Skip to main content
SupaProxy is an AI operations platform. It lets teams connect their data sources, curate knowledge, set compliance rules, and deploy governed AI, without each team building their own.

The problem

When teams adopt AI independently, organisations face real risk:
  • Compliance nightmare: each team chooses its own AI provider, stores credentials differently, and handles sensitive data with no shared standard. One team redacts PII, another does not. There is no audit trail across the organisation.
  • Security exposure: API keys in environment files, unvetted third-party tools, no ability to block a compromised connection across all teams at once.
  • Audit cost: when security asks “which teams are using AI, what data can it access, and who approved it?”, nobody has a single answer.
  • No cost visibility: AI spend is scattered across team budgets with no central view.
  • Duplicated effort: every team rebuilds authentication, logging, bot infrastructure, and guardrails from scratch.

What SupaProxy does

SupaProxy gives the organisation a single platform to govern AI operations. Teams focus on their connections, the domain-specific data sources they are experts in. SupaProxy handles everything else.
ConcernTeam ownsSupaProxy owns
Data accessMCP server or API endpointsConnection registry, tool discovery, agent loop
KnowledgeContent (docs, pages)Ingestion, indexing, retrieval
SecurityNothingAuth, role-based access, credential storage, connection blocking
ComplianceNothingPII filtering, cost caps, rate limits, org-wide baseline
ObservabilityNothingFull audit trail per query: who asked, what tools were called, what it cost
DeliveryNothingOne bot shared across all workspaces, API access, multi-channel

Key concepts

Organisation

The top-level entity. Owns all workspaces, users, integrations, and the compliance baseline.

Workspace

An isolated environment for one team. Contains connections, knowledge, guardrails, and consumers.

Connection

A data source the AI can call. MCP servers are the primary type. REST APIs, databases, and webhooks are also supported.

Consumer

An entry point where users interact with the AI. A Slack channel, an API key, or a WhatsApp number.

Knowledge

Documents, pages, or text the AI can search for context. Indexed and scoped per workspace.

Compliance

Platform-enforced guardrails. PII filtering, write confirmation, cost caps, rate limits.

How the agent works

Under the hood, SupaProxy runs a tool-use loop:
  1. Connect to the workspace’s data sources and discover available tools
  2. Send the user’s query and the available tools to the language model
  3. The model decides which tools to call and returns structured requests
  4. SupaProxy executes each tool call against the correct connection and feeds results back
  5. Repeat until the model returns a final answer
Every query is logged with full telemetry: who asked, what tools were called, what connections were hit, token usage, cost, and duration.