# Rungate > Governance for the run, not the call. Rungate is a control plane for AI agent runs — budgets, policies, and approval gates applied to the complete workflow, from first model call to final tool invocation. Rungate is a proxy between AI agents (Claude Code, OpenAI Agents, custom agents) and LLM providers (OpenAI, Anthropic). The core primitive is the **run**: a complete unit of agent work including every model call, tool invocation, retry, and approval gate. Unlike per-call gateways (Portkey, LiteLLM) or observability tools (Langfuse, Helicone), Rungate enforces governance at the run level — budgets that span multiple calls, policies that persist across a workflow, approval gates that pause and resume, and full audit trails of the complete workflow. ## Core pages - [Home](https://rungate.dev/): Overview with animated run demonstration, feature sections (budgets, approvals, tracing), and trust signals. - [Documentation](https://rungate.dev/docs): Multi-page docs covering quickstart, runs, policies & budgets, approval gates, integrations, webhooks, and self-host. - [For agents](https://rungate.dev/agents): Single-page dense integration reference designed for AI agents to read top-to-bottom in one pass. - [Pricing](https://rungate.dev/pricing): Four tiers (Free 500 steps/mo, Pro ~$49/mo, Growth ~$299/mo, Enterprise custom). Billed by successful steps. - [Security](https://rungate.dev/security): Apache 2.0 license, AES-256-GCM encryption on provider keys, audit posture, compliance roadmap. ## Technical - [OpenAPI specification](https://rungate.dev/openapi.json): Full API surface in OpenAPI 3.1 format. - [Quickstart](https://rungate.dev/docs/quickstart): Sign up, get tokens, make your first governed LLM call. Five minutes end-to-end. - Source code is Apache 2.0; the repository is currently private during early access. Request access via support@rungate.dev. - [Changelog](https://rungate.dev/changelog): Release history with date, version, change-type tags. ## Integration in 30 seconds Point your agent at `https://api.rungate.dev/v1` instead of the provider's endpoint, and supply a Rungate agent API key as the `Authorization: Bearer rg_agt_...` header. Rungate accepts OpenAI chat/completions and Anthropic messages request formats unchanged and forwards to the appropriate provider. Rungate enforces policies server-side. No SDK lock-in — use any provider SDK you already have. Use `x-rungate-run-id` and `x-rungate-policy` headers (or body fields) for run grouping and per-run policy overrides. ## Differentiation - Run-level budgets (span every call in a workflow, not per-request) - Policy controls applied at the workflow boundary - Human approval gates (HTTP 202 pause/resume, not advisory) - Full run audit (every call, tool, retry, approver reconstructable) - Cross-provider format translation and failover (OpenAI ↔ Anthropic) ## Error semantics - `402 Payment Required` — run or agent budget exceeded. Response includes cumulative spend, limit, and matched rule. - `403 Forbidden` — policy violation (disallowed model, blocked tool, rate limit). Response includes policy name and rule. - `202 Accepted` — approval gate triggered, run paused. Response includes `gate_id`. Agent should retry later. - `429 Too Many Requests` — per-agent or per-policy rate limit. Includes `Retry-After` header. ## Headers All directives work as `x-rungate-*` headers or body fields under a `rungate` key: - `x-rungate-run-id`: Stable ID grouping calls into one run. - `x-rungate-new-run`: Boolean; force a new run on this call. - `x-rungate-policy`: Per-run policy override. - `x-rungate-user`: End-user identifier for attribution. - `x-rungate-tags`: Comma-separated tags for filtering. ## Support - Email: support@rungate.dev - Security disclosures: security@rungate.dev - Status: https://rungate.dev/status