Claude Code Now Plays by Corporate Rules — Anthropic Opens the 'Apps Gateway'
Picture yourself as an engineering lead trying to roll out Claude Code across your entire company. There's really only one problem, but it's a big one: nobody actually knows how many API keys have been handed out. A new hire joins, someone spins up another key for them. Someone leaves, and that key quietly stays alive because nobody remembered to kill it. Then the quarterly cloud bill lands, and you're stuck untangling a spreadsheet trying to figure out which team spent what. That's roughly how most companies have been running AI coding tools up to now — convenient in the moment, but the kind of setup that makes a security team wince the second they hear about it.
This week Anthropic went straight at that problem. The product is called the "Claude apps gateway" — a self-hosted control plane that lets you run Claude Code on top of Amazon Bedrock and Google Cloud Vertex AI without the credential sprawl and manual setup that normally comes with deploying an AI coding tool at scale. The documentation also name-checks Microsoft Foundry, so the intent is clearly to span the major cloud platforms rather than lock into just one.
The core idea is simple enough to state in a sentence: developers stop carrying API keys around. They log in with corporate SSO instead. Administrators get a single place to manage who has access to Claude Code, what they're spending, and how policy gets enforced. For heavily regulated industries — finance, healthcare, government contractors — that level of control isn't a nice-to-have, it's the entry ticket. Without it, an AI coding tool doesn't even make it onto the shortlist. Anthropic just built that entry ticket itself.
The Players
The main character here is obviously Anthropic. To get Claude Code genuinely adopted at scale inside large enterprises, this move isn't about model performance at all — it's a bet on an entirely different battlefield: administration and control. Anthropic has built a strong reputation among individual developers, but turning that reputation into actual enterprise purchase decisions means clearing IT and security review first. This gateway is essentially the door Anthropic built so that reputation could walk through.
The second set of players are the cloud platforms themselves — Amazon Bedrock, Google Cloud Vertex AI, and Microsoft Foundry as mentioned in the documentation. These are places where enterprises already run their workloads, and not incidentally, they're also where the tightest IAM (identity and access management) and compliance frameworks already live. For Anthropic, building a gateway that works naturally on top of these clouds is the fastest route to sitting inside infrastructure customers already trust.
The third player, and arguably the real decision-maker, is the enterprise platform engineering and security team. No matter how badly developers want to use Claude Code, if security flags "there's no credential management story here," the whole thing stalls. This gateway was built, in a very real sense, to win that team over. That's why the language around it is full of terms like stateless container, PostgreSQL backend, and identity provider integration — those words are aimed squarely at that audience.
And finally, don't forget the developers actually using the tool day to day. For them, this shifts the experience from "manage your own API keys" to "log in with your work account." It sounds minor on paper, but for anyone who's been juggling multiple credentials across projects, it's a genuinely welcome change.
How the Gateway Works
The architecture is simpler than you'd expect. The gateway is a single stateless container deployed on Linux. That word "stateless" matters — the container itself holds no state, and the real data lives in a PostgreSQL database sitting behind it. That split means you can spin up multiple container instances to spread load, or swap out a broken container without touching the database underneath it. It's the kind of design infrastructure engineers tend to appreciate on sight.
The container itself does four jobs. First, it holds the upstream credential — meaning the actual key that talks to Bedrock or Vertex AI lives with the gateway, not scattered across individual developers. Second, it authenticates developers against your company's identity provider (IdP). Third, it distributes and enforces managed settings. Fourth, it reports per-user usage back to a collector that your own organization operates. Put those four together and you get a system that automatically tracks who used what, when, without anyone having to chase it down manually.
The login experience changes in a way that's easy to feel immediately. Developers no longer need to hold an API key or cloud credential of their own. They sign in through your corporate IdP, and the gateway issues a short-lived bearer token — one hour by default, per session. The real payoff shows up during offboarding. When an admin deprovisions a user in the IdP, that person's gateway access expires within the session lifetime automatically. No more hunting down which API key belonged to the person who just left.
