Notifications

Clear all

MCP gateways and ChatGPT Dev Mode: what IAM teams need to know

Last Post

RSS

NHI Mgmt Group

(@nhi-mgmt-group)

Member Moderator

Joined: 1 year ago

Posts: 5324

Topic starter 11/06/2026 11:52 pm

TL;DR: ChatGPT Developer Mode can reach a local SQLite MCP server through an identity-aware reverse tunnel that handles auth, TLS and per-request policy enforcement, according to Pomerium. The core issue is not convenience but whether enterprises can expose local tools to cloud LLMs without breaking Zero Trust assumptions.

NHIMG editorial — based on content published by Pomerium: Secure SQL AI analyst, enabled by Pomerium and ChatGPT Developer Mode

By the numbers:

90% of IT leaders say properly managing NHIs is essential for a successful zero-trust implementation.
Only 5.7% of organisations have full visibility into their service accounts.

Questions worth separating out

Q: How should security teams govern MCP access for cloud-hosted AI tools?

A: Security teams should govern MCP access as a request-level identity problem, not a network problem.

Q: Why do VPN-based controls fail for ChatGPT-style tool access?

A: VPNs fail because they authenticate network presence, not the specific tool request made by a cloud-hosted model.

Q: What should teams do with upstream secrets used by MCP servers?

A: Teams should treat upstream secrets as non-human identities with owners, expiry, rotation and revocation requirements.

Practitioner guidance

Classify MCP upstream credentials as governed NHIs Inventory the OAuth tokens, certificates and API secrets that allow an LLM or MCP server to reach internal data sources.
Enforce per-request authorisation at the gateway Require the access decision to evaluate identity, resource, operation and context for each tool invocation.
Remove VPN dependence from AI tool access design Map every local or internal tool exposed to a cloud model and replace blanket network trust with identity-aware routing.

What's in the full article

Pomerium's full blog post covers the operational detail this post intentionally leaves for the source:

A live walkthrough of how the reverse tunnel terminates in Pomerium and how auth, TLS and policy enforcement are wired together.
The exact ChatGPT Developer Mode workflow used to list tables, generate SQL and render output through MCP tools.
Configuration-level guidance for handling OAuth flows, upstream tokens and certificate management without custom server code.
Practical examples of how the same route can be reused for local development, testing and peer sharing.

👉 Read Pomerium's analysis of secure MCP access with ChatGPT Developer Mode →

MCP gateways and ChatGPT Dev Mode: what IAM teams need to know?

Explore further

View Full Forum → | NHI Foundation Course →

Quote

Topic Tags

Forum Statistics

9 Forums

6,557 Topics

9,529 Posts

11 Online

135 Members

Latest Post: Quest Software alternatives for PAM and AD governance: what changes? Our newest member: Alex Recent Posts Unread Posts Tags

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed

#1 Authority in NHI Education, Research and Advisory, empowering organizations to tackle the critical risks posed by Non-Human Identities (NHIs), including AI Agents.

Get in Touch

Quick Links

FAQ

NHI 101 Articles

Legal & Policies