MCP gateways and AI agent access control: what changes now?

TL;DR: MCP gateways are emerging as the missing control layer for enterprise AI, centralising authentication, routing, policy enforcement, and observability as AI agents fan out across more servers, according to Kong. The governance problem is not protocol support alone, but the collapse of manageable trust boundaries once access, routing, and audit move point to point.

NHIMG editorial — based on content published by Kong: What is a MCP Gateway? The Missing Piece for Enterprise AI Infrastructure

By the numbers:

• Organizations using AI in at least one business function jumped from 55% to 78% in just one year.
• Generative AI usage specifically rose from 33% in 2023 to 71% in 2024.

Questions worth separating out

Q: How should security teams govern access to MCP servers used by AI agents?

A: Security teams should place MCP servers behind a gateway that enforces authentication, policy, and audit at one control point.

Q: Why do MCP environments create new identity governance problems at scale?

A: MCP environments multiply access paths as more agents and servers are added, which makes direct point-to-point governance brittle.

Q: How can organisations tell whether their MCP access controls are working?

A: They should be able to reconstruct every agent request from authentication through routing to the backend server.

Practitioner guidance

• Centralise MCP access behind one governed endpoint Require AI clients to reach MCP servers only through a gateway that enforces authentication, routing, and policy in one place.
• Bind MCP traffic to enterprise identity providers Connect gateway authentication to your existing SSO stack using OAuth 2.0, OIDC, or SAML so AI access inherits the same identity governance standards as other workloads.
• Treat session affinity as a governance requirement Preserve conversation context across multi-step tool calls, but pair that with traceable logs and correlation IDs so the full request chain remains auditable.

What's in the full article

Kong's full blog covers the operational detail this post intentionally leaves for the source:

• Step-by-step descriptions of how the gateway routes requests across multiple MCP servers in a live enterprise setup
• Specific implementation details for OAuth, OIDC, SSO, and policy enforcement inside the gateway
• Examples of observability and tracing patterns for session-aware AI traffic across tools and servers
• Guidance on when to add a gateway as MCP server counts and operational complexity increase

👉 Read Kong's explanation of MCP gateways for enterprise AI infrastructure →

MCP gateways and AI agent access control: what changes now?

Explore further

View Full Forum →  |  NHI Foundation Course →