Features Docs Enterprise Pricing GitHub
FR Book a Demo
Pricing

Simple, Transparent Pricing

Start with the full platform for free. Enterprise support when you need it.

Community

Free forever

Self-hosted. Full platform. For teams evaluating STOA.

  • Full MCP Protocol support
  • Control Plane API + Console UI
  • Developer Portal
  • Multi-gateway orchestration
  • UAC (Universal API Contract)
  • Community support (GitHub, Discord)
Get Started Free
Recommended

Enterprise

Custom pricing

Support, SLA, SSO, and multi-environment for production teams.

  • Everything in Community
  • SSO / SAML integration
  • Multi-environment (dev/staging/prod)
  • Advanced analytics dashboard
  • Priority support with SLA
  • Custom domain + TLS
  • Onboarding & migration assistance
Book a Demo
Regulated Industries

Sovereign

Custom pricing

Dedicated EU infrastructure. DORA audit support. Air-gapped deployment.

  • Everything in Enterprise
  • Dedicated infrastructure (EU)
  • On-premise or air-gapped deployment
  • NIS2 / DORA audit support features
  • Dedicated success manager
  • Custom SLA + penetration testing support
Book a Demo

Have questions? Read the FAQ

Pricing details available upon request. Plans and features subject to change before general availability.

Frequently Asked Questions

Everything you need to know about STOA pricing, deployment, and compliance.

Is STOA really free?
Yes. STOA is open source under the Apache 2.0 license. You can self-host the full platform at no cost, forever. No usage limits, no feature gates, no trial expiration. Enterprise and Sovereign plans add support, SLAs, and managed services.
What's included in the Community plan?
The full platform: MCP Gateway, Control Plane API, Console UI, Developer Portal, multi-gateway orchestration, UAC, basic observability, and community support via GitHub and Discord.
How does Enterprise pricing work?
Enterprise pricing is based on your deployment scale and support needs. Contact our team for a custom quote. We offer flexible options for both cloud-hosted and on-premise deployments.
Can we deploy STOA on-premise or air-gapped?
Yes. STOA is designed for on-premise, hybrid, and air-gapped deployments. The entire platform runs on your infrastructure — nothing phones home. Helm charts and Docker images are provided.
Is STOA DORA-compliant?
STOA supports compliance with DORA requirements — it does not guarantee compliance by itself. Features include: full audit trail for AI and API actions, ICT third-party risk documentation, on-premise deployment for data residency, and exportable compliance reports. Your compliance team should evaluate STOA as part of your broader DORA program.
Do you support penetration testing?
Yes. Sovereign plan customers can conduct penetration testing against their STOA deployment. We provide documentation for security assessments and can coordinate with your security team.
How do we migrate from another API gateway?
STOA provides migration guides for Kong, Gravitee, Apigee, webMethods, Azure APIM, and AWS API Gateway. The multi-gateway orchestration feature lets you run STOA alongside your existing gateway during transition — no big-bang migration required.
Who is behind STOA?
STOA is built by CAB Ingénierie, a French company with 15+ years of experience in enterprise integration (webMethods, API Management, identity federation). The platform is open source under Apache 2.0.

Still have questions? Get in touch hello@gostoa.dev