# hexgate

## Docs

- [Google ADK](https://docs.hexgate.ai/adapters/google-adk.md): HexgateRunner — wraps google.adk.runners.Runner with policy + observability.
- [LangChain / LangGraph](https://docs.hexgate.ai/adapters/langchain.md): wrap_langchain_agent — policy-gated tools, in-place installation.
- [OpenAI Agents SDK](https://docs.hexgate.ai/adapters/openai.md): Wrap an Agent with HexgateRunner — drop-in replacement for agents.Runner.
- [Pydantic AI](https://docs.hexgate.ai/adapters/pydantic-ai.md): wrap_pydantic_agent — gates every tool through PolicyEnforcer.
- [hexgate chat](https://docs.hexgate.ai/cli/chat.md): Single-process REPL against a local or builtin agent.
- [hexgate policy](https://docs.hexgate.ai/cli/policy.md): validate, show-rego, test, build, keygen — policy authoring CLI.
- [hexgate register](https://docs.hexgate.ai/cli/register.md): Push a manifest to the platform.
- [hexgate serve](https://docs.hexgate.ai/cli/serve.md): Bridge a local agent to the platform's WebSocket relay.
- [Audit trail](https://docs.hexgate.ai/concepts/audit-trail.md): Every Decision posted to ClickHouse via /v1/audit/decisions.
- [Policy decision](https://docs.hexgate.ai/concepts/policy-decision.md): The Decision object — allow, deny, approval-required — at the heart of every tool call.
- [Signed policy bundles](https://docs.hexgate.ai/concepts/signed-bundles.md): Compile YAML to WASM, sign with Ed25519, verify on every load.
- [User scope](https://docs.hexgate.ai/concepts/user-scope.md): Per-request user identity, role resolution, biscuit attenuation.
- [Architecture](https://docs.hexgate.ai/internals/architecture.md)
- [Policy binding spec](https://docs.hexgate.ai/internals/policy-binding-spec.md)
- [Rego wasm](https://docs.hexgate.ai/internals/rego-wasm.md)
- [Introduction](https://docs.hexgate.ai/introduction.md): Authorization infrastructure for AI agents — policy enforcement, signed bundles, per-request user scope, audit trail.
- [Audit log (ClickHouse)](https://docs.hexgate.ai/platform/audit-clickhouse.md): Policy decisions persisted for the audit dashboard.
- [Control plane (FastAPI)](https://docs.hexgate.ai/platform/control-plane.md): REST + WebSocket endpoints, SQLite by default.
- [Dashboard](https://docs.hexgate.ai/platform/dashboard.md): Vite + React + shadcn/ui. Policy editor, Playground, tokens.
- [Platform overview](https://docs.hexgate.ai/platform/overview.md): FastAPI control plane + React dashboard + ClickHouse audit.
- [Constraints](https://docs.hexgate.ai/policy/constraints.md): Rego-compatible expressions evaluated against the call's arguments.
- [Local override (HEXGATE_LOCAL_POLICY)](https://docs.hexgate.ai/policy/local-override.md): Point an agent at a YAML file or bundle dir; hot-reload on save.
- [Signing & verification](https://docs.hexgate.ai/policy/signing.md): Ed25519 keypair, detached signatures, REQUIRE_SIGNATURE matrix.
- [WASM bundles](https://docs.hexgate.ai/policy/wasm-bundles.md): Compile policy.yaml to a portable signed artifact.
- [Policy YAML shape](https://docs.hexgate.ai/policy/yaml-shape.md): version, default_policy, tools, modes, constraints.
- [Quickstart](https://docs.hexgate.ai/quickstart.md): Install hexgate and run the example agent in 60 seconds.
- [SDK reference](https://docs.hexgate.ai/sdk/index.md): Python API for the hexgate package.
- [Which path do I pick?](https://docs.hexgate.ai/two-paths.md): Local-only chat REPL vs. platform-backed serve — choose the right shape.

## Optional

- [PyPI](https://pypi.org/project/hexgate/)
- [Discussions](https://github.com/HexamindOrganisation/hexgate/discussions)