User guideAI GatewayMCP Gateway overview
AI Gateway

MCP Gateway overview

Understand what the MCP Gateway does, how it works, and why you need it for agent governance.

What is the MCP Gateway

The MCP Gateway is VerifyWise's proxy for the Model Context Protocol. It sits between your AI agents and the MCP servers they call, adding authentication, access control, guardrails and a full audit trail to every tool invocation.

Without a gateway, agents connect directly to MCP servers. That means no central visibility into what tools they're calling, no way to block sensitive operations and no audit log. The MCP Gateway solves all three.

How it works

The gateway speaks JSON-RPC 2.0 over HTTP, the same protocol MCP clients already use. Your agent connects to POST /v1/mcp with an agent key instead of connecting directly to backend servers. The gateway handles everything in between.

  1. Your agent sends a tools/list or tools/call request to POST /v1/mcp with a Bearer token (the agent key).
  2. The gateway authenticates the key, checks rate limits and tool-level ACLs.
  3. For tools/call, the gateway runs guardrail rules against the tool input (PII detection, content filtering, prompt injection detection).
  4. If the tool requires approval, the gateway pauses execution and returns an approval request ID. A human reviews it in the Approvals page.
  5. Once cleared, the gateway forwards the call to the correct backend MCP server, using the auth credentials you configured.
  6. The response flows back to the agent. The gateway logs the call, its result, latency and status to the audit trail.
Protocol version
The gateway implements MCP protocol version 2025-03-26 with Streamable HTTP transport. It also exposes a GET /v1/mcp SSE endpoint for keep-alive connections.

Core concepts

MCP servers

Backend servers that expose tools (database queries, file operations, search, etc.). You register them in VerifyWise with their URL and auth credentials.

Tool catalog

All discovered tools across your servers, with risk levels and approval requirements you can configure per tool.

Agent keys

Scoped API keys (prefixed sk-mcp-) that agents use to authenticate. Each key can restrict which tools the agent can call.

Guardrails

Rules that scan tool inputs before execution. Detect PII, filter prohibited content, or block prompt injection attempts.

Approvals

High-risk tools can require human sign-off before the agent executes them. Pending requests appear in the Approvals page.

Audit log

Every tool call is logged with the agent key, tool name, status, latency and result summary. Filterable and paginated.

Who needs this

If your organization runs AI agents that call external tools, you need governance around those calls. The MCP Gateway is built for:

  • Security teams: who need to control which tools agents can access and scan inputs for sensitive data
  • Compliance teams: who need an audit trail of every tool invocation for EU AI Act Article 12 (record-keeping) and Article 14 (human oversight)
  • Platform teams: who manage MCP servers and want centralized auth, health monitoring and rate limiting
  • AI engineers: who build agents and want a single endpoint to discover all available tools across servers

Quick setup

Getting started takes about 5 minutes. Here's the short version:

  1. Register an MCP server in AI Gateway > MCP Gateway > Servers.
  2. Wait for tool discovery (or trigger it manually once available).
  3. Review discovered tools in the Tools page. Set risk levels and approval requirements.
  4. Create an agent key in Agent keys. Scope it to the tools the agent needs.
  5. Point your agent at POST /v1/mcp with the key as a Bearer token.

Compliance mapping

The MCP Gateway maps directly to several regulatory requirements:

RequirementMCP Gateway feature
EU AI Act Art. 9 (risk management)Tool risk levels, guardrails, approval workflows
EU AI Act Art. 12 (record-keeping)Audit log with full invocation history
EU AI Act Art. 14 (human oversight)Approval requirements on high-risk tools
ISO 42001 A.3 (AI policy)Agent key ACLs, tool-level access control
ISO 42001 Clause 8.2 (risk assessment)Per-tool risk classification (low, medium, high)

Sidebar navigation

The MCP Gateway section appears as a collapsible group in the AI Gateway sidebar. Click "MCP Gateway" to expand it. You'll see six sub-pages:

  • Agent keys: Create and manage API keys for agents
  • Servers: Register and monitor backend MCP servers
  • Tools: View all discovered tools, set risk levels
  • Audit log: Review tool invocation history and stats
  • Approvals: Approve or deny pending tool calls
  • Guardrails: Configure input scanning rules

Next steps

MCP servers

Register your first MCP server and configure authentication.

Agent keys

Create scoped API keys for your AI agents.

Tool catalog

Browse discovered tools and configure risk levels.

PreviousModels
NextMCP servers
MCP Gateway overview - AI Gateway - VerifyWise User Guide