The gateway is the only API surface clients ever talk to. It admits enrollments, signs grants, schedules executions onto roosts, and is the single place audit, rate limiting, and policy live. There is exactly one gateway per Flocks deployment. Multiple gateways coordinate over a shared coordinator (Postgres) — the gateway itself is stateless and scales horizontally.

What it owns

  • Admission — verifies join tokens, signs enrollment receipts.
  • Scheduling — picks a roost for each /v1/execute call.
  • Tool routing — proxies /v1/tool to capability-scoped MCP tools.
  • Audit — appends every dispatch to the hash-chained log.
  • Identity — every gateway has its own Ed25519 keypair; the public key is the cluster’s anchor.

What it does not own

  • Compute. Gateways never run an agent. That’s the roost.
  • Auth opinion. The auth adapter is pluggable: local, mtls, oidc.
See the HTTP API for every endpoint.