Agor Cloud - Opening a Private Beta

Agor is BSL-licensed and vastly open source. You’re free to run it however you want—you just can’t commercialize it. It has all the building blocks for anyone without commercial intent to build next-gen, multi-agent, multiplayer servers that can really change how you build software.

So why Agor Cloud?

Join the Private BetaBook a Demo

The Gap Between “Works for Me” and “Works for Production”

Here’s what we learned productionizing Agor at Preset for our own use:

When you start running Agor for your team—multiple users, worktrees, dev environments per branch, AI sessions touching real code—you quickly realize the scale of what it takes to run this safely in production:

  • A stateful database that needs backups, migrations, and a recovery story
  • Per-user API key management for multiple agent providers (Claude, Gemini, Codex)
  • Prompt injection risks when agents have filesystem access
  • User isolation so one developer’s session doesn’t stomp another’s
  • Docker resource containment—when people can fire up dev environments at the click of a button, you need resource isolation to keep core services healthy while people go to town on the shared box
  • Observability across a fleet of dev environments
  • An audit trail your security team will actually accept
  • Same-day patching when the next zero-day in your stack lands

That’s a lot to own well. Most teams shouldn’t have to.

What Agor Cloud Offers

Agor Cloud is a fully managed Agor instance. Up in minutes, reliable, always on the latest secured release. The pitch is simple: someone is going to operate this thing for your team — we’d like to make the case that it should be us.

Bring Your Own Keys

We don’t sell tokens.

You bring your own API keys for Claude, Codex, Gemini—whatever you use. Agor Cloud doesn’t proxy them, doesn’t mark them up, doesn’t take a cut. Your AI spend is between you and the model providers.

Why this matters:

  • No incentive mismatch. We make money running Agor well, not on how many tokens your team burns.
  • No opaque markup. Your provider bills you directly; we never insert ourselves into that flow.
  • No model lock-in. Add or swap providers without renegotiating anything with us.

You optimize AI spend with the people who actually have the data: the providers.

We Run It Better Than You Would

Who’s best positioned to keep a given piece of software running reliably? The team that wrote it. They know which assumptions are load-bearing, which edge cases bite first, which knobs actually matter, which logs to grep when things go sideways. Trust the people who wrote the software to run the software.

A self-hosted Agor is a real piece of infrastructure: a stateful database, a multi-tenant filesystem, isolated worktrees, Docker resource budgets, agent processes that can hang or run away. Running that well, full-time, is our job — not a side concern.

What that buys you:

  • Economies of scale on Kubernetes. Tuned node pools, autoscaling, resource budgets that took us months to get right—you get the result without the calendar.
  • The latest/stable/secure balance. New Agor releases land on Cloud after they’ve been validated against our own production traffic, not yours.
  • Same-day patching for zero-days. When CVEs hit Node, Postgres, the kernel, or any of Agor’s deps, the same SRE rotation that runs Preset Cloud ships the fix that day. You don’t have to track Agor changelogs or rebuild images.
  • No on-call rotation for your team. We’re on-call for Agor; you’re on-call for your product.

This is boring infrastructure work that someone has to do. You can pay people to do it in-house, or you can pay us to do it once for everyone.

Unix-Level User Isolation

Inside every Agor instance, sessions, worktrees, and dev environments run as distinct Unix users. Filesystem permissions enforce boundaries between users, between branches, between agents. No shared process space, no leaky abstractions, no “well, they’re all in the same container.”

This is how multi-user systems were designed to work, and it’s the security floor we build everything else on top of.

Hardened for the Public Internet

Agor is powerful software, and some of its capabilities — broad filesystem access, freeform shell, multi-user shared dev environments — are great inside a trusted network and risky on the open internet. If you self-host, you should think carefully about where you put it (and probably run it behind a VPN).

Agor Cloud is built the other way: hardened from day one to sit safely on the public internet.

