Why Product How it works Pricing Docs
Sign in Start free
Now in open beta · MCP-native

Stop putting
API keys in .env

Keyward is the secure-by-default platform for building and running MCP servers. Every tool call gets a scoped, short-lived credential, a per-agent identity, and a full audit trail — automatically. Ship your first secure server in under five minutes.

$0 to start · no card TypeScript SDK + CLI Open-source client
invoice-agent.ts
// Before — long-lived, unscoped, unattributable
const apiKey = process.env.STRIPE_API_KEY
// After — Keyward brokers it
import { createClient } from "@keyward/sdk" const kw = createClient({ token, agent: "invoice-bot" }) const cred = await kw.get("stripe", "charges:read", "5m")
// ✓ scoped  ✓ expires in 5m
// ✓ logged  ✓ revocable per-agent

Built for the way agents work today

MCPClaudeCursorFastMCPLangGraphOpenAI Agents

// the problem

The agent boom shipped without a security model.

Builders wire agents to tools with raw API keys in plaintext files. No expiry, no scope, no idea which agent did what. It's the exact problem the rest of software solved a decade ago — reborn, at machine scale.

52%

of public MCP endpoints are dead — largely abandoned servers and expired or leaked credentials (April 2026 scan of 2,181 endpoints).

100:1

non-human identities now outnumber humans in the enterprise. Almost none of them are scoped, short-lived, or audited.

1.3B

AI agents projected in operation by 2028 (IDC) — each one a credential waiting to leak.

// the product

Security primitives, baked into the build flow.

Not a gateway you bolt on after an incident. The place you build your MCP server — where least privilege is the default, not a project.

Credential broker

One line of SDK swaps a static key for a scoped, short-lived credential minted at call time. Delete your .env for good.

Per-agent identity

Every agent gets its own identity. Every action ties back to the agent and the user who authorized it. Revoke one without breaking the rest.

Full audit trail

An append-only log of every tool call: who, on whose behalf, what scope, allowed or denied. Compliance-ready, and your own peace of mind.

Build & run in minutes

keyward init scaffolds a brokered agent. keyward wrap adopts your existing MCP server with zero rewrite.

Scoped least-privilege

Grant exactly the access a task needs, no more. Native short-lived credentials for cloud, OAuth, and databases — not just a proxy.

Open & portable

Open-source SDK and CLI. Works with the frameworks you already use. No lock-in, no rewrite, auditable client.

// how it works

Zero to secure in three steps.

01

Install

npx keyward init and connect a project. Add your upstream secrets once — Keyward vaults them with envelope encryption + KMS.

02

Broker

Replace static keys with broker.get(...). Your server now requests scoped, short-lived credentials at call time.

03

Watch

Every call streams to your audit log and dashboard. See, scope, and revoke any agent in one click.

// pricing

Free for builders. Scales when your team does.

The whole "aha" is free — one developer can ship one genuinely-secure server end to end. You only pay when you add a team, environments, and compliance.

Builder
$0

For solo devs, labs, and side projects.

  • Build & run MCP servers
  • Credential broker (fair-use)
  • Per-agent identity
  • 7-day audit log · 1 environment
  • Team, SSO, policy engine
Start free
Most popular Team
$29 / dev / mo

For startups running agents in production.

  • Everything in Builder
  • Unlimited secrets & agents
  • Hosted gateway + RBAC policy
  • Dev / stage / prod envs
  • 90-day audit + export · SSO
Start 14-day trial
Enterprise
Let's talk

For security & platform organizations.

  • Everything in Team
  • VPC / on-prem deployment
  • SAML / SCIM (Entra, Okta)
  • Advanced policy + SIEM stream
  • SOC 2 · SLA · dedicated support
Contact sales

Your agents deserve real credentials.

Join the builders shipping MCP servers that are secure from the first line of code.

Start building free →