One key. Every model.
Total control.
AIRCTRL is one API key for every AI provider. Route each teammate and agent to the right model, share secrets safely, and cap spend live, all governed from Claude Code over MCP.
One tower.Total control.
Every agent, key, model, and secret, routed and cleared from a single tower. This is what total control over your AI looks like.
every part of the tower · and what it controls
From scattered keys to one cleared flow
Before AIRCTRL: a key per person, per provider, and secrets in a dozen .env files. After: one key, routed, scoped, and governed through the tower. Scroll to watch the lanes converge.
One key in.
Every model out.
Stop minting a key per teammate and per provider. AIRCTRL takes a single key and clears it to the right model, by person, task, or agent, with live caps and instant failover.
Everything your AI touches,
under one tower
AIRCTRL sits between your agents and every provider, a single governed control surface for keys, models, secrets, and spend.
Your agents hold the controls
Connect AIRCTRL to Claude Code over MCP. Agents read keys, switch models, and ship, without ever seeing a raw secret.
One key, every model, by policy
Route each person, task, or agent to the right model with per-key limits and live spend caps. Swap providers without touching code.
Secrets that travel with the task
Share environment variables and credentials across projects, tasks, and teammates. All encrypted, scoped, and revocable in one click.
Govern every aspect of your AI
Clear who can use which models, how much, and when. Every call is audited and attributed from a single tower.
From zero to cleared in under a minute
AIRCTRL runs where your agents already work, right in your terminal.
Install the CLI
One binary for your shell, your CI, and your agents. No SDK lock-in.
Connect over MCP
Register the MCP server and Claude Code discovers the tower and every tool it exposes.
One key, every model
Route every teammate and agent to the right model with per-key policies, scopes, and live spend caps.
Secrets that travel
with the task
Share environment variables and credentials across projects, tasks, and teammates, without pasting keys into a dozen .env files.
Injected at request time
Agents call a model; AIRCTRL attaches the key at the edge. Raw values never reach the agent, the repo, or your logs.
Scoped to the task
Bind a secret to a project, a task, or a single agent run. Scopes inherit downward and never leak back up.
Rotated or revoked once
Roll a key in one place and every project, teammate, and agent picks it up instantly. No .env edits.
Every secret,
cleared for departure
Secrets sit in the vault and board each agent at the gate, scoped to the task, carried for a single run, and stripped from the logs the moment it lands.
Claude Code runs your
secrets desk
Connect the MCP server once and your agent can list, scope, rotate, and inject secrets in plain language, without a raw value ever touching the model.
MCP-native
Secrets surface as MCP tools and resources any agent or client can call.
One source of truth
API keys, env vars, database URLs, and OAuth tokens. Every secret in one vault.
Never revealed
Agents act on secrets by reference; raw values are injected only at the edge.
Audited & rotatable
Rotate or revoke once, and trace which agent used which secret, when.
One server.
Every secret tool.
Register the airctrl MCP server once. Any MCP client, whether Claude Code, Cursor, Windsurf, or your own agents, discovers the full secrets toolset and resource tree, always governed by scope.
{
"mcpServers": {
"airctrl": {
"command": "airctrl",
"args": ["mcp", "serve"],
"env": { "AIRCTRL_WORKSPACE": "team-eng" }
}
}
}secrets.list(scope?)List secret names in the caller's scope. Values stay sealed.secrets.read(name)Resolve a secret by reference; injected at the edge, never returned raw.secrets.set(name, value, scope)Create or update a secret and bind it to a scope.secrets.rotate(name)Roll a key everywhere it is used, in a single call.secrets.scope(name, scope)Re-scope a secret to a team, project, task, or agent run.env.sync(target)Materialize a scoped env into a CI job or agent run.env.pull(scope)Pull a scoped env bundle for local dev, masked by policy.audit.query(secret?, since?)Trace which agent used which secret, and when.One key instead
of a hundred
Assign models, set per-key spend caps, and watch usage live for every teammate and every agent. Change a policy once and it lands everywhere.
// no more rotating keys per person, per provider, per project
Ship on the vibes.
Keep your keys.
Building on Replit, Lovable, Bolt, v0, Cursor, or our own Theo Vibes? Use one AIRCTRL key in place of raw API keys. Every model just works, your keys stay hidden from your app and its users, and you'll never get a surprise bill.
Your keys never touch your app
You add your real keys to AIRCTRL once. It plugs them in only when a request goes out, so your real key never sits in your app, your code, or a user's browser where it can be copied.
One key for every model
Use GPT today and Claude tomorrow just by asking. One AIRCTRL key reaches them all. No new accounts, no rewiring, no redeploy.
No surprise bills
Set a limit on each key. If a bug loops or a key leaks, AIRCTRL stops the spend at your limit instead of after a huge bill lands.
Kill a leaked key in one click
Leaked a key? Click once to replace it. Every project updates on its own, so you never open a .env file or redeploy.
- 01
Grab your one key
Sign up and copy your AIRCTRL key. It's the last provider key you'll paste anywhere.
- 02
Drop it into your tool
Wherever Replit, Lovable, Bolt, or Cursor asks for an OpenAI or Anthropic key, use your AIRCTRL key and endpoint instead.
- 03
Build like normal
Keep prompting. AIRCTRL fills in the real key for you, sends it to the model you asked for, and keeps you under your spend limit.
Lovable asks for your OpenAI key.
→Paste your AIRCTRL key instead. The app works exactly the same. The real key stays with us, never in your app.
You want to try Claude instead of GPT.
→Just ask for Claude in your prompt. Same key, no new account, nothing to rewire.
Your app takes off overnight.
→Your spend cap already stopped it at your limit, so there's no surprise $4,000 bill waiting in the morning.
You pushed a key to a public repo.
→Click rotate once. The old key stops working everywhere, and you never have to open your code.
Built for teams that
can't go dark
Enterprise-grade performance, security, and compliance, without slowing your developers down.
Integrates with your stack
A drop-in OpenAI-compatible endpoint, an MCP server, and native SDKs. Keep the tools your team already uses.
Compliant by default
SSO/SAML, full audit trails, encryption at rest and in transit, and SOC 2-ready controls out of the box.
Deployed & supported
Run it self-hosted or in our cloud. Onboarding, migration, and 24/7 support handled with you.
One fare for the
whole fleet
A simple seat price plus a small percentage of token usage. No hidden fees, no minimums. You only pay more when your agents fly more.
Everything you need to put one workspace in the air.
- 1 workspace
- 1 user · 1 company
- One key for every model
- MCP server + Claude Code
- Shared secrets vault
A seat for every teammate and room to scale the fleet.
- Multiple workspaces
- Up to 5 users per workspace
- Dynamic routing + live spend caps
- Scoped secrets & rotation
- Usage analytics & audit trail
A custom rate, controls, and support for orgs that can’t go dark.
- Unlimited workspaces & users
- SSO / SAML + RBAC
- Self-host or dedicated cloud
- Audit export & DLP
- 24/7 support & onboarding
boarding example · on Pro, $30 per user / mo + 2.5% of token spend. $100 of tokens = $2.50.
One key. Every model. Zero rewrites.
One key, dynamic routing, shared secrets, and total control. Free to start, usage-based as you scale.
free to start · usage-based · one key for the whole team