  • Pen-tested by an independent security firm. Daemon, executor, and exposed APIs all under scrutiny.
  • SOC 2 Type II audit cycle in flight.
  • Locked-down feature surface. The OSS feature flags and configs that expand attack surface — shared dev boxes, certain bypass modes, broad sudo paths — are off in Cloud. We know exactly which knobs should be in which position for a reliable, secure, public-facing instance, because that’s what we run for ourselves.
  • Safer alternatives where it matters. Where a feature is too risky to expose publicly but still valuable, we ship a safer shape of it. Environment integration on Cloud, for example, goes through a webhook surface rather than in-instance shared dev envs — same outcome, much smaller blast radius.

The payoff is the obvious one: use Agor from anywhere, mobile included, with no VPN gymnastics. Same posture you’d want from any modern SaaS your team relies on.

Managed Private Cloud

The default public Agor Cloud is a managed single-tenant instance per team, hosted on our infrastructure. For organizations whose code, data, or networking story rules that out, Managed Private Cloud (MPC) is a different deployment model:

  • Bring-your-own-cloud deployments. We deploy and manage Agor inside your own AWS or GCP account—data and compute stay in your tenancy.
  • Private network peering. Reach internal git servers, private APIs, staging databases, and ticketing systems over your VPC—nothing exposed to the public internet.
  • VPN-fronted access. Sit Agor behind your existing VPN if your security policy requires it.
  • Bring back the shared, fat dev server. MPC unlocks the “team works on one beefy dev box” model—with the Unix-level isolation above keeping users from stepping on each other. It’s how multi-user systems were designed to work, before everyone moved to laptops. Not part of the default Cloud offering; ask about it if it fits your team.

Network topology is a conversation, not a checkbox—tell us what your security team needs and we’ll work out the shape.

Auditing & Observability

If Agor is becoming critical to your PDLC, you need to see what’s happening in it—both for ops and for the security review your team will eventually get pulled into.

  • Audit log of session creation, prompt submissions, branch changes, owner edits, and admin actions—queryable, retained, exportable.
  • Multi-cast metrics. Logs and metrics flow to both your stack and ours (StatsD, Datadog, CloudWatch, Prometheus). We don’t get in the way of your existing observability.
  • Built-in dashboards for CPU, memory, disk, and network across every dev environment.
  • Alerting when environments spike, disk fills, or processes hang.

You stay accountable to your own security and compliance people. We don’t ask you to trust a black box.

Always Up

Running the infrastructure underneath a fleet of dev environments is challenging: containers that need health checks, processes that hang, disks that fill, ports that collide, network paths that drop. Cloud handles it—monitoring, auto-recovery, capacity management.

You focus on building. We focus on keeping the lights on.

CI-Ready: Agents That Don’t Disappear

Being able to @claude and @codex in GitHub issues and pull requests has made GitHub a better place for all of us and our agents. But the ephemeral model has clear limits:

  • You hope the agent one-shots it in CI; if not, you can’t see what it actually did
  • Sessions vanish when the job ends—the built-up context window is gone
  • No way to follow up with “that was close, but can you also check X?”
  • The agent doesn’t know how the branch was built in the first place

Agor Cloud lets your CI agents live on the same platform as the rest of your team’s work:

  • See CI-triggered sessions spawn in your Agor environment in real-time
  • Watch agents work with full visibility into tool use, file reads, and reasoning
  • Resume sessions after CI completes—“thanks for the review, now fix the issues you found”
  • Reuse context from the session that created the branch
  • Connect to live dev environments instead of starting from a cold checkout
  • Track genealogy from issue → PR → review → fixes, all as a session tree

API authentication, user isolation, secret management, network access controls — Agor Cloud handles the wiring. Your CI agents become first-class citizens, not ephemeral scripts.

On the Roadmap

A few things customers ask about that we’re committed to but haven’t shipped yet. We surface them here so nothing’s a surprise:

  • Self-serve point-in-time restore — backups exist today and we recover from them; the tested restore UX and customer-visible drill cadence are not MVP.
  • Prompt-injection guardrails — exploring tooling that catches obvious injection patterns at the agent boundary. Nothing committed yet; flag interest if this is a blocker.

