Product
The secure control layer between your agents and the providers they call.
Credential protection, policy enforcement, human approvals, audit trails, cost controls, and anomaly detection — in one control plane.
Key security
Agents use Lumkey keys, not raw provider keys.
Connect your OpenAI, Anthropic, or Gemini account once. Lumkey stores the credential as protected ciphertext and issues Lumkey keys to your agents in its place. Rotate, scope, or revoke any Lumkey key without touching the underlying provider.
- Provider credentials stored as ciphertext, not plaintext
- Keys shown once at creation — not retrievable afterward
- Lumkey keys are scopable, budgetable, and immediately revocable
- Rotation replaces the key rather than revealing it
Policy engine
Real-time enforcement before requests reach the provider.
Policies attach to Lumkey keys and run in the request path. Rules can allow, block, redact sensitive content, hold for human approval, or silently log — without any changes to agent code.
- Allow, block, redact, hold, or log per rule
- Inspect prompt content and tool call arguments
- Time-window, rate-limit, and budget controls
- Deterministic — policies are explicit, not opaque
Human approvals
A queue for requests that should not auto-run.
Attach an approval rule to any key and sensitive requests pause for human review before reaching the provider. Reviewers get notified via Slack or webhook, and every decision is logged.
- Configurable hold rules per key or policy scope
- Slack and webhook notifications on queue events
- Release or reject with full audit record
- Useful for destructive tools and high-risk workflows
Audit log
A complete record of every request and outcome.
Every call through Lumkey captures the key, user, provider, policy match, decision, and timestamp. Export for compliance, investigate incidents after the fact, and give security teams the evidence they need.
- Full request and response metadata captured
- Policy match and allow/block/hold decision logged
- Exportable for SIEM and compliance reporting
- Long retention available on Enterprise plans
Cost controls
AI usage that is measurable and governable.
Set per-key and per-organization budgets. Receive alerts before spend becomes a problem. Track usage by key, team, and provider with cost attribution that makes AI spending legible.
- Budget limits per Lumkey key
- Usage alerts before thresholds are hit
- Cost attribution across teams and providers
- Prevents surprise bills from runaway agents
Anomaly detection
Detect when agents behave unexpectedly.
Lumkey scores request patterns against established baselines. Unusual volume, unexpected tool calls, or off-hours activity surfaces as anomaly signals — useful for incident response and catching compromised keys.
- Baseline scoring per key and organization
- Anomaly signals visible in dashboard and alerts
- Complements policy enforcement — does not replace it
- Available on Pro and Enterprise plans
HDP provenance
Chain-of-custody for delegated agent actions.
Hierarchical Delegation Protocol (HDP) tracks how a request moved through agent pipelines before reaching Lumkey. Useful for multi-agent systems where accountability and traceability matter.
- Signed or attestable delegation context
- Explains how a request arrived, not just what it contains
- Stronger provenance story than API logs alone
- Positioned for agentic governance at scale
Integrations
Fits the tools your team already uses.
Lumkey pushes events into existing operational workflows. Slack notifications, webhooks for automation, SIEM export for enterprise security operations, and a CLI and API for developers who prefer programmatic control.
- Slack notifications for approvals and anomalies
- Webhooks for downstream automation
- SIEM export for enterprise security operations
- CLI and REST API for platform teams
See Lumkey in your stack.
Start with a free key, attach your first policy, and watch the audit log fill up.