Here's a table that lays out the shift more concretely.
| Item | Old Way (API Keys / Cloud Credentials) | Claude Apps Gateway |
|---|---|---|
| Login method | Individually issued and stored API keys | Corporate SSO login |
| Access token | Long-lived key | Short-lived bearer token (1 hour default) |
| Offboarding | Manually find and revoke the key | Auto-expires once removed from IdP |
| Cost tracking | Manual aggregation by team/person | Automatic per-user reporting |
| Policy enforcement | Individual settings, inconsistent | Centrally distributed and enforced |
The supported clouds center on Amazon Bedrock and Google Cloud Vertex AI, with Microsoft Foundry mentioned alongside them in the documentation. In other words, this isn't locked to a single cloud vendor — it's built to sit on top of whatever infrastructure the enterprise already runs. That's the essence of what gets described as a "bring-your-own-cloud" architecture.
What Each Side Gains
What Anthropic gains most is a door into regulated industries. No matter how good the model was, banks, hospitals, and government agencies could never really get an AI coding tool past the review stage if the credential story was "issue and manage API keys by hand." The moment a security team asks "how do you handle credential management" in the first meeting and there's no clean answer, the conversation is over. This gateway shows up with that answer already prepared. The three things the documentation calls non-negotiable — bring-your-own-cloud architecture, enterprise SSO, and audit logging — are exactly the items regulated-industry security teams already have sitting on their checklist.
What enterprise customers gain is much more practical. The burden of credential management drops sharply. Instead of API keys scattered everywhere with nobody quite sure who holds what, access gets controlled through a single corporate IdP. Offboarding becomes a matter of deleting one account in the IdP rather than chasing keys across multiple systems. And because per-user cost tracking is now automatic, a question like "how much did this team spend on Claude Code this quarter" gets answered without anyone opening a spreadsheet.
Cloud platforms benefit quietly too. Claude Code running well on Bedrock or Vertex AI translates directly into more workload sitting on that cloud. If a company already has its infrastructure on AWS or Google Cloud, it can adopt Claude Code without moving anything to a new vendor's infrastructure — it just slots into the existing cloud contract. For the cloud platforms, that's one more reason for an existing customer to stay locked into their ecosystem rather than look elsewhere.
The benefit for individual developers is modest but real. The whole cycle of requesting an API key, storing it somewhere safe, and renewing it when it expires simply goes away. It's replaced by the familiar motion of logging into a work account. That matters more than it sounds like when you're joining a new project or switching teams — access issues that used to slow that transition down largely disappear.
Precedents: Wins and Failures
Looking back at enterprise software history, the idea of centralizing access control through a "gateway" or "proxy" is nothing new. API gateways became a standard pattern back in the microservices era, and consolidating authentication, authorization, and logging for multiple backend services into one place is a proven approach by now. What Anthropic did here is essentially the same idea applied to an AI coding tool. Building on top of an architecture pattern that already has a track record of success is, on balance, a fairly safe move.
The rise of SSO and IdP integration as a baseline requirement for enterprise software adoption follows a similar arc. There was a time when every SaaS tool required its own separate account, but today it's nearly impossible to land enterprise customers without SSO support. In security-sensitive industries especially, "no SSO" is often an instant disqualifier during vendor review. Anthropic naming SSO as one of three non-negotiables for this gateway is really just following where the rest of enterprise software already went.
There's a cautionary side worth keeping in mind too. A centralized control plane is powerful when built well, but it can just as easily become a single point of failure if it isn't. If the gateway goes down, every developer at the company could lose access to Claude Code at once. There have been plenty of past cases where companies rolled out internal proxies or gateway systems only to see developer productivity suffer because of the operational burden and incident response complexity that came with them. The fact that this gateway is built as a stateless container capable of running multiple instances reads like a design choice made with exactly that failure mode in mind.
One more thing worth flagging: for enterprise infrastructure products like this, there's typically a real gap between the announcement and actual large-scale adoption. Even with solid documentation and a complete feature set, moving an organization of thousands of developers onto a new gateway means pilots, security reviews, and staged rollouts first. At this point, it's fair to say the capability now exists — but it's a different claim from saying it's already being used widely, and that gap hasn't closed yet.
Rivals' Counterplay
The AI coding tool market isn't a one-player game for Claude Code. GitHub Copilot and a handful of other competitors are already chasing the same enterprise market, and all of them have been building out similar enterprise management features — SSO integration, usage dashboards, and the like. This gateway announcement is a clear statement from Anthropic that it's ready to compete on this front, but it also means rivals either already have comparable capability or will move quickly to answer it.
