Pricing

Plans for governed AI agent workflows.

Pick the billing-account plan that matches your MCP-connected agents, GitHub and Postgres/database tools, runtime sessions and logs, approvals, monitor/enforce posture, and monthly plus daily quota controls shared across workspaces.

Start free Read setup guide

Free

Start

$0/month

For individual builders validating governed MCP access with a small workspace.

1 workspace included
2 members per workspace
2 agents
1 protected repository across account
1 active database connection across account
3,000 runtime calls/month shared across workspaces
300 enforce calls/month shared across workspaces
300 total calls/day
30 enforce calls/day
7-day logs
Monitor + enforce
1 limited custom policy set
Community/basic support

Start free

Team

Growth

Scale

$99/month

For organizations standardizing runtime controls across agents, repos, and environments.

10 workspaces included
25 members per workspace
20 agents
50 protected repositories across account
10 active database connections across account
150,000 runtime calls/month shared across workspaces
150,000 enforce calls/month shared across workspaces
10,000 total calls/day
10,000 enforce calls/day
90-day logs
Monitor + enforce
25 advanced policy sets
Priority support

Get started

Enterprise

Custom

For regulated teams that need identity controls, exports, custom retention, and deployment support.

Custom workspaces
Custom members
Custom agents
Custom protected repositories
Custom active database connections
Custom runtime calls
Custom daily and billing-period enforce limits
SSO/SAML/SCIM
SIEM export
Custom retention
VPC/self-hosted later
Dedicated support

Contact sales

Prices are monthly. Cancellations take effect at the end of the billing period. Taxes may apply later if configured.

How plans differ

Capability	Free	Team	Growth	Enterprise
Owned workspaces	1	3	10	Custom
Members/workspace	2	10	25	Custom
Agents	2	5	20	Custom
Protected repositories	1	10	50	Custom
Active database connections	1	3	10	Custom
Runtime tool calls/month	3,000	50,000	150,000	Custom
Enforce calls/month	300	50,000	150,000	Custom
Tool calls/day	300	2,500	10,000	Custom
Enforce calls/day	30/day	2,500/day	10,000/day	Custom
Logs	7-day logs	30-day logs	90-day logs	Custom
Runtime sessions	Included	Included	Included	Included
Approvals	Included	Included	Included	Included
Runtime modes	Monitor + enforce	Monitor + enforce	Monitor + enforce	Monitor + enforce
Policies	1 limited custom policy set	5 custom policy sets	25 advanced policy sets	Custom policies
Rules per custom set	5	25	100	Custom
Support	Community/basic support	Basic support	Priority support	Dedicated support
SSO/SAML/SCIM	Not included	Not included	Later	Custom
SIEM export	Not included	Not included	Later	Custom
VPC/self-hosted	Not included	Not included	Later	Custom

Built around runtime governance

Monitor before enforcing

Observe tool calls and would-be policy decisions before blocking production workflows.

Enforce high-risk boundaries

Move selected agents, actions, or repositories into enforce mode when policies are ready.

Keep the audit trail

Retain structured decision logs that show who called which tool, what policy matched, and what happened.

FAQ

Frequently Asked Questions

Everything you need to know before you start.

A billing account owns the plan, subscription, members, and shared usage pool. Workspaces are project/security boundaries inside that account.

Free accounts include one workspace. Additional workspaces require upgrading the billing account.

Runtime and enforce limits are shared across all workspaces in the billing account.

Normal signup creates one free billing account with one workspace. Additional workspaces require upgrading the billing account or contacting support@z-gateway.com for an organization setup.

Runtime quota is enforced at the billing-account level, so usage from one workspace reduces the remaining quota available to the others. Enforce quota exhaustion does not silently fall back to monitor mode.

Every runtime call routed through z-gateway counts toward your billing account's total tool-call quota. GitHub and database MCP tools share the same total runtime quota, and monitor and enforce calls both count. Enforce-mode calls also count toward enforce-specific limits where your plan has them. Free accounts include 300 enforce calls per monthly usage period, capped at 30 enforce calls per day.

Paid-plan monthly limits reset with the billing account's subscription billing period, so the reset follows the renewal date and is not always the calendar month. Free accounts use the app's UTC monthly quota window when no paid subscription period exists.

Total-call limits and enforce-call limits are checked separately. When a daily enforce limit is reached, enforce actions are unavailable until the daily window resets. When the monthly enforce limit is reached, enforce actions are unavailable until the monthly usage period resets. z-gateway does not silently fall back to monitor mode; users can explicitly choose monitor mode if they accept that actions will be logged but not blocked.

Protected repositories are the repositories selected in your GitHub App installation that z-gateway governs. You can manage selected repositories from your GitHub App installation, and your plan controls how many selected repositories z-gateway can govern.

Monitor mode evaluates policy and logs decisions without blocking denied actions. Enforce mode blocks denied actions before connector execution. Enforce availability depends on your plan and current enforce quota, and the mode switcher shows enforce usage before you switch.

z-gateway includes Postgres/database MCP connector support for implemented database actions such as schema inspection, bounded reads, explain/risk assessment, and approval-gated write proposals. Database connections are active protected database targets across the billing account; disabled or archived connections do not count toward your plan limit. Database actions count against shared runtime usage. It is not a transparent Postgres wire proxy and does not intercept arbitrary Prisma or psql traffic.

Risky or policy-gated actions can create workspace-scoped approval requests in the dashboard. Approval cards are designed to avoid exposing raw SQL or secrets in collapsed views, and execution follows the existing approval flow before connector execution for gated database actions.

Runtime sessions group related tool calls into one agent execution timeline, which is useful when an agent touches both GitHub and database systems. Detailed evidence still lives in runtime logs.

Most teams are connected in under 5 minutes. You add z-gateway as your MCP server URL, paste your agent credentials, and you're live. Full setup guide is in the docs.

Yes. z-gateway is MCP-native and vendor-agnostic. It works with MCP-capable clients such as Claude Code, Cursor, OpenAI Codex, and custom agents, with CLI-assisted setup available from the docs where supported.

Enterprise plans are available for custom limits, identity controls, exports, and private deployment discussions. VPC/self-hosted support is listed as later/custom, not a self-serve feature today. Contact us at sales@z-gateway.com to discuss your setup.

Yes. Every plan supports multiple members with role-based access control. You can invite team members as owners, admins, developers, or security viewers — each with different permission levels. The Team plan and above include unlimited seat access.

Yes. z-gateway supports PostgreSQL via the database MCP connector. You can define policies that restrict which tables an agent can query, block INSERT, UPDATE, or DELETE operations entirely, and get a full audit log of every query attempt — so an agent can never run a destructive operation you haven't explicitly allowed.

We are actively working toward SOC 2 Type II certification. If you have a specific compliance requirement or timeline, email us at sales@z-gateway.com and we'll work with you directly.