EnvisionAISYSTEMSRequest demo

PRODUCT 01 / AGENT ACCESS MANAGER

On-Prem AI Gateway and Multi-Provider LLM Broker: One endpoint. Every LLM vendor.

Agent Access Manager is an on-prem AI gateway and broker: applications use one OpenAI-compatible endpoint and virtual keys while the broker controls provider credentials, routing, usage, guardrails, and audit.

Request enterprise demoReview architecture ↓
ON-PREM REQUEST PATHOPENAI-COMPATIBLE
01
APPLICATIONOpenAI SDK / AI applicationAuthorization: Bearer sk-virtual-key
AUTHENTICATED
POST /v1/chat/completions · model: fast
02
AI GATEWAY / BROKERAgent Access Managerkey / budget / guardrail / route / meter
GOVERNED
SCOPEorg / team / project · RPM / TPM · PII / secret policy
PRIMARY DEPLOYMENTAnthropic / Geminitranslated request
FALLBACK DEPLOYMENTOpenAI / Groq / Ollamahealth-aware route
DURABLE AUDITVirtual key + provider + model + tokens + outcomecall_8F21A

CONTROL OUTCOMES

Replace direct vendor integrations with one governed AI access layer.

01

One compatible endpoint

Point existing OpenAI or Anthropic-compatible clients at the broker and select governed model aliases instead of vendor-specific endpoints.

02

Virtual application keys

Issue vendor-agnostic keys that can be scoped, revoked, suspended, and expired while master vendor credentials remain encrypted at rest.

03

Resilient model routing

Map aliases to several deployments, translate provider formats, spread load, track health, and fall back across vendors on failure or budget pressure.

04

Metered, guarded calls

Apply scoped budgets, RPM/TPM limits, request and response guardrails, and durable call-level usage and audit records.

REFERENCE ARCHITECTURE

Configure once, then route every application call through the broker.

01

Register providers

Store each vendor endpoint, protocol, and encrypted credential in the on-prem catalog.

02

Define deployments

Map a stable model alias to one or more real upstream models for load balancing and fallback.

03

Mint virtual keys

Issue revocable application credentials scoped to an organization, team, or project with budgets and rate limits.

04

Proxy and record

Authenticate, guard, route, stream, meter, and record the provider, model, tokens, cost, and final outcome.

GATEWAY TELEMETRY
ILLUSTRATIVE REFERENCE VIEW
REQUESTS PROXIED18.4k24H WINDOW
VIRTUAL KEYS42ORG / TEAM / PROJECT
GUARDRAIL BLOCKS37PII / SECRET / DENYLIST
GATEWAY P95312msSLO PASS
TIMEVIRTUAL KEYMODEL ALIASPROVIDEROUTCOME
14:32:08vk_finance_07fastanthropicSUCCESS
14:31:55vk_support_02reasoningopenaiFALLBACK
14:31:41vk_research_12summarizegeminiBLOCK

PRODUCT SPECIFICATION

One deployable. Two interfaces. Enforced module boundaries.

A Spring Modulith architecture keeps the operational path simple while separating access, routing, governance, and analytics responsibilities.

CONTROL PLANEADMINISTRATORS
POST /admin/providersPOST /admin/deploymentsPOST /admin/keysPOST /admin/budgets

Register vendors and model aliases, encrypt provider credentials, mint application keys, and configure scoped controls.

DATA PLANEAPPLICATIONS
POST /v1/chat/completionsPOST /v1/responsesPOST /v1/messagesPOST /v1/embeddings

Use existing OpenAI or Anthropic-compatible clients with a broker-issued virtual key; streaming is supported.

01iam

Virtual keys and /v1 authentication

02catalog

Providers, deployments, encrypted credentials

03directory

Organizations, teams, and projects

04providers

OpenAI, Anthropic, Gemini, and Vertex adapters

05routing

Load balancing, health, and fallback

06gateway

OpenAI-compatible request pipeline

07analytics

Postgres call audit and usage records

08billing

Budgets, spend, RPM, and TPM

09guardrails

PII, secret, and denylist policy

10siem

Optional OpenSearch event projection

11soar

Optional reversible abuse containment

12shared

Events and common value types

ON-PREM FIRST / POSTGRES SYSTEM OF RECORD / OPTIONAL OPENSEARCH + VALKEY + KEYCLOAK

TRUST ARCHITECTURE

Built for security review, not security theater.

Map virtual-key access, encrypted provider credentials, guardrail decisions, and audit evidence to the controls your enterprise already operates.

SOC
SOC 2 control alignment

Architecture supports evidence collection for access, change, and monitoring controls.

ISO
ISO 27001 readiness

Map credential, access, policy, and audit practices to ISMS control objectives.

AI
NIST AI RMF mapping

Operational visibility across governed model access, guardrails, usage, and provider outcomes.

Control-alignment statements describe product architecture and are not claims of EnvisionAI certification.

WORKS WITHOpenAIAnthropicGeminiVertex AIGroqOllama

TECHNICAL EVALUATION

Review the control path with your security and platform teams.

Map the architecture to your providers, application clients, governance scopes, data boundaries, and operating requirements.

ENTERPRISE INQUIRY / SECURE FORM

Request an enterprise demo

Tell us about your environment. We will route your request to a technical specialist.

Business inquiries only. No free-tier or consumer accounts.