Works with your stack

Pull dynamic secrets from Vault at runtime. Agents call APIs with short-lived credentials that are never stored.

Retrieve AWS-managed secrets on demand. Works with IAM roles, no long-lived keys in agent context.

Integrate with Azure Key Vault for certificate and secret resolution in Microsoft-hosted workloads.

Connect to Google Cloud Secret Manager for GCP-native workloads with service account authentication.

Sync environment secrets from Doppler into KeyRunner at deploy time, no manual secret rotation.

Use 1Password service accounts to inject secrets into agent tool calls without exposing them in config.

Expose KeyRunner tool definitions over the Model Context Protocol. Claude calls APIs through a governed runtime, no raw keys in context.

Register KeyRunner as a tool provider for GPT-4 function calling. Policy checks run before every outbound API request.

Wrap KeyRunner MCP tools as LangChain tools. Agent chains call real APIs with runtime credential injection and audit logging.

Assign KeyRunner tool wrappers to CrewAI agents. Each tool call is policy-checked and logged before execution.

Connect AutoGen multi-agent conversations to governed API tools. Secrets stay in KeyRunner, never in the agent message thread.

Use KeyRunner MCP inside Cursor or Claude Code. AI coding assistants make authenticated API calls without seeing credentials.

Use the KeyRunner CLI step in Actions workflows to enforce API policies before deployments and integration tests.

Integrate KeyRunner into GitLab pipelines for secret-free API testing and deployment gating.

Add the KeyRunner plugin to Jenkins to enforce API governance across your existing build pipelines.

Run KeyRunner policy validation as an orb step in CircleCI workflows before any API-touching tests.

Run API requests, manage environments, and trigger policy checks directly from your editor, no context switching.

Scriptable CLI for secret injection, policy validation, and API testing in any terminal or CI environment.

Import OpenAPI specs directly to generate API collections, tool definitions, and mock servers in seconds.

Import existing Postman collections into KeyRunner without re-writing requests or losing environment variables.

Import your Apigee API proxies as KeyRunner collections. Test, govern, and secure them with policy enforcement and runtime secret injection, without touching your proxy config.

Import MuleSoft Anypoint APIs into KeyRunner as collections. Run them with isolated credentials, policy checks, and full audit trails alongside your existing integration flows.

Import Kong-managed APIs into KeyRunner collections. Execute them with runtime credential resolution and policy enforcement while Kong handles routing and rate limiting.

Import AWS API Gateway endpoints into KeyRunner as collections. Test and govern them with runtime secret injection from Secrets Manager and a full audit log per request.

Import Boomi integration APIs into KeyRunner collections. Govern them with policy checks and credential isolation without modifying existing Boomi processes.

Import Kafka producer and consumer API definitions into KeyRunner. Govern agent-triggered stream interactions with policy checks and runtime credential injection.

Forward KeyRunner audit events to Splunk for real-time security monitoring, alerting, and compliance dashboards.

Send agent API call metrics and policy violation events to Datadog for observability and anomaly detection.

Get instant Slack alerts when a policy violation is detected, a secret is rotated, or an agent exceeds its API quota.

Push structured audit JSON to any SIEM, log aggregator, or webhook endpoint via KeyRunner's audit export API.