MCP for AI agents: what it means for identity governance

TL;DR: 61% of respondents are already using MCP with AI agents, 73% plan to expand use, and 77% of non-users expect to adopt it soon, while 30% rank security as the top factor shaping adoption, according to Astrix Security. The governance question is no longer whether MCP matters, but whether identity and policy can keep pace with agent activity.

NHIMG editorial — based on content published by Astrix Security: MCP as the identity control plane for AI agents and governance

By the numbers:

• 61% are using MCP with AI Agents today.
• 73% plan to expand their use of MCP.
• 30% of you said Security was the most, important factor.

Questions worth separating out

Q: How should security teams govern AI agents that use MCP to access tools and data?

A: Security teams should govern MCP at the protocol boundary by binding agent identity, token scope, and audit to every tool request.

Q: Why does MCP change the way IAM teams think about AI agent access?

A: MCP changes the model because it turns many separate tool connections into one repeatable policy surface.

Q: What breaks when AI agents get broad access through MCP servers?

A: Broad MCP access breaks governance when one agent credential can reach many tools without tight scope or server trust checks.

Practitioner guidance

• Define MCP as an identity enforcement point Require authentication, scoped tokens, and audit context at the MCP boundary before any tool call is permitted.
• Bind each persistent agent to an owner and a purpose Map persistent agents to a human owner or service context so every approval, investigation, and revocation path has a clear accountable identity.
• Use ephemeral credentials for ephemeral agent tasks Issue short-lived credentials that expire with the task, and avoid standing secrets that remain valid after the agent's intended action completes.

What's in the full article

Astrix Security's full blog post covers the operational detail this post intentionally leaves for the source:

• Survey breakdowns on MCP adoption by current users and planned adopters across the audience.
• Examples of the specific guardrails respondents want, including human confirmation for destructive actions and role-scoped tool access.
• A practitioner view of how MCP server trust can be operationalised across different agent workflows.
• Astrax Security's framing of how persistent and ephemeral agents should map to different identity patterns.

👉 Read Astrix Security's analysis of MCP as an identity control plane for AI agents →

MCP for AI agents: what it means for identity governance?

Explore further

View Full Forum →  |  NHI Foundation Course →  |  Our Services →