Connect any agent. Govern every one.
Bring the agents you already use. They connect over the Model Context Protocol with a scoped token, read the context you allow, and propose changes you approve.
From zero to governed in four steps.
Register a client, scope the grant, connect, and review. No bespoke integration work, ever.
Register your client
Create an OAuth client in seconds. You get a client ID and configure your redirect URI — confidential or public, your call.
client_id
cli_9f2a…e10b
redirect_uri
https://app/callback
grant
authorization_code + PKCE
Authorization that does the governing for you.
OAuth 2.1 + PKCE
Standards-based authorization with proof-key-for-code-exchange. No long-lived secrets passed around, no bespoke auth to build.
Per-box, per-capability scopes
Grant an agent read on three boxes and propose on one. The token carries exactly that — nothing more.
Rotation & revocation
Rotate tokens on a schedule and revoke any agent instantly. A revoked token's whole refresh family dies with it.
Every call audited
Connect, read, propose — each action is attributed to a client on an append-only log you can export.
Works with any MCP client
Claude, Cursor, and anything else that speaks the Model Context Protocol. One protocol, zero custom integrations.
Read, never write
Connected agents physically cannot mutate your source of truth. The only path in is a proposal you approve.
Works with
If it speaks MCP, it works with Poggle — no plugin to install, no adapter to maintain.
Bring your agents. Keep the keys.
Connect your first agent free and scope it in under a minute.