Deploy Clampd on your infra

One Docker Compose command. All services + dashboard + infrastructure. Self-hosted. Your data never leaves your network.

Quick Start

Get Started in 3 Steps

Sign up, install the SDK, guard your agent's tool calls.

1

Sign up and get your API key

Create a free account on the dashboard. Register your agent and get your API key and agent secret immediately.

Sign Up Free

No credit card. No sales call. Free tier available.

2

Install the SDK

bash
# Python pip install clampd # TypeScript / Node.js npm install @clampd/sdk
3

Guard your agent

python
import clampd from openai import OpenAI # Initialize with your credentials from the dashboard clampd.init( agent_id="your-agent-id", gateway_url="https://gateway.clampd.dev", api_key="ag_your_api_key", secret="ags_your_secret", ) # Wrap your OpenAI client - all tool calls now go through Clampd client = clampd.openai(OpenAI()) # Works with Anthropic, LangChain, Google ADK too # client = clampd.anthropic(Anthropic())

Agent credentials are created in the Dashboard. Configure scopes, policies, and boundaries there.

Deployment

Deployment Options

Available now: Hosted platform at app.clampd.dev - sign up, register agents, install the SDK, and start guarding tool calls immediately. No infrastructure to manage.

OptionStatusDescription
Hosted PlatformAvailable nowDashboard + gateway hosted by Clampd. Sign up and start in minutes. Design Partner: 25 agents, 500K req/mo.
Docker ComposeComing soonSelf-hosted deployment with hardened Docker images. Full stack: 10 Rust services + Postgres + Redis + NATS. Ships next week.
Helm / KubernetesComing soonProduction-grade Kubernetes deployment with Ingress, TLS, external database support, and cert-manager integration.

Self-Hosted (Docker Compose + Helm)

We're finalizing the self-hosted deployment packages. Docker Compose and Helm charts will be available for licensed users to run the full stack on their own infrastructure - zero data egress, fully air-gapped capable.

Want early access to self-hosted? support@clampd.dev

Licensing

How Licensing Works

Every Clampd service validates your license key on startup. No phone-home required - your key never leaves your network.

Free tier available. Sign up at app.clampd.dev to get started immediately. License keys for self-hosted deployment will be available when Docker images ship.

Design Partner License

LimitValue
DurationNo time limit
AgentsUp to 25
Requests500,000 / month
API keysUp to 5
IncludesAll features: 9-stage pipeline, 75 rules, anomaly detection, kill switch, PII masking, compliance reports, CLI, SDKs, dashboard, A2A, scope tokens, SSO
SupportEmail (support@clampd.dev)

Enterprise License

LimitValue
DurationAnnual (renewable), 30-day grace period
AgentsLicense-configured
RequestsLicense-configured
Retention90+ days
IncludesEverything in Design Partner + RBAC + SSO + multi-tenant isolation
SupportEmail (support@clampd.dev)

Security

License validation is fully offline - your key never leaves your network. No SaaS dependency, no phone-home. If a license check fails, the service refuses to start. No dev mode. No bypass flags.

Configuration

Environment Variables

All services read configuration from environment variables. Set them in your .env file or pass directly.

Required (.env)

.env
# License (required - from https://clampd.dev/setup) CLAMPD_LICENSE_KEY=your_license_key_here # Security - all required. Generate with: openssl rand -hex 32 JWT_SECRET=$(openssl rand -hex 32) AG_INTERNAL_SECRET=$(openssl rand -hex 64) NATS_TOKEN=$(openssl rand -hex 32) # Database & cache POSTGRES_PASSWORD=$(openssl rand -hex 16) REDIS_PASSWORD=$(openssl rand -hex 16)

Full configuration reference is included in the deployment package.

Activation

License Activation

One-time activation required. Clampd binds your license to your installation on first startup. After activation, all services run fully offline - no network calls to clampd.dev.

Outbound connection: https://license.clampd.dev/v1/activate (HTTPS, port 443, one-time only)

Online Activation

bash
# Get your license key from license.clampd.dev clampd license activate --license "your_license_jwt" # Verify clampd license status

Air-Gapped Activation

For environments that cannot make outbound connections:

  1. Run clampd license fingerprint on the target machine
  2. Copy the output to the license portal at license.clampd.dev (or email to support@clampd.dev)
  3. Download the activation token
  4. Transfer the token file to the target machine
  5. Run clampd license activate-offline --activation-token "$(cat activation_token.json)" --license "$CLAMPD_LICENSE_KEY"
bash
Machine Fingerprint: Hash: a1b2c3d4e5f6... Installation ID: a1b2c3d4-e5f6-... Hostname: prod-host-01 Copy this to the license portal for air-gapped activation.

Migration

To move your license to a new machine:

bash
# On the old machine clampd license deactivate # On the new machine clampd license activate --license "your_license_jwt"
CLI

CLI Tool

The clampd CLI connects to your cluster for agent management, policy control, kill switch, compliance reports, and real-time monitoring. Multi-context support - switch between local, staging, and production like kubectl.

Download (v0.8.0)

PlatformArchitectureBinarySize
Linuxx86_64 (glibc)clampd-v0.8.0-linux-amd645.9 MB
Linuxx86_64 (static/musl)clampd-v0.8.0-linux-amd64-static6.0 MB
LinuxARM64 (glibc)clampd-v0.8.0-linux-arm645.0 MB
LinuxARM64 (static/musl)clampd-v0.8.0-linux-arm64-static4.9 MB
Windowsx86_64clampd-v0.8.0-windows-amd64.exe5.5 MB
macOSIntel + Apple SiliconComing soon - build from source or use the dashboard

SHA256 checksums · Static binaries work on Alpine/scratch containers (no glibc needed).

Quick Install

bash
# Linux x86_64 curl -fsSL https://github.com/clampd/clampd/raw/main/bin/clampd-v0.8.0-linux-amd64 -o clampd chmod +x clampd sudo mv clampd /usr/local/bin/ # Verify clampd --version

Setup

bash
# Activate with your license (from app.clampd.dev signup) clampd activate --license "your_license_jwt" # Or configure manually clampd context set local --field dashboard_url --value https://api.clampd.dev clampd context set local --field gateway_url --value https://gateway.clampd.dev # Verify connection clampd cluster status

Commands

CommandDescription
agent list|get|register|suspend|killAgent lifecycle management
agent link|graph|lock-graphA2A delegation control
policy list|create|rulesPolicy and rule management (Cedar + Sigma import)
keyword list|add|import-csvCustom keyword dictionary
kill agent|all|listEmergency kill switch
compliance run --framework soc2SOC2/HIPAA/GDPR compliance reports
audit list|exportAudit trail queries and export
test --verboseRed team test suite (24 attack vectors)
context add|use|listMulti-cluster context switching
apikey create|revokeAPI key management
Need Help?

Support

Support: support@clampd.dev
Sales: sales@clampd.dev