Agents connect to one endpoint (URL or pub/sub). The gateway presents as an MCP server and forwards as an MCP client.
Enforce & route
Policy, approvals, and auth enforced at the gateway — then routed to the right upstream server with full audit.
Why choose Palma
Enterprise-grade by design
Built for regulated industries with real-world enterprise requirements.
Protocol‑true to MCP
No custom one‑offs; future‑proof as the spec evolves. Keep the protocol intact to avoid lock-in and spec drift.
Agent‑first design
Built for agent↔tool operations (not just human chat UIs). Designed for fleets and pub/sub namespaces.
Governance‑grade
Per‑tool policy, staged rollout, human‑in‑the‑loop approvals. Complete audit trails for compliance.
On‑prem first
Run the core gateway in your Kubernetes/OpenShift; SaaS control plane optional. Full on-prem available.
Cost safety
Usage visibility and token/cost anomaly alerts to prevent runaway spend.
Built with design partners
Co‑developed with regulated industries for real-world enterprise requirements.
What you get
Key capabilities
Policy & RBAC
Default read‑only, per‑tool allow/deny, staged rollout. Assign to roles, departments, users, and agents.
Human‑in‑the‑loop approvals
Mark sensitive tools as Require Approval. Target approvers by role/OU; integrate with your agent's pending/resume flow.
Auth mediation (OAuth2/JWT)
Human OAuth2 code flow; service‑to‑service bearer/JWT for agents and per‑tool scopes, aligned with MCP.
Observability & cost safety
Per‑agent/per‑tool usage analytics; token/cost anomaly alerts; centralized audit at the gateway.
Deploy anywhere
Core gateway on‑prem (K8s/OpenShift/Docker). SaaS control plane optional; full on‑prem available for highly regulated orgs.
API/CLI‑first
UI for fast setup; HTTP API for automation; bring your own CLI.
Scale with confidence
Built for agent fleets
Stateless & sessionful
Stateless mode for elasticity today; sessionful MCP support coming for advanced flows.
Pub/sub addressing
Works with pub/sub addressing (e.g., NATS FQNs) and a single global namespace.
Error handling
Standardized error envelope so frameworks can capture, recover, and re‑invoke consistently.
Why Palma
How we compare
See how Palma.ai compares to other MCP solutions in the market.
| Criterion | Palma.ai | Other Gateways |
|---|---|---|
| Core value | Governance control plane (policy/approvals/audit) | Tool building + auth + registry |
| MCP stance | Protocol‑true gateway | SDK/TDK + registry |
| Deployment | On‑prem first or SaaS control plane | Hosted/VPC; dev‑centric |
| Governance | Per‑tool rules; staged rollout; approvals; param controls | Auth + secure tool calls |
| Observability | Agent/tool usage; token/cost anomaly detection | Dev‑oriented telemetry |
Common questions
Frequently Asked Questions
Does Palma replace MCP servers?
No. Palma fronts them with a single governed endpoint and keeps the protocol intact.
Can we run fully on‑prem?
Yes. Core gateway on‑prem; control plane can be on‑prem or SaaS.
Do you support agents (not just chat UIs)?
Yes. Palma is agent‑first — designed for fleets and pub/sub namespaces.
How do approvals work?
Mark tools as Require Approval. The gateway elicits approval, your agent pauses, and resumes upon approval — auditable end‑to‑end.
What about OAuth2 and scopes?
Human OAuth2; service‑to‑service/JWT and per‑tool scopes, aligned with MCP updates.
Is there a CLI?
We expose an HTTP API so you can bring your own CLI.
Ready to govern your
agent fleet?
Get pilot access — we'll stand up a trial (SaaS or on‑prem) and integrate your first MCP servers.
One platform for
every role.
Palma.ai serves Agent Builders who need reliable tools, MCP Developers who ship capabilities, and Governance Teams who ensure safe scaling.