Private previewDesign partner program is open

The governed runtime for enterprise agents

Let agents act.
Keep control.

Onterix is building the customer-controlled execution and data-protection layer for enterprise AI—preserving real permissions, inspecting sensitive data, approving exact actions, and recording evidence across every agent interface.

GOVERNED TRANSACTION
Interactive trace

“Prepare the Acme renewal brief, update the forecast, and send the customer follow-up.”

STEP 01

Bind the real actor and client

Maya asks Codex to prepare a renewal brief and update Salesforce. Onterix binds her identity, tenant, client, and exact capability versions before any source is touched.

Identity established
Actor
Maya Chen · Revenue Ops
Client
Codex · verified
Capabilities
4 requested · 3 visible

One governed path for the tools your teams already choose

ClaudeChatGPTCodexCursorInternal agents

The trust boundary

Control the full transaction.

Most platforms solve one part of enterprise agency. Onterix is designed to connect identity, data protection, action governance, and evidence at the moment an agent does real work.

Access

Bind every request to the real human, agent, client, tenant, and source-system permission ceiling.

Explore access

Data

Inspect, classify, minimize, route, transform, or quarantine sensitive content at the boundaries you control.

Explore data

Action

Turn generated intent into typed, policy-checked transactions with exact-payload approval when risk demands it.

Explore action

Evidence

Connect identity, sources, transformations, decisions, approvals, and execution in one reconstructable trace.

Explore evidence

Protocol-neutral by design

MCP is the entry point. Governance is the product.

MCP, CLI, API, SDK, workflows, and future agent protocols should all enter the same capability runtime—not create separate policy engines, credentials, or audit stories.

See the architecture
ClaudeChatGPTCodexCLIInternal agents
ONTERIX RUNTIMEOne governed execution path
IdentityData policyApprovalEvidence
Company systemsKnowledgeModelsWorkflows

Same-or-stricter access

The agent never becomes a permission shortcut.

Onterix is built around a simple invariant: access through an agent must remain the same or stricter than access in the source system. Everything else follows from that rule.

01

Know who—and what—is asking

Authenticate the actor, delegated subject, agent, client, tenant, and runtime before discovery or execution.

02

Keep source permissions as the ceiling

An agent can narrow a user’s access. It can never silently expand it or substitute a broad service account.

03

Understand the destination

Source access does not imply permission to send content to every model, recipient, artifact, or external system.

04

Govern the exact action

Policy can allow, constrain, transform, route, require approval, quarantine, or deny a typed capability request.

05

Leave evidence, not a mystery

Every decision and mutation is tied to immutable versions, content hashes, source references, and a trace.

The Acme renewal

One question. Every control visible.

Our reference experience uses a synthetic company environment to make the product’s hardest promises testable: permission-aware retrieval, destination-aware protection, exact-action approval, and evidence.

GOVERNED TRANSACTION
Interactive trace

“Prepare the Acme renewal brief, update the forecast, and send the customer follow-up.”

STEP 01

Bind the real actor and client

Maya asks Codex to prepare a renewal brief and update Salesforce. Onterix binds her identity, tenant, client, and exact capability versions before any source is touched.

Identity established
Actor
Maya Chen · Revenue Ops
Client
Codex · verified
Capabilities
4 requested · 3 visible

NOTEThe Acme environment is a simulated product proof for the private preview. Connector and client readiness will be labeled as it advances from fixture to sandbox to verified.

Customer-controlled deployment

Bring the control plane. Keep the sensitive plane where it belongs.

The same runtime boundary is designed to support managed, dedicated, customer-data-plane, and fully self-hosted deployments without changing how agents discover and call governed capabilities.

Planned modeControl planeSensitive executionBest fit
Managed sharedOnterixOnterix regional cellFast evaluation and standard workloads
Managed dedicatedOnterixDedicated Onterix cellIsolation, regional, and scale requirements
Customer data planeOnterixCustomer environmentCustomer-local credentials, content, and execution
Fully self-hostedCustomerCustomer environmentDisconnected or maximum-control environments
“The neutral trust boundary underneath every enterprise agent.”
Onterix product direction

Build with us

Make governed agency real.

We are selecting design partners with serious agent workflows, sensitive systems, and a need for customer-controlled execution.