Prerequisites
Before starting with Tetrate Agent Router, verify that you have the following access and environment requirements in place. This page covers what each role needs (developers and administrators) to use the platform successfully from day one.
Account access
Tetrate Agent Router serves different web applications, each serving a distinct role. Depending on your function, you may need access to one or both.
| Requirement | Details |
|---|---|
| User account | An email/password or SSO credential provided by your administrator. For Proof-of-Concept (PoC) environments, Tetrate provisions accounts with appropriate roles. |
| Console URL | The developer-facing application for API keys, model routing, and usage monitoring (e.g., https://router.poc.tetrate.ai/) |
| Admin Dashboard URL | The operator-facing application for managing models, providers, and users (e.g., https://dashboard.poc.tetrate.ai/) |
Your administrator will provide URLs and initial credentials during onboarding. If your organization uses SSO, you will authenticate through your corporate identity provider; no separate password is required. Platform access is role-based: each user is granted access only to the applications appropriate to their function.
Browser requirements
Tetrate Agent Router is fully browser-based; no desktop software installation is required. Both applications support the following browsers:
- Google Chrome 90+
- Mozilla Firefox 90+
- Microsoft Edge 90+
- Safari 15+
JavaScript must be enabled. A screen resolution of 1280×720 or higher is recommended for the best experience, particularly when viewing usage dashboards and request log details.
For developers (Console users)
Developers use the Console to create API keys, browse the model catalog, configure routing policies, and monitor usage. In addition to account access, you will need:
| Requirement | Purpose |
|---|---|
| API key | Generated in the Console under API Keys. Authenticates all AI requests sent through the gateway and determines which routing policies apply. |
| Proxy endpoint URL | The address your application sends requests to instead of calling AI providers directly. The gateway handles routing, fallback, guardrail enforcement, and provider translation transparently. Shown on your Dashboard (e.g., https://proxy.poc.tetrate.ai/v1). |
| SDK or HTTP client | Any OpenAI-compatible client library or HTTP tool. No gateway-specific SDK is required. |
Supported SDKs and tools
Tetrate Agent Router is compatible with any tool or library that speaks the OpenAI API format. To connect, replace the provider's base URL with your proxy endpoint URL and use your Console API key. No other changes are required.
| Category | Examples |
|---|---|
| Python libraries | openai, langchain, crewai, pydantic-ai, llama-index |
| TypeScript/JavaScript | openai SDK, Vercel AI SDK |
| Code assistants | Cline, Aider, Continue, Roo Code, Goose |
| Chat interfaces | Open WebUI |
| MCP clients | Claude Code, Cursor, VS Code |
For step-by-step setup instructions for each tool, see Integrations.
For administrators (Admin Dashboard users)
Administrators use the Admin Dashboard to manage model availability, configure AI provider credentials, control user access, and maintain the platform audit trail. You need:
| Requirement | Purpose |
|---|---|
| Admin role | Assigned by a platform administrator. Grants access to the Admin Dashboard and all operator-level controls. |
| Provider credentials | API keys for each AI provider you plan to configure (e.g., OpenAI, Anthropic, Azure OpenAI, Google Vertex AI). These are stored securely by the gateway and are never exposed to Console users. |
| SSO metadata | SAML metadata or OIDC discovery URL from your corporate identity provider, if setting up enterprise single sign-on. |
In PoC environments, provider credentials and initial platform configuration are preconfigured by Tetrate. Administrators can review and modify these settings from first sign-in.
Network requirements
If your organization uses network firewalls or outbound proxies, ensure the following outbound HTTPS connections are permitted from client machines:
| Destination | Port | Purpose |
|---|---|---|
| Console URL | 443 | Web application access |
| Admin Dashboard URL | 443 | Web application access |
| AI Gateway proxy endpoint | 443 | Application API request routing |
For Enterprise (self-hosted) deployments, the data plane (Controller + Agent Router) also requires a single outbound HTTPS connection from your Kubernetes cluster to the management plane for configuration polling. No inbound connections from the internet to the data plane are required. See Architecture Overview for full network topology details.
SSO requirements
When installing/onboarding Agent Router components, it is required to configure Single Sign On for granting users access to the Agent Router dashboard. Any OIDC-compliant Identity Provider is supported.
Before continuing, make sure you have collected the following SSO details
- Issuer (Identity Provider URL)
- Client ID
- Client Secret
- Discovery URL (optional)
Configuring SSO is a required step in the Onboarding process and cannot be skipped.
Evaluation checkpoint
Use this checklist to confirm your environment is ready before proceeding to the quickstarts:
- you have completed the Onboarding process (triggered when first opening Dashboard)
- You can access the Console URL and sign in successfully
- You can access the Admin Dashboard URL (if applicable to your role)
- Your browser meets the minimum version requirements
- You have an API key (or can create one in the Console)
- You know your proxy endpoint URL
Where to go next