DISCOVER & TEST KONNECT APIS IN REAL TIME WITH INSOMNIA 13 MIGRATE 50% FASTER WITH KONG MIGRATION SERVICES DON'T MISS OUT ON API + AI SUMMIT 2026 | PRICES INCREASE AUGUST 16
  • [Why Kong ](/company/why-kong)Why Kong
  • _API & AI CONNECTIVITY TECHNOLOGIES_
    The Unified API and AI Platform
    []
    API ManagementAI ManagementEvent ManagementMonetization
    Migration Services
    API Advisory Services + Forward Deployed EngineersNEW
    • RUNTIMES
    • [API Gateway ](/products/kong-gateway)API Gateway
    • [AI Gateway HOT](/products/kong-ai-gateway)AI Gateway HOT
    • [Event Gateway ](/products/event-gateway)Event Gateway
    • [Service Mesh ](/products/kong-mesh)Service Mesh
    • [Context Mesh ](/products/kong-konnect/features/context-mesh)Context Mesh
    • [Ingress Controller ](/products/kong-ingress-controller)Ingress Controller
    • [Kong Operator ](/products/kong-operator)Kong Operator
    • CORE SERVICES
    • [MCP Registry NEW](/products/mcp-registry)MCP Registry NEW
    • [API Service Catalog ](/products/kong-konnect/features/api-service-catalog)API Service Catalog
    • [Runtime Management ](/products/kong-konnect/features/runtime-management)Runtime Management
    • [APIOps & Automation ](/products/apiops-automation)APIOps & Automation
    • APPS & AI AGENTS
    • [Developer Portal ](/products/kong-konnect/features/developer-portal)Developer Portal
    • [Usage Billing & Metering ](/products/kong-konnect/features/usage-based-metering-and-billing)Usage Billing & Metering
    • [Observability ](/products/kong-konnect/features/api-observability)Observability
    • [KAi Agent ](/products/kong-konnect/features/kai-ai-agent)KAi Agent
    DEVELOPER TOOLS
    [Insomnia ](https://insomnia.rest/)Insomnia [Plugins ](https://developer.konghq.com/plugins/)Plugins [Volcano ](https://volcano.dev/)Volcano [Kong MCP ](https://developer.konghq.com/konnect-platform/konnect-mcp/)Kong MCP [Documentation ](https://docs.konghq.com/)Documentation [Open Source ](/community)Open Source
      • FOR PLATFORM TEAMS
      • [Developer Platform ](/solutions/building-developer-platform)Developer Platform
      • [Kubernetes and Microservices ](/solutions/build-on-kubernetes)Kubernetes and Microservices
      • [Observability ](/solutions/observability)Observability
      • [Service Mesh Connectivity ](/solutions/service-mesh-connectivity)Service Mesh Connectivity
      • [Kafka Event Streaming ](/solutions/kafka-stream-api-management)Kafka Event Streaming
      • FOR EXECUTIVES
      • [AI Connectivity ](/ai-connectivity)AI Connectivity
      • [Open Banking ](/solutions/open-banking)Open Banking
      • [Legacy Migration ](/solutions/legacy-api-management-migration)Legacy Migration
      • [Platform Cost Reduction ](/solutions/api-platform-consolidation)Platform Cost Reduction
      • [Kafka Cost Optimization ](/solutions/reduce-kafka-cost)Kafka Cost Optimization
      • [API Monetization ](/solutions/api-monetization)API Monetization
      • [AI Monetization ](/solutions/ai-monetization)AI Monetization
      • [AI FinOps ](/solutions/ai-cost-governance-finops)AI FinOps
      • FOR AI TEAMS
      • [Agent Gateway ](/agent-gateway)Agent Gateway
      • [AI Governance ](/solutions/ai-governance)AI Governance
      • [AI Security ](/solutions/ai-security)AI Security
      • [AI Cost Control ](/solutions/ai-cost-optimization-management)AI Cost Control
      • [Agentic Infrastructure ](/solutions/agentic-ai-workflows)Agentic Infrastructure
      • [MCP Production ](/solutions/mcp-production-and-consumption)MCP Production
      • [MCP Traffic Gateway ](/solutions/mcp-governance)MCP Traffic Gateway
      • FOR DEVELOPERS
      • [Mobile App API Development ](/solutions/mobile-application-api-development)Mobile App API Development
      • [GenAI App Development ](/solutions/power-openai-applications)GenAI App Development
      • [API Gateway for Istio ](/solutions/istio-gateway)API Gateway for Istio
      • [Decentralized Load Balancing ](/solutions/decentralized-load-balancing)Decentralized Load Balancing
      • BY INDUSTRY
      • [Financial Services ](/solutions/financial-services-industry)Financial Services
      • [Healthcare ](/solutions/healthcare)Healthcare
      • [Higher Education ](/solutions/api-platform-for-education-services)Higher Education
      • [Insurance ](/solutions/insurance)Insurance
      • [Manufacturing ](/solutions/manufacturing)Manufacturing
      • [Retail ](/solutions/retail)Retail
      • [Software & Technology ](/solutions/software-and-technology)Software & Technology
      • [Transportation ](/solutions/transportation-and-logistics)Transportation
    NEW
