Toolport for Teams

Your team's AI tools, shared with one click.

Set up a tool once and your whole team has it, no more everyone wiring up the same servers. Make your agents ask before they touch anything destructive, see every call they make, and keep each member's keys on their own machine. The same lazy discovery that tightens the belt on your AI spend, now across every developer and agent.

One shared server set

Define your team's MCP servers once. Every member's Toolport syncs the same set, non-destructively, right alongside their own.

Keys never leave the machine

Only the server set syncs, never a secret. Each member authenticates locally and keys stay in their OS keychain. No central credential vault to breach.

Central governance

Push a destructive-tool policy from the server. Policy can tighten safety across the fleet, and a member can never loosen it. Local and private team servers are refused outright (no RCE, no SSRF).

Exportable audit trail

Every member's tool calls, usage, and error rates, summarized and exportable as CSV for review and compliance.

Up to 91% fewer tokens, at scale

The same lazy-discovery token cut, multiplied across every agent and developer on your team. Context stays flat as you add servers.

Hosted or self-hosted

Start on our cloud in a minute, no infrastructure to run. Or self-host on your own network for full data sovereignty when compliance demands it. Same product, your call.

Two ways to run it

Hosted when you want easy. Self-hosted when you need control.

Hosted: sign up at teams.toolport.app and you're running in a minute, no infrastructure, it just works. Self-hosted: run the same product on your own network for compliance, privacy, and data sovereignty. Either way, keys stay on each member's machine, free for up to 5 people, and you can cancel anytime.

Free

$0

For teams of up to 5. Hosted by us, or self-host.

  • Up to 5 people (you + 4)
  • One shared MCP server set
  • Central destructive-tool policy
  • Exportable audit trail
  • Hosted by us, or self-host on your own network
Start free
For growing teams

Team

$12/ seat / month

Or $10/seat billed annually (save ~17%). Enter your total team size at checkout, the first 5 seats are free.

  • Everything in Free
  • Pay only for seats beyond the free 5
  • Add or remove seats anytime
  • License delivered instantly by email
  • Web dashboard: members, usage, policy
Buy monthly · $12/seat Buy annual · $10/seat (save ~17%)

At checkout the quantity is your total team size. The first 5 seats are $0 and each seat after that is $12/mo (or $10/mo billed annually, about two months free), so a team of 6 is $12/mo, a team of 10 is $60/mo. Your license key is emailed instantly; set it on your server (or paste it in the dashboard) and you're done.

Self-host in ~15 minutes

Keep it all inside your own network.

For teams that need data sovereignty, the Teams server runs entirely on your infrastructure. Nothing leaves your network, keys and secrets never touch our servers, and you own the audit trail end to end. Air-gap friendly. Docker pulls the prebuilt image, no source build. You need a server you control, a domain pointed at it (ports 80 + 443 open), and a free GitHub OAuth app for sign-in.

  1. Create a sign-in app (2 min). The dashboard signs your team in with GitHub. At github.com/settings/developersNew OAuth App, set Homepage URL to https://conduit.yourco.com (your domain) and Authorization callback URL to https://conduit.yourco.com/auth/github/callback. Copy the Client ID and generate a Client secret.
  2. Pull and run. Save the compose below on your box, set these as a .env beside it, then docker compose up -d (Caddy fetches HTTPS automatically): TEAMS_DOMAIN and CONDUIT_TEAMS_BASE_URL (your https domain), CONDUIT_TEAMS_BOOTSTRAP (openssl rand -hex 16), GITHUB_CLIENT_ID / GITHUB_CLIENT_SECRET from step 1, and leave CONDUIT_TEAMS_LICENSE unset for the free 5-seat tier.
    # docker-compose.yml
    services:
      conduit-teams:
        image: ghcr.io/tsouth89/conduit-teams:latest
        restart: unless-stopped
        environment:
          CONDUIT_TEAMS_BIND: 0.0.0.0:8787
          CONDUIT_TEAMS_DB: /data/conduit-teams.db
          CONDUIT_TEAMS_BASE_URL: ${CONDUIT_TEAMS_BASE_URL}   # https://conduit.yourco.com
          CONDUIT_TEAMS_BOOTSTRAP: ${CONDUIT_TEAMS_BOOTSTRAP}  # openssl rand -hex 16
          GITHUB_CLIENT_ID: ${GITHUB_CLIENT_ID}
          GITHUB_CLIENT_SECRET: ${GITHUB_CLIENT_SECRET}
          CONDUIT_TEAMS_LICENSE: ${CONDUIT_TEAMS_LICENSE}      # omit for the free 5-seat tier
        volumes: ["teams-data:/data"]
        expose: ["8787"]
      caddy:
        image: caddy:2
        restart: unless-stopped
        depends_on: [conduit-teams]
        ports: ["80:80", "443:443"]
        command: caddy reverse-proxy --from ${TEAMS_DOMAIN} --to conduit-teams:8787
        volumes: ["caddy-data:/data", "caddy-config:/config"]
    volumes:
      teams-data:
      caddy-data:
      caddy-config:
  3. Open your domain and set up. Visit https://conduit.yourco.com, click Sign in with GitHub, then Create teamAdd serverInvite, all in the browser.
  4. Your team joins. Each teammate installs the free Toolport app, opens Teams, and pastes your server URL + their invite code. The shared servers appear; their keys stay on their machine.

Cert won't issue? It's almost always DNS not propagated yet or port 80 firewalled. Bought a license? Paste it as CONDUIT_TEAMS_LICENSE and restart, the first 5 seats stay free, so you only pay for seats beyond 5.

Bigger rollout, or need SSO?

For larger teams, on-prem help, SSO/RBAC, or a managed deployment, tell us about your setup and we'll reach out. Your keys stay yours, Toolport for Teams syncs the server set, never a secret.