One governed tool surface. Every consumer.
The BTR OS API is the same 47 governed tools the console and Sentinel use, on Azure and .NET, authenticated with Microsoft Entra, with every call on the audit trail. The MCP server exposes those tools to AI agents and copilots.
Running in pilot today.
The product surface, exposed.
The same tools as the console
The API is not a bolt-on export. It exposes the same 47 governed tools the console runs, so anything the product can do, your systems can do, under the same rules.
Entra-authenticated
No separate API key regime to manage. Consumers authenticate through Microsoft Entra and roles map the same way they do for people.
An MCP server for agents
The Model Context Protocol server exposes governed tools to AI agents and copilots your IT approves, scoped and recorded like any operator.
Every call on the trail
A machine's action is attributed and written to the same immutable audit trail as a human's. Integrations stop being a blind spot.
No side doors
If a tool is not governed, it is not exposed. There is no raw database access and no undocumented path around the rules.
Australian data residency
Calls terminate on Azure infrastructure in Australia, the same as the rest of the platform.
One platform. Not a product bundle.
Console, agent, integration: three consumers of one governed tool surface. That is the architecture, and the API is simply the surface without the UI.
The first-party consumer
Sentinel runs on this same surface through the same protocols. It gets no special access.
ExploreThe rules underneath
Role scoping, attribution and the trail are properties of the tools, so they hold for machine consumers automatically.
ExploreThe same surface with a UI
Everything the console does is one of these tools. Watch a demo and you are watching the API.
ExploreMachine consumers, human-grade accountability.
Integrations usually mean service accounts with broad access and no story for who did what. Here a machine consumer holds a role through Microsoft Entra, calls role-scoped tools, and leaves the same immutable audit trail as a person. When something changes in the building, the trail says which system changed it, and why it was allowed to.
Is MCP only for your own agent?
No. MCP is an open protocol. The server exposes governed tools to the agents and copilots your IT approves, and every call they make is scoped and recorded like any operator action.
See the tool surface from the outside.
The API and MCP server expose the same governed tools the console runs, in pilot today. Book a pilot and bring your IT team along.
Prefer email? hello@ark360.com.au