Runs entirely on your infrastructure
Self-hosted by design — Docker or Helm, on your servers, in your network. No data egress, no third-party dependency. Built for regulated and compliance-bound organizations.
Bring the Model Context Protocol to your organization — on your own infrastructure, plugged into your identity stack, governed by your own policies, with no data ever leaving your perimeter.
The rise of AI brought a wave of new tooling, and almost all of it is SaaS-first: your prompts, your context and your data leave your network for someone else's cloud. For regulated and compliance-bound organizations that is a non-starter — information cannot cross the corporate boundary.
Yet the self-hostable alternatives tend to fall short exactly where the enterprise needs them most: corporate identity and governance — SAML, OAuth2/OIDC, SCIM provisioning, role-based access, teams and per-team entitlements.
Kravn was created to close that gap. Born out of the compliance world, it lets any company adopt MCP and AI tooling entirely within its own infrastructure — plugged into its own identity provider, governed by its own access policies, with nothing leaving the perimeter and no integration compromises.
# Docker
docker compose up # → http://localhost:8080
# Kubernetes
helm install kravn ./charts/kravn
kubectl port-forward svc/kravn 8080:80Then open the console, complete the first-run setup wizard, connect your first upstream MCP server, and publish it as an MCP endpoint your teams can consume. The full walkthrough is in the Quickstart and the Installation Manual.
| No data egress | Everything runs inside your perimeter. Kravn never phones home. |
| Identity you already have | SAML, OIDC, SCIM 2.0, RBAC, teams — integrate, don't migrate. |
| Portable persistence | SQLite out of the box; PostgreSQL, MySQL/MariaDB or SQL Server when you scale. |
| Highly available | Multi-replica ready, with a shared store for cross-pod state. |
| Source-available | BSL 1.1, converting to Apache 2.0 — inspect it, run it, trust it. |