Microsoft's position here is particularly interesting. The fact that Microsoft Foundry shows up as a supported platform in this announcement means Anthropic is trying to win over Microsoft's own infrastructure customers. But Microsoft is simultaneously pushing Copilot, its own coding tool. So you end up with an odd dynamic: Claude Code runs well on Microsoft's cloud infrastructure, while directly competing against Microsoft's own product on that very same infrastructure. Cloud infrastructure cooperation and product-level competition are happening at the same time, between the same two companies.
Amazon and Google aren't just infrastructure landlords in this either. Both companies push their own AI models and developer tools, and both run a "multi-model marketplace" strategy — hosting products from multiple model providers side by side on Bedrock and Vertex AI respectively. It's good news that the Claude Code gateway runs well on these clouds, but it also means Claude Code now sits in a position where it gets directly compared against other AI coding tools on the very same cloud shelf.
Competitor responses will likely split into two camps. One group will rush out their own self-hosted gateway or on-premise control plane to match this. The other will lean harder into marketing enterprise features they already had, essentially arguing "we were already doing this." Either way, this announcement reconfirms that enterprise management capability is turning into a battlefield in the AI coding tool market that matters just as much as raw model performance.
So What Changes
For platform engineers and IT admins, the workload genuinely drops. The old routine involved issuing an API key to every individual developer, tracking where and how that key got used, and manually hunting down keys when someone left the company. Now, managing a single corporate IdP is enough — access control, policy enforcement, and cost tracking all follow automatically from that. When preparing for a security audit in particular, being able to explain "who accessed what and when" through a single gateway log instead of piecing together records from multiple systems takes a real weight off.
For developers, the visible change might feel smaller day to day. The actual experience of using Claude Code stays largely the same. What shifts is the login method — from API keys to corporate SSO — and sessions now renew on a roughly one-hour cycle by default, so nobody has to think about when their personal key expires anymore. In exchange, developers now operate inside role-based access policies set by the company, which does mean slightly less individual freedom than before.
For companies in regulated industries, this announcement could meaningfully lower the adoption bar. Finance, healthcare, and government-adjacent organizations have often held back on AI coding tools specifically because of credential management and audit logging requirements. With a bring-your-own-cloud structure that lets the gateway run inside a company's own infrastructure, plus SSO and audit logging built in by default, adoption conversations that had been shelved may well come back onto the table.
For executives and budget owners, per-user cost tracking and spend caps are probably the most immediately appealing part of this. Up to now, approving an AI coding tool often meant signing off without a clear sense of what it would actually cost. Now spend limits can be set per team or per user, and actual usage gets aggregated in something close to real time — which makes it a lot easier to greenlight adoption from a budgeting standpoint.
🥄 Three Things You're Probably Wondering
— Does this mean the company has to run the gateway server themselves? Yes. This is a self-hosted deployment where you run a stateless container and a PostgreSQL database directly on Linux infrastructure you control. It's not a click-a-button SaaS product — it's a self-hosted model where the platform team owns the infrastructure and operational burden. This will probably suit larger organizations first, the ones with the capacity to take that on.
— Does this mean API keys go away entirely? From an individual developer's point of view, essentially yes. The upstream credential is held by the gateway on their behalf, and developers only need an IdP login plus a short-lived bearer token to get access. That said, the gateway itself still needs a credential to talk to the cloud provider — the key change is that this credential is now consolidated in one place instead of spread across every developer.
— When does full Microsoft Foundry support actually land? Microsoft Foundry is mentioned in the documentation alongside Bedrock and Google Cloud, but it hasn't been confirmed with the same level of detail as the other two. Whether all three platforms are supported at an equal level simultaneously, or whether Foundry support rolls out in phases, is too early to say. Worth keeping an eye on the official docs as they get updated.
References
- Introducing the Claude apps gateway for Amazon Bedrock and Google Cloud — Claude by Anthropic
- Anthropic Adds Enterprise Gateway to Simplify Claude Code Access on AWS and Google Cloud — DevOps.com
- Claude apps gateway for Amazon Bedrock, Google Cloud, and Microsoft Foundry — Claude Code Docs
- Anthropic introduces Claude apps gateway for Amazon Bedrock, Google Cloud — TipRanks
Numbers are as of announcement and may change.



