Access Control

When using the Gateway SDK, Access Control is applied automatically to all agent traffic. Configure role-based permissions from the dashboard below.

Access Control supports tool call and data source controls, which can be configured in the dashboard with an admin account.

On the Access Control Guard tab of the dashboard, you can use the left sidebar to navigate between the Monitor and Manage Rules.

Access Control Monitor

The "Access Control Guard/Monitor" provides both comprehensive statistics and detailed activity logs of the access checking and blocking behaviors.

Each activity is also shown in the lower part of the Monitor, with detailed information including the agent's raw observation, action, explanation of why the action was flagged (or not), and the specific violated policies (accessible in the Violations tab).

Configure Access Control Rules

Access control rules can be configured in the "Access Control Guard/Manage Rules" tab with an admin account. The screenshot below shows that the admin can see the tools and data sources for the MCPs used by existing gateways in the dashboard.

The Admin can then configure the access for each group, i.e., which tools and data sources each user group can access. In the screenshot below, we have the Admin group that can access all MCP tools, and the trial user group that can access partial tools.