Policate documentation
A calm control plane for every AI request.
Route intelligently, keep controls consistent, and give every developer a fast local workflow. These docs explain the product from first install to AI-native administration.
macOS · Linux · Windows · one signed installer
01 · Routing
Make every model decision explainable.
Policate applies the active company policy before it scores eligible models across capability, cost, latency, reliability, and team preference. The selected model, policy version, fallback, and estimated spend are visible in the request trace.
02 · Operating modes
Gateway first. Direct when the boundary requires it.
Gateway mode is the recommended default: budgets, redaction, policy, routing, caching, and audit stay authoritative at the control plane. Direct mode is an explicit organization opt-in. The binary calls your provider directly while applying the latest signed, secret-free company bundle locally.
03 · Binary
One familiar workflow on every developer machine.
The Policate binary wraps the Oh My Pi workflow and adds managed configuration, model routing, receipts, and cost-aware defaults. Install on macOS, Linux, or Windows, then run policate login. On startup it fetches the approved company bundle and applies managed tools and instructions without overwriting personal files.
04 · Controls
Set the guardrails once, keep them everywhere.
Company owners can set a context-window ceiling and an automatic compaction threshold in tokens or percentage. Budgets, hard limits, redaction, managed presets, and update enforcement are visible in the dashboard and synchronized to the binary.
05 · Workspace
Curate the tools agents can actually use.
Approve MCP servers, skills, commands, subagents, and pre-commit hooks from the dashboard. Managed updates are signed and idempotent, so teams get the same safe baseline while developers keep their personal configuration and secrets.
06 · Allocation
Turn token usage into an operating signal.
Tag sessions manually or attribute sanitized GitHub and Jira references to a project. Usage rolls up by project, work item, session, model, and provider so finance and engineering can see where spend went and which model combinations deliver the best value.
07 · AI-native control
Operate Policate from any MCP client.
Create a dashboard API token with admin:read and, when needed, admin:write. Add the server below to Claude Desktop, Cursor, an internal agent, or any compatible MCP client. Provider credentials never leave the control plane.
{
"mcpServers": {
"policate": {
"url": "https://policate.marcllort.com/api/mcp",
"headers": { "Authorization": "Bearer ${POLICATE_API_KEY}" }
}
}
}The server exposes organization, context policy, active policy, managed tools, usage, tokens, operating mode, and policy activation with scope and role checks. Raw tokens and provider secrets are never returned.
Quick start
From install to your first governed request.
curl -fsSL https://policate.marcllort.com/install.sh | sh
policate login
policate doctorA new workspace starts with a safe trial. Choose Gateway or Direct mode, connect a provider, select a regional preset, activate the policy, then create a token. If you get stuck, the Help Center can answer product questions or route a message to the team.
