Governance: RBAC, redaction, and per-tool config
Control exactly what agents can do: role-based access, read-only mode, tool exposure, PHI/PII redaction, and per-tool prompt and field rules.
The gateway only ever narrows what the downstream already permits - it never widens access. You layer controls at the connector, the access key, and the per-member level.
What you can control
- RBAC/ABAC: scope each access key to specific servers, tools, and a read-only or allow/deny policy.
- Tool exposure: hide whole connectors or individual tools from the catalog.
- PHI/PII redaction: mask sensitive fields in results by name or detected category before they reach the agent.
- Per-tool config: override a tool's description (prompt) and block or redact individual input/output fields.
- Audit: every tool call, connect, disconnect, and config change is recorded in a tamper-evident log.
Per-tool field rules
For any tool you can remove input fields from the schema agents see (and strip them from calls) and remove output fields from results - matched by name. This lets you expose a tool while keeping sensitive parameters and columns out of the agent's reach.
FAQ
Can the gateway grant more access than the underlying server?
No. Governance can only restrict. The downstream server's own permissions remain the final gate; the gateway narrows on top.
Is redaction applied to free-text tool output too?
Structured content and any JSON inside text blocks are redacted by field name. Non-JSON free text is left intact to avoid leaking around partial rewrites.
Last updated 2026-06-09