Product · SynOI Gateway

Available

Drop-in proxy for any AI tool.
One env var. Signed receipts on every call.

The Gateway is the on-ramp to SynOI. Point your tool's API base URL at gateway.synoi.systems, keep using your own provider keys, and every call you make is intercepted, governed, and receipted. No SDK, no code changes, no SaaS lock-in. Works with Claude Code, Cursor, OpenClaw, and 14 other tools out of the box.

Start free 20 tools verified →Pricing

How it works · 4 steps · 5 minutes

From idle install to a verifiable audit trail in under five minutes.

Set the gateway URL

Point your tool's API base URL at gateway.synoi.systems. The protocol matches your existing provider (Anthropic-shaped or OpenAI-shaped) so no client changes are needed.

# Anthropic-shaped clients (Claude Code, Cursor, OpenClaw, ...)
export ANTHROPIC_BASE_URL=https://gateway.synoi.systems/anthropic

# OpenAI-shaped clients
export OPENAI_API_BASE=https://gateway.synoi.systems/v1

02
Bring your provider key
Your upstream key flows through as X-Provider-Key. It's forwarded to the provider and never written to any SynOI database. A CI test scans the DB after each release to assert this invariant.
```
# Your key in your tool's config — unchanged.
# Gateway forwards it. We never store it.
ANTHROPIC_API_KEY=sk-ant-...
# (or OPENAI_API_KEY, GOOGLE_API_KEY, GROQ_API_KEY, ...)
```
03
Traffic flows · receipts mint · MCP tool calls signed too
Every request is governed against your risk policy, optionally routed through HITL if the call crosses a configured blast-radius threshold, and signed with a hybrid (Ed25519 + ML-DSA-65) receipt. Every MCP tool-call decision (allow, deny, require-approval, HITL outcome) also produces a signed receipt. Compliance tags (NIST AI RMF, EU AI Act, ISO 42001, SOC 2) are mapped in the receipt schema; full compliance certification is pending SOC 2 audit completion. Agents do not bypass the audit trail. P99 latency overhead under 2ms for cached paths.
```
# A single curl now produces a receipt:
curl -i https://gateway.synoi.systems/anthropic/v1/messages \
  -H 'X-Provider-Key: $ANTHROPIC_API_KEY' \
  -H 'X-SynOI-Tenant: acme-prod' \
  -d '{ "model": "claude-opus-4-7", "messages": [...] }'

# Response includes header:
# X-SynOI-Receipt-Id: rcpt-1779234155-9q3kz1xv

# Same for MCP tool calls:
curl -i https://gateway.synoi.systems/mcp/proxy \
  -H 'X-MCP-Upstream: https://your-mcp-server/mcp' \
  -d '{ "jsonrpc":"2.0", "id":1, "method":"tools/call", ... }'
# Every decision gets a receipt: deny / allow / HITL outcome.
```
04
Verify, offline, anywhere
The receipt URL is public, unauthenticated, and renders the canonical JSON body and hybrid (Ed25519 + ML-DSA-65) signatures. Auditors, customers, or your own CI can verify the classical signature offline with any standard Ed25519 library. No SynOI account required.
```
# Open in any browser:
https://verify.synoi.systems/rcpt_8b3c9f...

# Or verify in code, against the published public key:
import { verify } from '@synoi/sdk/receipts'
const ok = await verify(receiptBody, signature, publicKey)
```

What the Gateway gives you

Drop-in today. The rest of SynOI when you're ready.

BYO provider keys, never persisted

X-Provider-Key is read once, forwarded once, dropped. Asserted by a CI test that scans the database after every release. We literally cannot leak what we never stored.

Multi-vendor by design

Anthropic, OpenAI, Groq, Google, Mistral, local-model proxies: all behind the same surface. Switch vendors per route, per tenant, per call. Receipts are vendor-neutral.

Signed audit trail

Every action produces a hybrid-signed (Ed25519 + ML-DSA-65) Decision Receipt. Canonical JSON body. Verifiable offline, six months or six years later, with no SynOI dependency.

HITL when it matters

Risk policy can require human approval for high-blast-radius tool calls. Approve from mobile, Slack, SMS, desktop toast, or email magic link. Timeouts fail closed.

Risk policy engine

Per-tenant allow / deny / require-approval rules. Matchers cover tool name, tool input fields, complexity tier, model, user message. Evaluated at ~1ms per call.

Egress journal + PII suppressor

Optional redaction patterns applied to outbound payloads. Redactions logged for audit. No surprise data exfiltration to upstream models.

Per-tier routing

Trivial queries route to free Groq tier; reasoning routes to Opus; defaults configurable. Cost arbitrage as a side effect of governance, not the headline.

Self-hosted option

Same image. Run on-prem behind your firewall. License control plane stays in your account; no provider traffic leaves your network unless you let it.

Tested with

20 tools verified end-to-end.

Every tool below has a CI smoke test exercising the full proxy path: auth, request, response streaming, receipt mint, signature verification. The matrix is on the compatibility page.

Claude Code
Cursor
OpenClaw
Continue.dev
Aider
Cline
Roo Code
Sourcegraph Cody
Zed AI
JetBrains AI
GitHub Copilot Chat
Codeium Windsurf
Cody
Devin
Tabby
Open-WebUI
LibreChat

Pricing

Free to start. Usage-based after that.

The first tier covers solo developers and small teams. Enterprise tier adds SSO, multi-tenant, custom risk policies, and a SOC 2 reporting path. BYO provider keys means you only pay SynOI for the governance, never for the inference.

See full pricing →

Free tier includes

· Up to 100k receipts/month
· All 17 supported tools
· BYO provider keys, no markup
· Public verifier access
· 30-day receipt retention

One env var. Audit trail from the next request on.

The Gateway is live today. Drop it in front of any model call and the receipts begin. The rest of the SynOI catalog can adopt at your pace.

Start free See a signed receipt →

Drop-in proxy for any AI tool. One env var. Signed receipts on every call.