Skip to main content
Veto sits between your AI agent and the tools it can call. Every action is checked against policies you define — allow, deny, or escalate — with a full audit trail and sub-10ms latency.

Quick Start

Get your first authorization check running in minutes.

Authentication

Create an API key and authenticate your requests.

Node.js SDK

Install @useveto/node and integrate with your agent.

MCP Integration

Drop-in middleware for Model Context Protocol servers.

Policy Reference

Learn how to write rules that govern agent behavior.

API Reference

Explore every endpoint with request and response examples.

How Veto works

1

Register an agent

Create an agent record that represents your AI system. Each agent has a unique ID used in every authorization check.
2

Define policies

Write policies that specify which tools an agent can call, what parameter values are allowed, and when access is permitted.
3

Check every action

Before your agent executes a tool, call veto.authorize(). Veto evaluates the request against your policies and returns allowed or denied in milliseconds.
4

Review the audit trail

Every authorization decision is logged. Query the audit log to see what your agents tried to do, what was allowed, and what was blocked.
Veto uses a default-deny model. If no policy explicitly allows an action, it is blocked. You always opt in to access — never opt out.