Self-host Passport

Run the whole gateway in your own VPC, with your own keys and your own Postgres. The hosted service never touches your data.

What you need

A Node service containerPassport is one container image. Run it on any Docker host, Railway, Render, or Fly.io.
A Postgres databasePoint the container at your own Postgres with DATABASE_URL. Every workspace is a row, durable and backed up by you.
An encryption keySet PASSPORT_ENCRYPTION_KEY to a long random string and keep it stable; it encrypts brokered OAuth tokens and company keys at rest. Production refuses to boot without it.
The deploy guideDEPLOY.md ships with the image and is the source of truth: env vars, one-click templates for Render, Railway, and Fly.io, and the /healthz check.

Identical to the cloud

The gatewayThe same governed gateway brokers every call as the member; AI clients never hold upstream credentials.
The catalogThe same probe-verified, hash-pinned MCP catalog, plus any endpoint you point at by URL.
The enforcementRead-only passes, per-tool kill switches, guardrails, and the audit trail all run server-side, exactly as they do on the hosted service.

Getting the image

Available on request during early accessThe container image is available on request while we are in early access. Email [email protected] and we'll get you set up.
Email us about self-host Read the security posture