If any of these are dealbreakers for your team, say so in the interest form—we prioritize based on what we hear.

Who Agor Cloud Is For

  • Teams that want a managed multi-user Agor instance without the ops burden
  • Engineering orgs exploring AI-assisted development at scale who want to bring their own keys
  • Companies whose security or compliance posture rules out running open source locally without a vendor on the hook
  • Teams whose interesting code and data live behind a VPC or VPN and want agents that can reach it safely
  • Anyone who wants Agor’s capabilities without owning the infrastructure underneath

Signing Up for the Private Beta

We’re scaling this aggressively but cautiously. Agor Cloud is quickly becoming critical to team productivity, so we’re onboarding carefully to ensure every deployment is solid.

If you’re interested in a fully-loaded, hassle-free solution for you and your team, join our private beta.

Here’s how it works:

  1. Fill out the interest form - Tell us about your team and use case
  2. Quick discovery call - We’ll chat about fit and requirements (15 minutes)
  3. Onboarding - Once we establish fit, you’ll be set up in minutes
  4. Trial period - Use Agor Cloud, see if it delivers value for your workflow
  5. Decide - If it’s solving real problems, stay on. If not, no hard feelings.

We’re not trying to sell you something you don’t need. We’re looking for teams where Agor Cloud makes a measurable difference—faster onboarding, better collaboration, cleaner development workflows.

What You Get

  • Dedicated Agor instance with your team’s repos and worktrees
  • Bring-your-own-key for Claude, Codex, Gemini—no proxy, no markup, no cut
  • Pen-tested and public-internet hardened—use from anywhere, mobile included, no VPN required
  • Unix-level user isolation as defense-in-depth
  • Private network access to your VPC, VPN, or own-cloud account (Managed Private Cloud)
  • Audit log + multi-cast metrics integrated with your existing observability stack
  • CI-ready agent sessions that persist and stay visible on your board
  • Managed infrastructure—same-day patching, monitoring, capacity, support
  • Direct access to the team building Agor—fast feedback loop, feature requests welcome

Pricing

We’re figuring this out during the private beta. Because Agor Cloud is BYOK, our pricing has nothing to do with your AI spend—it’s about the managed infrastructure: per-user, per-instance, or per-worktree models all make sense and we’re working with early customers to land on something fair and sustainable.

For now, focus is on fit and value. Pricing comes after we’ve proven this solves real problems.

Why Trust Us with This?

At Preset, we run Preset Cloud—a managed Apache Superset service used by thousands of teams. We know how to:

  • Operate multi-tenant SaaS infrastructure at scale
  • Handle security, compliance, and data isolation
  • Provide enterprise-grade observability and analytics
  • Support teams with mission-critical workflows

We’re building Agor Cloud because we’re running Agor ourselves. The features we’re adding are the ones we need. The operational experience we’re developing is the same rigor we apply to Preset Cloud.

You’re not getting a side project. You’re getting a fully supported service from a team that depends on it running flawlessly.

Open Source + Managed Service

Agor remains open source (BSL). You can still run it yourself if that fits your workflow better.

Agor Cloud is for teams that want the capabilities without the ops burden. No Docker config, no database migrations, no monitoring setup, no capacity planning. Just the platform, running reliably, with all the enterprise features baked in.

The open source project benefits too: production learnings at Preset feed back into Agor’s core. Better security, better performance, better defaults—everyone wins.

Let’s Get Cooking

AI-assisted development is changing how we build software. But the operational tooling around it—observability, collaboration, isolation, security patching, audit—hasn’t caught up.

Agor Cloud bridges that gap. Fully managed, secure, observable, built by the team using it every day.

If that sounds like what your team needs, we’d love to talk.

Join the Private BetaBook a Demo

Questions? Reach out:

If you’re running Agor open source and want to share your experience, we’d love to hear about it. Open a discussion or drop us a note—your feedback shapes where this goes next.

BlogFAQ
BSL 1.1 © 2026 Maxime Beauchemin