# Sentrail

## Docs

- [Approval decision endpoint: approve or deny agent actions](https://docs.sentrail.dev/api-reference/approval-decision.md): Reference for POST /approval-decision: payload, JWT auth, reviewer roles, and how Sentrail replays the stored deferred action when a request is approved.
- [Authentication: agk_ API keys, scopes, and Bearer tokens](https://docs.sentrail.dev/api-reference/authentication.md): How to create, scope, and rotate agk_ API keys for the Sentrail API. Covers Bearer token usage, SHA-256 hashing, key expiry, and per-endpoint scopes.
- [Evaluate action endpoint: decisions without forwarding](https://docs.sentrail.dev/api-reference/evaluate-action.md): Reference for POST /evaluate-action: request fields, response decisions, and how to use Sentrail policies in custom agent pipelines without proxying the call.
- [Gateway proxy endpoint: tool API entry point for agents](https://docs.sentrail.dev/api-reference/gateway-proxy.md): Reference for the gateway-proxy endpoint: URL structure, headers, authentication, status polling, and decision response codes for agent-driven tool requests.
- [Kill switch API: enable, disable, and pause tools](https://docs.sentrail.dev/api-reference/kill-switch-api.md): Reference for POST /kill-switch: workspace and tool actions, JWT auth, admin role requirement, and examples for stopping agent activity programmatically.
- [MCP Gate API: JSON-RPC endpoint with policy gating](https://docs.sentrail.dev/api-reference/mcp-gate-api.md): Reference for the mcp-gate streamable HTTP endpoint: initialize, tools/list, and tools/call methods with API key auth and per-call Sentrail policy evaluation.
- [CLI command reference](https://docs.sentrail.dev/cli/commands.md): Complete reference for all sentrail commands: init, start, status, demo, and test.
- [How the local interceptor works](https://docs.sentrail.dev/cli/local-interceptor.md): Architecture, command classification, fail-closed behavior, and the terminal approval flow for the Sentrail local MCP proxy.
- [Sentrail CLI: local interceptor for AI coding agents](https://docs.sentrail.dev/cli/overview.md): Install the Sentrail CLI to intercept local shell commands — rm -rf, git push --force, DROP TABLE — before they execute, without changing your agent's code.
- [Core concepts: gateway, policies, approvals, audit logs](https://docs.sentrail.dev/core-concepts.md): Learn the six building blocks of Sentrail: the gateway proxy, policy engine, approval flow, kill switch, audit logs, and agent identities.
- [Connect Claude Code to Sentrail via MCP](https://docs.sentrail.dev/guides/connecting-claude-code.md): Configure Claude Code's mcp_servers.json to route every MCP tool call through the Sentrail mcp-gate endpoint with an agk_ API key and policy evaluation.
- [Connect Cursor to Sentrail via MCP](https://docs.sentrail.dev/guides/connecting-cursor.md): Configure Cursor's MCP settings to send every tool call through the Sentrail mcp-gate SSE endpoint, with API key auth and policy gating before upstream servers.
- [Reviewer workflow: approve or deny agent requests](https://docs.sentrail.dev/guides/reviewer-workflow.md): How reviewers receive notifications, inspect agent payloads, and approve or deny pending Sentrail approval requests from the dashboard or via the API.
- [Writing policies: rules, priority, and action patterns](https://docs.sentrail.dev/guides/writing-policies.md): Author Sentrail policies using action patterns, resource and risk filters, conditions, and priority order to allow, block, or require approval on agent actions.
- [Approval flow: deferred execution and request replay](https://docs.sentrail.dev/how-it-works/approval-flow.md): How Sentrail queues an agent request when a policy returns require_approval, stores the deferred action, and replays the original call after a reviewer decides.
- [Sentrail architecture: proxy gateway request flow](https://docs.sentrail.dev/how-it-works/architecture.md): Walk through the Sentrail request flow: agent call, API key auth, action classification, policy evaluation, audit log write, and tool API forwarding.
- [Audit logs: immutable record of every agent action](https://docs.sentrail.dev/how-it-works/audit-logs.md): Reference for the Sentrail audit_logs table: schema columns, correlation IDs, decision values, risk levels, and how entries are created across every endpoint.
- [Kill switch: stop AI agent activity instantly](https://docs.sentrail.dev/how-it-works/kill-switch.md): Use the global kill switch or per-tool pause to halt agent write actions immediately. Both states are checked at evaluation and before deferred execution.
- [Policy engine: how Sentrail evaluates agent actions](https://docs.sentrail.dev/how-it-works/policy-engine.md): Learn how the Sentrail policy engine matches agent actions on tool, action pattern, resource type, and risk level using priority-ordered first-match rules.
- [GitHub integration: OAuth, gateway proxy, and webhooks](https://docs.sentrail.dev/integrations/github.md): Connect GitHub to Sentrail with OAuth, proxy agent calls through gateway-proxy/github, and evaluate inbound GitHub webhook events with HMAC-SHA256 verification.
- [Internal API integration (preview)](https://docs.sentrail.dev/integrations/internal-api.md): Status of the internal_api tool in Sentrail and how to gate calls to your own backend services today using the evaluate-action endpoint in your pipeline.
- [Linear integration: GraphQL proxy and webhook gating](https://docs.sentrail.dev/integrations/linear.md): Connect Linear to Sentrail via OAuth, proxy GraphQL mutations through the gateway, and verify inbound Linear webhooks using HMAC-SHA256 with timing-safe checks.
- [MCP Gate: policy gating for Model Context Protocol servers](https://docs.sentrail.dev/integrations/mcp-gate.md): Route remote HTTP MCP servers through mcp-gate so every tools/call is evaluated, blocked, or queued for approval before reaching the upstream server.
- [Slack notifications: approvals, kill switch, rogue actions](https://docs.sentrail.dev/integrations/slack.md): Configure a Slack incoming webhook to receive Sentrail alerts for approval requests, reviewer decisions, kill switch state changes, and blocked rogue actions.
- [Introduction to Sentrail](https://docs.sentrail.dev/introduction.md): Sentrail is a policy gateway between AI agents and developer tools. Apply allow, block, and approval rules to every write action with a full audit trail.
- [Quickstart: gate your first AI agent action](https://docs.sentrail.dev/quickstart.md): Connect GitHub, create an API key, and route your first AI agent request through the Sentrail gateway with policy enforcement in under 10 minutes.
- [Compliance: EU AI Act readiness and SOC 2 roadmap](https://docs.sentrail.dev/security/compliance.md): How Sentrail's approval gates, audit trail, kill switch, and risk classification map to EU AI Act oversight requirements and the SOC 2 control roadmap.
- [Security: API keys, webhook HMAC, RLS, and secret handling](https://docs.sentrail.dev/security/security.md): How Sentrail hashes API keys with SHA-256, verifies GitHub and Linear webhooks with HMAC, isolates workspace data with RLS, and stores tool credentials.

## OpenAPI Specs

- [openapi](https://docs.sentrail.dev/api-reference/openapi.json)