Loading
Loading
2938 Members
Join Permit's SlackToday, we are announcing Permit MCP Gateway, a new trust and enforcement layer for the Model Context Protocol.
As MCP becomes an increasingly important interface between AI agents and enterprise systems, organizations need more than connectivity. They need identity, delegated trust, fine-grained authorization, consent, auditability, and strong runtime controls built directly into the flow of agent actions. Permit MCP Gateway is our answer to that need.
This launch is a natural progression for Permit into the AI era.
Permit was built to solve fine-grained, dynamic authorization across modern software systems. We started with applications, APIs, and data. As agentic systems move from experimentation into production, the same core problem has reappeared in a new form: organizations now need a reliable way to determine which agent can do what, on whose behalf, under which policy, and with what level of oversight.
Extending Permit into MCP is not a departure from our mission. It is the next logical step.
Permit MCP Gateway is designed as a drop-in gateway in front of MCP servers. It adds authentication, human-in-the-loop consent, fine-grained authorization, and audit controls to every tool invocation, while preserving the flexibility teams need to work with their existing MCP infrastructure and identity stack.
Because it is built on top of core Permit, it is also designed for defense in depth. The same policy model and enforcement approach can extend beyond the gateway throughout the broader stack, including APIs, services, and data layers.
This is also not a purely forward-looking announcement. Permit MCP Gateway is already being used by enterprise customers, reflecting a broader shift we are seeing across the market. As organizations build internal MCP servers and agentic workflows, they quickly recognize that enablement alone is not enough. They need governance, least privilege, runtime decisioning, and auditable control from the start.
From a product perspective, Permit MCP Gateway makes enterprise adoption practical. It can sit in front of existing MCP servers, work with an organization’s existing authentication setup, capture explicit human consent, connect delegation to downstream agent activity, and evaluate authorization on every tool call.
It is designed to help organizations move toward zero standing privilege rather than embedding persistent credentials directly into agent workflows.
That distinction matters.
Authentication and tokens remain necessary, but they are not sufficient for agentic security. They establish an initial trust boundary, but they do not answer the runtime questions that matter most:
Agentic systems require continuous runtime control, not just one-time authentication.
This is where Permit brings a differentiated approach.
We do not see MCP security as a narrow protocol wrapper. We see it as part of a broader agentic identity and authorization fabric. Permit MCP Gateway is built on top of core Permit, which means organizations can start with a clean enforcement point at the MCP layer and then extend those same controls deeper into the stack for true defense in depth.
That is the difference between securing a surface and securing a system.
There is, of course, a broader industry conversation underway about MCP itself and how it will evolve over time. Our view is straightforward: like many important infrastructure standards before it, MCP does not need to be perfect in order to become foundational. What matters is that it provides a practical and increasingly common interface between agents and enterprise systems. Once that interface exists, the need for a consistent trust, policy, and audit layer becomes unavoidable.
The same principle applies to agents themselves. AI agents are powerful precisely because they are dynamic, but that same dynamism also creates fragility. Their behavior can change quickly, which means their permissions cannot be treated as static. In that sense, resilient agent security looks less like session-based trust and more like continuous verification and response.
This is the backdrop for today’s launch.
Permit MCP Gateway, also known as Agent.Security or MCPermit, is our answer to a problem we believe every enterprise will face as AI agents become part of daily operations: how to let agents connect, act, and deliver value without giving up control, visibility, or policy integrity.
For Permit, this is a natural evolution from fine-grained authorization into the next generation of identity. For our customers, it is a practical way to bring governance, least privilege, consent, auditability, and runtime enforcement into MCP-based systems from the beginning, rather than trying to bolt them on later.
You can learn more on the Permit MCP Gateway page, explore the documentation, and of course try it out yourself here.
Co-Founder / CEO at Permit.io
