Summary
Anthropic recently launched Claude Managed Agents (public beta), which introduces a new set of stateful API endpoints beyond /v1/messages. Currently, Envoy AI Gateway only proxies model inference endpoints — enterprises deploying the gateway as a centralized AI access layer have no way to route, authenticate, or audit Managed Agents traffic through it.
Background
Managed Agents introduces a new API surface for long-running, stateful agent sessions:
| Endpoint |
Purpose |
POST /v1/agents |
Create a persisted, versioned agent config |
POST /v1/sessions |
Start a session against an agent |
GET /v1/sessions/{id}/events/stream |
SSE stream of agent events |
POST /v1/sessions/{id}/events |
Send user messages / tool results |
GET /v1/sessions/{id}/events |
Poll events (paginated) |
POST /v1/environments |
Provision sandbox environments |
POST /v1/vaults |
Manage MCP credentials |
Key characteristics that make gateway support non-trivial:
- SSE streaming on
/events/stream — long-lived connections, not request/response
- Stateful sessions — clients reconnect to existing sessions; the gateway must not break session affinity
- Beta headers — requires
anthropic-beta: managed-agents-2026-04-01
- First-party Anthropic only — cannot route through AWS Bedrock; requires a direct
api.anthropic.com backend
Problem
Enterprises using Envoy AI Gateway as a centralized proxy gain:
- Unified auth (API key / JWT)
- Token cost tracking
- Audit logging
- Rate limiting
- Policy enforcement
Today, any team wanting to use Managed Agents must bypass the gateway entirely and call api.anthropic.com directly with a raw Anthropic API key — losing all of the above.
Desired Behavior
- New
Backend type (or config option) pointing to api.anthropic.com for first-party Anthropic endpoints
HTTPRoute support for /v1/agents*, /v1/sessions*, /v1/environments*, /v1/vaults*- SSE-aware proxying for
/v1/sessions/{id}/events/stream (no buffering, proper text/event-stream passthrough)
- Beta header passthrough (
anthropic-beta)
- Cost metadata extraction from SSE events (token usage is in
span.model_request_end events)
Related Issues
References
Summary
Anthropic recently launched Claude Managed Agents (public beta), which introduces a new set of stateful API endpoints beyond
/v1/messages. Currently, Envoy AI Gateway only proxies model inference endpoints — enterprises deploying the gateway as a centralized AI access layer have no way to route, authenticate, or audit Managed Agents traffic through it.Background
Managed Agents introduces a new API surface for long-running, stateful agent sessions:
POST /v1/agentsPOST /v1/sessionsGET /v1/sessions/{id}/events/streamPOST /v1/sessions/{id}/eventsGET /v1/sessions/{id}/eventsPOST /v1/environmentsPOST /v1/vaultsKey characteristics that make gateway support non-trivial:
/events/stream— long-lived connections, not request/responseanthropic-beta: managed-agents-2026-04-01api.anthropic.combackendProblem
Enterprises using Envoy AI Gateway as a centralized proxy gain:
Today, any team wanting to use Managed Agents must bypass the gateway entirely and call
api.anthropic.comdirectly with a raw Anthropic API key — losing all of the above.Desired Behavior
Backendtype (or config option) pointing toapi.anthropic.comfor first-party Anthropic endpointsHTTPRoutesupport for/v1/agents*,/v1/sessions*,/v1/environments*,/v1/vaults*/v1/sessions/{id}/events/stream(no buffering, propertext/event-streampassthrough)anthropic-beta)span.model_request_endevents)Related Issues
References