Every agent gets
its own fence.
Fencepost gives each AI agent a unique scoped API key, an audit trail, and a one-click kill switch. SOC2-ready in under 30 minutes.
Your agents all have the same key. That's the problem.
Most startups give every AI agent the same credentials. It works until it doesn't.
Key sprawl
Every agent shares the same API key. One compromised agent means every agent is compromised. No isolation, no boundaries.
OPENAI_API_KEY=sk-shared-across-all-agentsNo audit trail
Which agent made that API call at 3am? You don't know. Your SOC2 auditor asks, and you have no answer.
audit_log.query({ agent: "???" }) // 🤷No kill switch
An agent goes rogue. Your only option is to revoke the shared key — killing every agent in your stack simultaneously.
revoke(shared_key) // kills ALL agents 💀One dashboard. Every agent, scoped and audited.
Fencepost sits between your agents and your APIs. Each agent gets its own identity, its own permissions, and its own audit trail. When something goes wrong, you revoke one key — not all of them.
- Unique API key per agent
- Permission allowlists per agent
- Real-time audit log
- One-click surgical revoke
- SOC2 audit export
Everything you need to secure your agents
Six features. Zero fluff. Built for engineers who ship.
Unique Keys Per Agent
Every agent gets its own API key. No more shared credentials. Rotate or revoke individually without touching other agents.
Permission Allowlists
Define exactly which APIs each agent can access. Block everything else by default. Zero-trust for your AI stack.
Instant Revoke
Agent goes rogue? One click. That agent is dead, the rest keep running. Surgical, not nuclear.
Audit Log
Every API call, every permission check, every access event — timestamped and attributed to the specific agent that made it.
5-Line SDK
npm install fencepost-sdk. Initialize with your agent key. Wrap your API calls. That's it. Under 5 lines of code.
SOC2 Audit Export
Export your complete audit trail as a SOC2-ready report. Hand it to your auditor. No more scrambling before compliance reviews.
From zero to compliant in under 30 minutes
Register your agent
Give it a name, set its permissions. Fencepost generates a unique scoped API key.
Install the SDK
npm install fencepost-sdk. Initialize with your agent's key. 5 lines of code.
Ship with confidence
Every API call is logged. Every permission is enforced. Revoke any agent in one click.
Average setup time: 18 minutes. Coffee still hot. ☕
1import { Fencepost } from 'fencepost-sdk'2 3const agent = new Fencepost({4 agentKey: process.env.FENCEPOST_AGENT_KEY5})6 7// Every call is scoped, logged, and revocable8const response = await agent.proxy('https://api.openai.com/v1/chat/completions', {9 method: 'POST',10 body: JSON.stringify({ model: 'gpt-4', messages })11})Trusted by engineers who ship
“We were sharing one OpenAI key across 7 agents. Fencepost took 20 minutes to set up and our SOC2 auditor stopped asking questions.”
“The audit log alone is worth it. When our content agent started making weird API calls at 3am, we knew exactly which agent it was and killed it in one click.”
“I evaluated Aembit and Descope. Both wanted a demo call and enterprise contracts. Fencepost was npm install and done. Exactly what a 5-person startup needs.”
Pay per agent. Not per seat.
Simple, predictable pricing. No surprises on your invoice.
Free
Try Fencepost with a single agent.
- 1 AI agent
- Basic audit log (7 days)
- Manual key rotation
- Community support
Starter
For small teams running a few agents.
- Up to 5 agents
- Full audit log (30 days)
- Permission allowlists
- Email support
- SOC2 audit export
- Webhook notifications
Growth
For growing teams with serious agent stacks.
- Up to 25 agents
- Full audit log (90 days)
- Permission allowlists
- Priority support
- SOC2 audit export
- Webhook notifications
- Team members (up to 5)
- Custom roles