Appearance
MCP Agent Governance
What is MCP?
The Model Context Protocol (MCP) is a standard for connecting AI agents to tools and data sources. GateFlow's MCP implementation adds governance, permissions, and observability for production agent deployments.
The Challenge
AI agents are powerful but risky in production:
- Unrestricted Access: Agents can call any tool, access any data
- No Audit Trail: Hard to track what agents did and why
- Cost Surprises: Runaway agents can burn through API budgets
- Compliance Gaps: No way to enforce data handling policies
GateFlow's Solution
GateFlow MCP provides governed agent infrastructure:
Key Features
Default-Deny Permissions
Agents start with zero permissions. You explicitly grant what they need:
yaml
agent:
name: "Support Bot"
permissions:
tools:
- llm/chat # Can use LLM
- retrieval/search # Can search knowledge base
# Cannot: transcribe audio, synthesize speech, etc.
models:
- gpt-4o-mini # Only this model
data_classification:
- public # Only public dataComplete Audit Trail
Every tool invocation is logged:
json
{
"timestamp": "2024-01-15T10:30:00Z",
"agent_id": "agent_support_bot",
"tool": "retrieval/search",
"input": {"query": "password reset"},
"output": {"results": 5},
"latency_ms": 234,
"cost": 0.0012,
"session_id": "sess_abc123"
}Cost Transparency
Real-time cost tracking per agent:
json
{
"agent_id": "agent_support_bot",
"session": {
"cost": 0.45,
"tools_called": 23,
"duration_seconds": 180
},
"limits": {
"cost_per_session": 5.00,
"cost_daily": 100.00
}
}Tool Catalog
GateFlow provides governed access to:
| Category | Tools | Description |
|---|---|---|
| Voice | transcribe, synthesize, pipeline | Audio processing |
| Documents | ocr, process, status | Document handling |
| Retrieval | search, rerank | Knowledge base access |
| LLM | chat, embed | AI model access |
| Self-Inspect | whoami, get_my_usage | Agent introspection |
Pipeline Templates
Pre-configured pipelines for common use cases:
| Template | Description |
|---|---|
ambient-scribe | Medical transcription with PII handling |
voice-agent-fast | Low-latency voice assistant |
voice-agent-premium | High-quality voice assistant |
legal-dictation | Legal document transcription |
Quick Start
1. Create an Agent
bash
curl -X POST https://api.gateflow.ai/v1/mcp/agents \
-H "Authorization: Bearer gw_prod_..." \
-H "Content-Type: application/json" \
-d '{
"name": "Support Bot",
"permissions": {
"tools": ["llm/chat", "retrieval/search"],
"models": ["gpt-5-mini"]
}
}'Response:
json
{
"agent_id": "agent_abc123",
"api_key": "gf-agent-xyz789...",
"mcp_endpoint": "https://mcp.gateflow.ai/agent_abc123"
}2. Connect Your Agent
python
from langchain.tools import MCPToolkit
toolkit = MCPToolkit(
server_url="https://mcp.gateflow.ai/agent_abc123",
api_key="gf-agent-xyz789..."
)
tools = toolkit.get_tools()3. Use Tools
python
# Agent can now use permitted tools
result = tools["retrieval_search"].invoke({"query": "password reset"})Architecture
Transport Options
| Transport | Use Case |
|---|---|
| HTTP/SSE | Cloud agents, serverless |
| stdio | Local agents, development |
Authentication
Agents authenticate with gf-agent-* prefixed keys:
Authorization: Bearer gf-agent-xyz789...Session Management
Each agent session is isolated:
- Separate audit logs
- Independent cost tracking
- Session-scoped context
Compliance
GateFlow MCP supports:
- HIPAA: PHI handling with BAA
- SOC 2: Audit logging, access controls
- EU AI Act: Human oversight, risk classification
- GDPR: Data residency, deletion rights
Next Steps
- Create Your First Agent - Hands-on tutorial
- Agent Templates - Pre-built configurations
- Permissions Deep Dive - Security model
- Tool Catalog - Available tools