MCP governance for AI agents: what IAM teams need now

TL;DR: Agentic AI adoption is accelerating, with 90% of organisations with visibility into their plans actively adopting AI agents, according to Kong, while the operational stack increasingly depends on LLMs plus MCP tools to make those agents useful. The security issue is that capability, access, and observability now converge in runtime infrastructure, and existing IAM models do not fully govern that convergence.

NHIMG editorial — based on content published by Kong: From Browser to Prompt: Building Infra for the Agentic Internet

By the numbers:

• 90% say their companies are actively adopting AI agents.
• 95% of generative AI initiatives go nowhere, according to a report published by MIT.

Questions worth separating out

Q: How should teams govern AI agents that use MCP tools in production?

A: Teams should govern MCP-enabled agents as runtime identities, not as ordinary API clients.

Q: Why do AI agents complicate existing IAM and API controls?

A: AI agents complicate IAM and API controls because they can choose tools dynamically and chain actions across a session.

Q: What breaks when MCP servers are exposed without strong governance?

A: What breaks is the ability to bound and explain agent behaviour.

Practitioner guidance

• Map every MCP server as an identity-bearing resource Document which agents can discover each server, what data or functions it exposes, and which team owns its policy and logging.
• Align policy, approval, and telemetry on the same runtime path Make sure access tiers, request logging, and usage analytics describe the same agent-to-tool interaction.
• Review whether dynamic tool selection breaks your current entitlement model Test whether an agent can change tool use mid-session without a corresponding governance event.

What's in the full article

Kong's full blog post covers the operational detail this post intentionally leaves for the source:

• The product-level breakdown of Kong AI Gateway 3.12 and its MCP Gateway capability
• The stepwise explanation of MCP governance, security, autogeneration, and observability in Kong's architecture
• The Volcano SDK workflow details for building agents with specific LLM and MCP selections
• The Prudential example showing how Kong describes real-world agentic AI adoption

👉 Read Kong's analysis of infrastructure for the agentic internet and MCP governance →

MCP governance for AI agents: what IAM teams need now?

Explore further

View Full Forum →  |  NHI Foundation Course →