ctxlayer

Built on Cloudflare · Speaks MCP

One context layer for
every agent in your org.

ctxlayer is an MCP service that gives every AI agent the same curated context and routes them to your tools through one governed gateway — so engineers and business users share the same context, seamlessly. Curated context docs with friendly collaborative editing and RAG search, an OAuth-fronted upstream MCP proxy, and per-user token consumption and usage analytics — running on Cloudflare's resilient, globally distributed Workers infrastructure.

See how it works Read the quickstart
Cloudflare WorkersModel Context ProtocolTypeScriptReactMIT licensed
ctxlayer admin — curate and gate upstream MCP servers

Agents are only as good as the context they share

Today everyone — engineers and business teams alike — wires up their own private MCP connections. Nobody shares skill or tool configuration. Context fragments, credentials sprawl, and no one can see what the agents are doing. ctxlayer turns the context layer into one shared, governed surface — a single deployment for the whole org.

One context for everyone

Engineers and business users edit one curated library; every agent reads from it. People and robots, one source of truth.

Central governance

Upstream tools stay invisible until an admin grants a team or product access. Connect once; reach everything you're allowed to.

Full visibility

Per-user, per-tool usage — calls and token consumption — and an audit log of every privileged change.

What's inside

A complete context layer, not a toolkit

✍️

User-friendly context editing

A Notion-style editor for collaborative Markdown — real-time multiplayer editing, revision history, and snapshots. Non-technical teammates keep context current without touching a repo or a PR.

🔎

Curated docs with search

An org-wide library of curated context docs, exposed to every agent with semantic search so they find the right material on their own. Mirror docs straight from GitHub repos on a schedule.

🔌

Governed upstream MCP proxy

Put Figma, Notion, Linear, internal APIs — any upstream MCP — behind one OAuth endpoint. Per-user credentials are stored once and sealed. HTTP/SSE natively; stdio via bring-your-own-bridge.

📒

Curated skills

Publish procedural playbooks agents load on demand, attached per-upstream or per-tool. Encode the conventions the raw tool schema can't show.

📊

Usage & token analytics

Per-user and per-upstream dashboards — calls and token consumption, daily rollups, and a top-tools breakdown.

🛡️

Admin & audit

Manage upstreams, users, OAuth clients, and team/product visibility. Every role change, credential revocation, and doc lock lands in the audit log.

Automatic context enrichment

The right playbook, injected the moment a tool is called

ctxlayer doesn't just expose tools — it enriches them. As an agent is about to call an upstream tool, ctxlayer weaves pointers to your org's curated skills and docs straight into the tool's description. The agent pulls the relevant convention on its own, before it acts — no prompt engineering, no copy-paste, no stale instructions.

  • Attach skills & docs per upstream or per individual tool.
  • Conventions — labels, statuses, formatting rules — surface exactly at call time.
  • First-party guidance, kept cleanly separate from untrusted upstream text.
tool description the agent receives
[Linear] Create a new issue in a team.

[ctxlayer] Org convention applies — consult
  skill `linear-triage`   (get_skill),
  doc   `linear-practices` (get_doc)
before using this tool.

How it works

Built on Cloudflare's resilient edge

ctxlayer runs on Cloudflare Workers — globally distributed, auto-scaling, and DDoS-hardened by default. The MCP server, OAuth gateway, real-time collaboration, and onboarding app all serve from the edge, close to every user. No servers to patch, no capacity to plan.

1

Sign in

Users authenticate with GitHub or Google, gated by an org or domain allowlist. One deployment serves one org.

2

Connect upstreams

Each user connects the services they're entitled to — by OAuth or a personal token — and ctxlayer seals the credentials at rest.

3

Point your agent

Wire Claude, Cursor, or any MCP client at one URL. It gets the curated docs plus every upstream tool the user can use, namespaced and ready.

4

Govern & measure

Admins grant visibility per team or product and watch usage roll up in real time. Context spreads; execution stays gated.

Read the architecture deep dive — how context is injected into tool calling →

See it running

Self-service onboarding — connect upstreams via OAuth or a personal token
Self-service onboarding — connect upstreams via OAuth or token, sealed at rest.
Per-upstream configuration — transport, auth strategy, resilience caps, visibility
Per-upstream config — transport, auth strategy, resilience caps, and team/product visibility.
Curated skills — procedural playbooks agents load on demand
Curated skills — procedural playbooks agents load on demand.
Usage dashboard — calls, tokens, and top tools per user and upstream
Usage analytics — calls, tokens, and top tools per user and upstream.

For developers

Stable MCP contract. No lock-in.

Build against the supported MCP surface — /mcp and /sse — plus the OAuth provider. ctxlayer is open source under MIT and runs entirely on your own Cloudflare account.

  • Runs on Cloudflare's resilient, globally distributed Workers infrastructure — MCP server, OAuth gateway, and collaborative editing, all at the edge.
  • JSON-Schema → Zod schema preservation across the proxy boundary.
  • A ctxlayer CLI to sign in, pull org skills into your editor, and draft new ones with your local Claude Code.
  • Battle-tested with popular AI agents and MCP services.
connect your MCP client
{
  "mcpServers": {
    "ctxlayer": {
      "url": "https://ctxlayer.acme.com/mcp"
    }
  }
}
deploy to your Cloudflare account
# provision D1, KV, R2, Vectorize, queues
bun run bootstrap
bun run migrate:remote
# set IdP creds + secrets, then ship it
bun run deploy

Security posture

Credentials sealed. Access gated. Everything logged.

Sealed at rest

Every stored upstream credential and shared token is encrypted with AES-GCM. Token-exchange bodies are never logged.

Open-read, gated-execution

Docs are readable org-wide so context spreads; upstream tools are invisible until an admin grants team or product visibility.

Hardened proxy boundary

Upstream URLs are validated and forced to public HTTPS; proxied errors return generic codes so upstream secrets never leak to the agent.

Allowlisted identity

GitHub or Google sign-in gated by org membership or hosted domain, with CSRF-guarded mutations and HMAC-signed sessions.

Get started

Two ways to run it. No wrong answer.

Own every byte on your own edge, or hand us the keys and just point your agents.

Open source · MIT

Run it yourself

Free, forever

Clone it, ship it, own it. One Cloudflare account, one command, zero per-seat fees. Your data never leaves your edge.

  • Deploy to your own Cloudflare account
  • Full source, no black boxes
  • Bring your own domain & identity
Deploy from GitHub →
Hands off

Fully managed

We'll run it for you

€125/mo platform or €1,250/yr — 2 months free + €0.10 / 1M output tokens

Skip the setup. We host it on Cloudflare under your own URL — hardened, upgraded, and monitored. You just connect your agents.

  • Hosted on Cloudflare, served under your domain
  • Updates, scaling & uptime monitoring handled
  • Onboarding & upstream setup support
Contact us →