idun-agent-platform

Everything you need to deploy AI agents to production

Cloud · Quickstart · Docs · Discord · Book a demo

⭐ If you find this useful, please star the repo. It helps others discover the project.

Idun Agent Platform is an open-source, self-hosted control plane for LangGraph and Google ADK agents. Enroll your agent and get a production-grade service with built-in observability, guardrails, memory persistence, MCP tool governance, prompt management, and SSO with workspace isolation.

Why Idun? Teams building agents face a bad tradeoff: build the platform yourself (slow, expensive) or adopt a SaaS (lock-in, no sovereignty). Idun is the third path: you keep your agent code, your data, and your infrastructure. The platform handles the production layer.

Quick start

Prerequisites: Docker and Git.

git clone https://github.com/Idun-Group/idun-agent-platform.git && cd idun-agent-platform
cp .env.example .env
docker compose -f docker-compose.dev.yml up --build

Open localhost:3000. Create an account. Deploy your first agent in 3 clicks.

[!TIP]
Don't need the full platform? Run a standalone agent with no Manager and no database:

pip install idun-agent-engine && idun init

The interactive TUI configures framework, memory, observability, guardrails, and MCP in one pass. See the CLI docs.

What's inside

Observability Langfuse · Arize Phoenix · LangSmith · GCP Trace · GCP Logging Trace every agent run. Connect multiple providers at the same time through config.	Guardrails PII detection · Toxic language · Ban lists · Topic restriction · Bias checks · NSFW · 9 more Apply policies per agent on input, output, or both. Powered by Guardrails AI.
MCP tool governance Register MCP servers and control which tools each agent can access. Supports stdio, SSE, streamable HTTP, and WebSocket.	Memory and persistence PostgreSQL · SQLite · In-memory · Vertex AI · ADK Database Conversations persist across restarts. Pick a backend per agent.
Prompt management Versioned templates with Jinja2 variables. Assign prompts to agents from the UI or API.	Messaging integrations WhatsApp · Discord · Slack Bidirectional: receive messages, invoke agents, send replies. Webhook verification handled.

[!NOTE]
SSO and multi-tenancy — OIDC with Google and Okta, or username/password. Role-based workspaces (owner, admin, member, viewer). Every resource is scoped to a workspace.

[!NOTE]
AG-UI streaming — Every agent gets a standards-based streaming API, compatible with CopilotKit clients. Built-in chat playground for testing.

Architecture

flowchart LR
  subgraph Actors
    Users["End users / Apps"]
    Admin["Admin / DevOps"]
    CICD["CI/CD"]
  end

  subgraph Platform["Idun Agent Platform"]
    direction TB
    UI["Web UI"]
    MGR["Manager API"]
    subgraph Engines["Engines"]
      ENG1["LangGraph"]
      ENG2["ADK"]
    end
    DB[(PostgreSQL)]
  end

  subgraph Infra["Your stack"]
    OBS["Observability"]
    MEM[(Memory)]
    LLM["LLMs"]
    TOOLS["MCP tools"]
  end

  Admin --> UI --> MGR --> DB
  Engines -- "config" --> MGR
  CICD --> Engines
  Users --> Engines --> Infra

Integrations

Idun vs alternatives

[!NOTE]
Idun is not a replacement for LangSmith (observability) or LangGraph Cloud (hosting). It is the layer between your agent code and production that handles governance, security, and operations, regardless of which observability or hosting you choose.

Configuration

Every agent is configured through a single YAML file. Here is a complete example with all features enabled:

server:
  api:
    port: 8001

agent:
  type: "LANGGRAPH"
  config:
    name: "Support Agent"
    graph_definition: "./agent.py:graph"
    checkpointer:
      type: "sqlite"
      db_url: "sqlite:///checkpoints.db"

observability:
  - provider: "LANGFUSE"
    enabled: true
    config:
      host: "https://cloud.langfuse.com"
      public_key: "${LANGFUSE_PUBLIC_KEY}"
      secret_key: "${LANGFUSE_SECRET_KEY}"

guardrails:
  input:
    - config_id: "DETECT_PII"
      on_fail: "reject"
      reject_message: "Request contains personal information."
  output:
    - config_id: "TOXIC_LANGUAGE"
      on_fail: "reject"

mcp_servers:
  - name: "time"
    transport: "stdio"
    command: "docker"
    args: ["run", "-i", "--rm", "mcp/time"]

prompts:
  - prompt_id: "system-prompt"
    version: 1
    content: "You are a support agent for {{ company_name }}."
    tags: ["latest"]

sso:
  enabled: true
  issuer: "https://accounts.google.com"
  client_id: "123456789.apps.googleusercontent.com"
  allowed_domains: ["yourcompany.com"]

integrations:
  - provider: "WHATSAPP"
    enabled: true
    config:
      access_token: "${WHATSAPP_ACCESS_TOKEN}"
      phone_number_id: "${WHATSAPP_PHONE_ID}"
      verify_token: "${WHATSAPP_VERIFY_TOKEN}"

[!TIP]
Environment variables like ${LANGFUSE_SECRET_KEY} are resolved at startup. You can use .env files or inject them through Docker/Kubernetes.

Serve from a file:

pip install idun-agent-engine
idun agent serve --source file --path config.yaml

Or fetch config from the Manager:

export IDUN_AGENT_API_KEY=your-agent-api-key
export IDUN_MANAGER_HOST=https://manager.example.com
idun agent serve --source manager

[!IMPORTANT]
Full config reference: docs.idunplatform.com/configuration

9 runnable agent examples: idun-agent-template

Community

Commercial support

Maintained by Idun Group. We help with platform architecture, deployment, and IdP/compliance integration. Book a call · [email protected]

Telemetry

Minimal, anonymous usage metrics via PostHog. No PII. View source. Opt out: IDUN_TELEMETRY_ENABLED=false

License

GPLv3