AI control layers for agents: what IAM teams need to know

TL;DR: Gartner says three-quarters of enterprises are piloting or deploying AI agents, yet integration remains a top-three barrier for 20% and nearly 30% of GenAI productivity teams, because enterprise applications were not designed for dynamic, context-driven agent access, according to Kong. The real issue is not model capability but governable identity, routing, and auditability across agent actions.

NHIMG editorial — based on content published by Kong: AI Agent Integration: Gartner Research Confirms Need for AI Control Layer

By the numbers:

• Integration ranks as a top-three barrier to AI implementation for 20% of enterprises.
• Nearly 30% of IT leaders deploying generative AI productivity assistants cited difficulty integrating into daily work processes as a top challenge.

Questions worth separating out

Q: How should security teams govern AI agents that need access to enterprise applications?

A: Security teams should place agent access behind a control layer that enforces authentication, authorisation, logging, and rate limiting before any action reaches a business application.

Q: Why do AI agents complicate existing IAM and API governance models?

A: AI agents complicate IAM and API governance because they do not always behave like fixed software clients.

Q: What breaks when AI agents are connected directly to enterprise systems?

A: Direct connections often break auditability, predictable authorisation, and operational containment.

Practitioner guidance

• Map agent access to a named control owner Assign explicit ownership for every AI agent that can reach enterprise systems, including the policy boundary for what it may read, propose, or execute.
• Proxy agent tool use through a governed control point Route MCP and other agent traffic through a layer that can enforce authentication, rate limiting, logging, and allow or deny actions before they reach production applications.
• Separate contextual read access from write authority Allow agents to retrieve contextual data only when the use case does not justify write access.

What's in the full article

Kong's full blog post covers the operational detail this post intentionally leaves for the source:

• The specific AI Gateway and Konnect control-plane mechanics used to govern LLM traffic, MCP access, and agent-to-agent communication.
• Kong's implementation details for authentication, rate limiting, audit logging, and cost allocation across agent workloads.
• The vendor's examples of how to proxy MCP access through a gateway and generate secure MCP servers from managed APIs.
• The product-specific framing for extending existing API management into agentic workflows without rebuilding the platform.

👉 Read Kong's analysis of Gartner research on AI agent integration controls →

AI control layers for agents: what IAM teams need to know?

Explore further

View Full Forum →  |  NHI Foundation Course →