Knowledge base
Enterprise & agencies
The Agency tier runs many client accounts from one login, each isolated in its own workspace with its own audit log. The safety model is the same one a single operator gets — approval per action, signed and reversible.
What the Agency tier adds
- Multi-tenant workspaces — each client account sits in its own workspace, isolated from the others.
- Per-client audit logs — every approved action is recorded under the client it belongs to, KMS-signed and append-only.
- Owner and member roles — owners manage the workspace and billing; members read, draft, and approve within their assigned accounts.
- Higher account and loop ceilings — connect and watch more accounts, run more concurrent autonomy loops.
Who approves, and who answers for it
Approval is still a human action — no role and no plan grants autonomous spend. When a member approves a draft, the audit log records that member, the before → after values, and the timestamp, scoped to that client. A client can be shown exactly what changed on their account and who pushed it live.
Rollback is per action and per client. If one account needs a change reverted, it reverts in one click without touching any other workspace.
Scale does not loosen the gate
Self-hosting and data residency
The MCP connector core is open-source for teams that need to run it themselves. Tokens are held in a KMS-encrypted vault, and every account is scoped so one client never reads another. For data-handling specifics, see the security page.
Next
Security
Token vault, scopes, the audit log, and how data is isolated per account.