Skip to main content

Where your gateway runs

Custody and execution are inseparable (see why), so the one real deployment decision is: where does your gateway run, and how is its key protected there? It is always the same gateway binary — "local", "remote", and "hosted" are three placements of it, not three different products.

At a glance

PlacementWhere the secret livesWhere the call runsReachable by remote agentsNeeds your machine onlinePlan
LocalSealed vault on your deviceOn your device❌ loopback onlyit is the machineFree and up
Remote (local + tunnel)Still on your deviceStill on your device✅ over a secure tunnel✅ machine must be upPro and up
HostedEncrypted at rest in Cloud KMSIn a Permaura-run worker✅ alwaysPro and up

The trade is a slider, not a right answer: custody is strongest where execution is closest to you, and convenience grows as it moves to the cloud. You place each secret where you're comfortable.

Local

Your gateway runs on your own machine and listens only on 127.0.0.1. The secret sits in a sealed local vault; plaintext exists only inside a single call and is wiped on return. This is free, fully offline-capable after activation, and the strongest custody — at the cost of running on one machine, only when it's on. Agents on the same machine can use it; agents elsewhere (including hosted ones like ChatGPT) cannot, until you add remote access.

Remote (local gateway + secure tunnel)

Turn on remote access and Permaura gives your local gateway a stable public URL (https://g-xxxx.permaura.com) over a secure tunnel. Two things stay true:

  • Your gateway still runs only on your machine; no key or data moves to the cloud.
  • The tunnel is just a pipe. Agents authenticate to Permaura and connect directly to your gateway; the bytes of each call go straight to your machine.

This is the sweet spot for most people: cloud-grade convenience (any agent, anywhere, including ChatGPT) with local secret custody. It needs your machine to be online to answer calls.

Hosted

Permaura runs the gateway for you, always-on, with KMS envelope encryption and per-organisation keys. Most frictionless, fully multi-device, no machine of yours to keep online. The honesty rule still holds: a worker that makes the call had to decrypt the secret, so this is not zero-knowledge — the stronger-guarantee options are local or your own tunnelled gateway.

Rolling out

Hosted execution is included from Pro upward. When you open the console's gateway setup, the hosted option shows whether it's ready for your account or still being switched on for your region — pick a local or tunnelled gateway in the meantime.

Bring your own vault

Where a secret is stored at rest is a separate axis from where the gateway runs, so they compose. Permaura exposes a secret-backend seam — "resolve this secret, hand its plaintext to this closure, guarantee it's wiped" — so you can keep secrets in tooling you already run:

  • Local vault (built-in default) · Cloud KMS envelope (hosted)
  • External managers — Infisical, HashiCorp Vault, Doppler, 1Password, AWS/GCP/Azure Secrets Manager (Team and up)
  • Dynamic secrets — the upstream issues a short-lived credential per call, least-privilege and auto-expiring

The line stays honest: Permaura fetches your secret for the one approved call and wipes it; it never stores your secret at rest unless you ask it to.

This maps to plans

The custody slider and the pricing line are the same line. Local is free and can't meaningfully be gated — it runs entirely on your machine. The paid line is reach: a public URL for your gateway, multi-device, cloud audit sync, and hosted always-on execution, because that's Permaura's infrastructure to run.

See Plans & billing for exactly what each tier unlocks and current prices.