Aperture

Bring AI usage into focus

Tailscale Aperture provides a unified AI governance solution that covers both AI agents & users without the need to manage & distribute API keys.

Contact Sales

Screenshots showing the Aperture personal view dashboard page and logs page.

See the full picture

Analyze AI agent and user usage by examining full LLM session histories, including both local and MCP tool calls. Detect anomalies, spot emerging patterns, and optimize your usage.

Leaderboard showing LLM token usage across the organization.

A snapshot of key features

Reduce exposure and lower risk without sacrificing productivity.

Connect hosted & self-hosted models

Support for OpenAI, Anthropic, Google, and self-hosted OSS models.

Support major agents & frameworks

Use Claude Code, Codex, Gemini CLI, and agent frameworks that support a custom base URL.

Extract MCP & local tool calls

See & stop tool calls before users or agents make them with fine-grained control.

Power users & agents anywhere

Securely connect anything without worrying about networking.

Keep API keys safe

Keep API keys safe on the gateway and out of sandboxed containers or user machines.

Provide detailed session logs

Review sessions at any time from both users and agents for easy compliance and auditability.

Frequently Asked Questions

With Aperture you only need a single API key per provider to put on the gateway. The gateway uses Tailscale identities to identify connecting users and agents which means it’s no longer necessary to distribute keys to each individual user.

Aperture works with any coding agent that allows the end user to replace the base URL of the API endpoint. It supports Claude Code, Codex, Gemini CLI, Roo Code, Cline, and others.

During the current Alpha and Beta period we don’t have published pricing. Contact sales to learn more.

We have plans to expand availability in the near future but no public timeline yet.

During the Alpha and Beta periods we’ll be working one on one with customers to support their deployments. We’re currently experimenting with multiple deployment options. Contact sales to learn more.

Yes, Aperture currently supports S3 export.

In short, yes. Aperture relies on Tailscale identity to eliminate API keys. However, we can work in many different environments with specific requirements. Contact sales to learn more.

Yes, as long as it’s possible to run Tailscale. Aperture, and Tailscale, work in common containerized environments like GitHub Actions without needing to expose either the Agent or the Gateway to the public internet.

Right now Aperture can extract MCP tool calls (and local tool calls) from popular agents. We’ll be adding more fine-grained MCP control soon.

Yes, it’s possible to proxy self-hosted LLMs with Aperture without exposing the endpoints to the public internet.