APIs and AI agents. One gateway. One place to control and comply.

Frequently asked questions

What is Zerq?

Zerq is an enterprise API gateway - one platform to manage API access, control who uses your APIs, and let AI agents use them safely. It includes a visual workflow builder, developer portal, role-based access, audit trail, and AI agent access, all in one platform that runs in your own environment.

What does "one gateway for apps and AI" mean?

Apps, partners, and AI tools all connect through the same Zerq gateway - using the same credentials, access controls, rate limits, and audit trail. There is no separate gateway or authentication path for AI agents. Every request, whether from a mobile app, a partner integration, or an AI assistant, goes through one enforcement point.

Does Zerq run on-premises or air-gapped?

Yes. Zerq runs fully in your environment - on-premises, hybrid, or your cloud. The full stack (gateway, management UI, developer portal, data store) runs in your infrastructure with no outbound runtime dependency. Air-gapped and fully offline deployments are supported.

Which regulated industries does Zerq support?

Zerq is built for banking and open banking (PSD2, FAPI), fintech and payments, healthcare (FHIR, HIPAA, SMART on FHIR), government and public sector, defence, and retail. Each industry has dedicated use case documentation covering compliance requirements, authentication protocols, and deployment constraints.

What is the visual workflow builder?

The workflow builder lets your team define routing logic, request and response transformation, conditional branching, and error handling through a visual interface - without writing or deploying custom code. You can call multiple backends in sequence, merge responses, inject headers, redact fields, and add a code node for complex logic when needed. Changes are versioned and audited.

How does Zerq handle partner self-service?

Zerq includes a developer portal where partners sign in with a magic link (no password required), discover the API products they are allowed to use, try endpoints in the browser, and download standard API specs. Each partner sees only their assigned products - not your full API catalog. You set their rate limits and quotas once; the gateway enforces them automatically.

What authentication methods does Zerq support?

Zerq supports JWT tokens, OAuth 2.0 / OIDC, API keys, and client certificate authentication (mTLS). For admin access, it integrates with your existing identity provider via SSO. Secrets can be referenced from your secrets manager (e.g. HashiCorp Vault) so sensitive credentials stay out of configuration files.

How does Zerq support AI agents specifically?

AI agents and tools connect via the Model Context Protocol (MCP). They discover your API collections and endpoints, then execute requests - all through the same gateway, with the same credentials and audit trail as your apps. Zerq also exposes a Management MCP so platform teams and AI assistants can manage the API catalog and workflows using the same OIDC session and role-based access as the admin UI.

What is Zerq Copilot?

Zerq Copilot is a natural language interface built into the platform with two modes. Copilot for Management lets operations teams configure collections, proxies, workflows, policies, and credentials through conversational prompts - backed by Management MCP. Copilot for Gateway lets API consumers in the developer portal explore and test APIs through conversation. Both use your own LLM provider (OpenAI, Anthropic, Google, Azure, Bedrock, Ollama, or any OpenAI-compatible endpoint) - configured server-side, keys never sent to the browser.

How is Zerq different from Kong, Apigee, or MuleSoft?

Kong requires plugins for compliance features and has no native AI agent access. Apigee requires Google Cloud for the control plane - true on-premises and air-gapped deployments are not available. MuleSoft is owned by Salesforce, uses consumption-based licensing, requires a specialist developer skillset, and has no AI agent access. Zerq includes everything - workflow builder, developer portal, audit trail, and AI agent access - in one platform, running entirely in your environment, with no cloud vendor dependency and predictable all-inclusive enterprise licensing.

How is Zerq deployed technically?

Zerq's gateway core is a single Go binary. The management UI and developer portal are Next.js / React applications. Configuration and audit data are stored in MongoDB (your instance or managed). Optional Redis for caching. Docker Compose for development; Kubernetes for production with multi-replica scaling and zero-downtime rolling updates.

What does Zerq include in enterprise licensing?

All enterprise plans include the gateway core, visual workflow builder, developer portal, role-based access control, SSO and enterprise authentication, observability (Prometheus metrics, structured logging, real-time dashboards), AI agent access via Gateway MCP, platform automation via Management MCP, and Zerq Copilot. There are no module add-ons, consumption tiers, or per-call charges. Pricing is contact-based - reach out for a quote based on your deployment.