WaverNo raw provider keys in prompts, terminals, or agent memory

Agents ask. Waver decides. Providers only see governed requests.

Founders keep rebuilding custom OAuth and then handing broad provider tokens to agents. Waver replaces that pattern with one boundary: broker OAuth once, vault the real credential, mint short-lived phantom tokens, enforce policy, then proxy the provider call without exposing the underlying secret.

See governed requestA request crosses the boundary, gets scoped, gets approved, gets executed, and gets recorded. That is the product.
Interactive explainerconnect / scope / approve / record
Integrations
GHGitHub
SLSlack
GWGoogle Workspace
Waver wave mark
Waver Broker

Every agent action is brokered, scoped, and proxied here before it can touch the real provider.

Agents
CCClaude Code
CXCodex
CUCursor
Scopedrepo scoped grantgithub.pull_request.create
Approvalhuman review before message sendslack.message.post
Integrations
GitHubGoogle WorkspaceSlackVercel (legacy)Supabase (legacy)
What Waver does

It stands between your agents and the real provider credentials they should never hold.

The old workflow is simple and dangerous: paste a broad provider token into the tool chain and hope the agent behaves. Waver replaces that with a controlled request path you can scope, approve, and verify later.

01

Connect the provider once. Keep the real credential out of the agent forever.

Waver handles the OAuth handoff, stores the live provider credential inside the vault, and stops your team from scattering raw tokens across prompts, scripts, terminals, and agent memory.

02

Issue a durable agent identity, then exchange into short-lived phantom access.

Bootstrap once, mint short-lived phantom tokens at execution time, and bind every request to an explicit identity, grant, approval path, and audit record.

03

Let reads move. Stop writes at the boundary until a human signs off.

Slack posts, GitHub PRs, Gmail drafts, calendar writes, and other risky operations pause inside Waver until an operator approves the exact action.

04

Execute through the proxy and leave behind a decision trail you can prove later.

Waver makes the provider call itself, records the scope check, approval decision, and result, then seals the action into the audit chain.

Works with the tools agents keep asking to touch

Trust starts when the agent never sees the raw credential in the first place.

Waver is built for the tools agents immediately ask to touch. The first public broker story centers on GitHub, Slack, and Google Workspace, with every provider call staying inside the proxy boundary.

GitHub is the live loop today. Slack and Google Workspace are the next broker-first set. Older Vercel and Supabase paths stay visually demoted until they deserve equal weight.

Waver wave markWaverBrand first
GitHubSlackGoogle WorkspaceVercel (legacy)Supabase (legacy)
Why the flow feels safer

One governed path. One permission chain. One place to inspect it.

Broker only what matters

Bring in the exact accounts and resources the agent needs, not every provider credential your team owns.

Give each agent a visible role

Every agent gets its own identity, phantom-token exchange path, grants, and history instead of hiding behind shared raw access.

Review risky actions before they fire

Approvals appear before the proxy writes to Slack, GitHub, Google Workspace, or production surfaces, so every wait has a visible reason and a human owner.

Audit the result after the action lands

See the exact request, the exact resource, the exact approval path, and the proxied provider result instead of reconstructing it later.

Purposeful waiting

When the model pauses, the interface should keep explaining.

A developer should see where the request paused, which rule caught it, and what decision happens next. Latency becomes part of the product narrative instead of a dead zone.

What users see while the system thinks

Waiting should show the chain of decision, not a blank pause.

Live path
01
Tool requestGitHub pull request:create
Done
02
Scope checkrepo:orcadebug/waver-production
Done
03
Approvalhuman review required
Reviewing
04
Executionwaiting for decision
Queued
Audit trail

See what happened, not just whether the action returned 200.

10:31Claude Code requested PR creategithub/orcadebug/waver-productionAllowed
10:35Codex asked for preview deployvercel/waver-webApproved
10:41Claude Code attempted env readvercel/productionBlocked
Waver

Open the account after the boundary makes sense.

Start free, connect one provider, create one agent identity, mint one phantom token, and watch one full governed request cross scope, approval, execution, and audit.

Start freeReplay explainer