    Kong for Startups
    Apply for $100 credits & 50% off AI Gateway
  • [Pricing ](/pricing)Pricing
      • DOCUMENTATION
      • [Kong Konnect ](https://developer.konghq.com/konnect/)Kong Konnect
      • [Kong Gateway ](https://developer.konghq.com/gateway/)Kong Gateway
      • [Kong Mesh ](https://developer.konghq.com/mesh/)Kong Mesh
      • [Kong AI Gateway ](https://developer.konghq.com/ai-gateway/)Kong AI Gateway
      • [Kong Event Gateway ](https://developer.konghq.com/event-gateway/)Kong Event Gateway
      • [Kong Insomnia ](https://developer.konghq.com/insomnia/)Kong Insomnia
      • [Plugin Hub ](https://developer.konghq.com/plugins/)Plugin Hub
      • EXPLORE
      • [Blog ](/blog)Blog
      • [Learning Center ](/blog/learning-center)Learning Center
      • [eBooks ](/resources/e-book)eBooks
      • [Reports ](/resources/reports)Reports
      • [Demos ](/resources/demos)Demos
      • [Customer Stories ](/customer-stories)Customer Stories
      • [Videos ](/resources/videos)Videos
      • EVENTS
      • [API + AI Summit ](/events/conferences/api-ai-summit)API + AI Summit
      • [Webinars ](/events/webinars)Webinars
      • [User Calls ](/events/user-calls)User Calls
      • [Workshops ](/events/workshops)Workshops
      • [Meetups ](/events/meetups)Meetups
      • [See All Events ](/events)See All Events
      • FOR DEVELOPERS
      • [Get Started ](https://developer.konghq.com/)Get Started
      • [Community ](/community)Community
      • [Certification ](/academy/certification)Certification
      • [Training ](https://education.konghq.com)Training
      • COMPANY
      • [About Us ](/company/about-us)About Us
      • [We're Hiring! ](/company/careers)We're Hiring!
      • [Press Room ](/company/press-room)Press Room
      • [Contact Us ](/company/contact-us)Contact Us
      • [Kong Partner Program ](/partners)Kong Partner Program
      • [Enterprise Support Portal ](https://support.konghq.com/s/)Enterprise Support Portal
      • [Documentation ](https://developer.konghq.com/?_gl=1*tphanb*_gcl_au*MTcxNTQ5NjQ0MC4xNzY5Nzg4MDY0LjIwMTI3NzEwOTEuMTc3MzMxODI2MS4xNzczMzE4MjYw*_ga*NDIwMDU4MTU3LjE3Njk3ODgwNjQ.*_ga_4JK9146J1H*czE3NzQwMjg1MjkkbzE4OSRnMCR0MTc3NDAyODUyOSRqNjAkbDAkaDA)Documentation
  • [](/search)
  • [Login](https://cloud.konghq.com/login)Login
  • [Book Demo](/contact-sales)Book Demo
  • [Get Started](/products/kong-konnect/register)Get Started
[Blog](/blog)Blog
  • [AI Gateway ](/blog/tag/ai-gateway)AI Gateway
  • [AI Security ](/blog/tag/ai-security)AI Security
  • [AIOps ](/blog/tag/aiops)AIOps
  • [API Security ](/blog/tag/api-security)API Security
  • [API Gateway ](/blog/tag/api-gateway)API Gateway
|
    • [API Management ](/blog/tag/api-management)API Management
    • [API Development ](/blog/tag/api-development)API Development
    • [API Design ](/blog/tag/api-design)API Design
    • [Automation ](/blog/tag/automation)Automation
    • [Service Mesh ](/blog/tag/service-mesh)Service Mesh
    • [Insomnia ](/blog/tag/insomnia)Insomnia
    • [Event Gateway ](/blog/tag/event-gateway)Event Gateway
    • [View All Blogs ](/blog/page/1)View All Blogs
We're Entering the Age of AI Connectivity [Read more](/blog/news/the-age-of-ai-connectivity)Read moreProducts & Agents:
    • [Kong AI Gateway](/products/kong-ai-gateway)Kong AI Gateway
    • [Kong API Gateway](/products/kong-gateway)Kong API Gateway
    • [Kong Event Gateway](/products/event-gateway)Kong Event Gateway
    • [Kong Metering & Billing](/products/kong-konnect/features/usage-based-metering-and-billing)Kong Metering & Billing
    • [Kong Insomnia](/products/kong-insomnia)Kong Insomnia
    • [Kong Konnect](/products/kong-konnect)Kong Konnect
  • [Documentation](https://developer.konghq.com)Documentation
  • [Book Demo](/contact-sales)Book Demo
  1. Home
  2. Blog
  3. Product Releases
  4. Enterprise-Grade MCP Access Control Is Here. Your Gateway Makes It Real.
[AI Gateway](/blog/tag/ai-gateway)AI Gateway
July 3, 2026
7 min read

# Enterprise-Grade MCP Access Control Is Here. Your Gateway Makes It Real.

*Kong makes every MCP client and server work with Enterprise-Managed Authorization, whether they speak the protocol or not.*

Andrew Jessup
Principal Product Manager, Agentic Identity, Kong
Vincent Le Goff
Senior Staff Software Engineer, Kong
Michael Field
Principal, Technical Product Marketing Manager, Kong

The MCP demo impressed the room. Then someone asked how 5,000 employees would connect to 40 MCP servers, and the answer was: one OAuth consent screen at a time. Per user. Per server. No central policy, no unified audit trail, and nothing stopping a personal account from getting wired into a work tool.

That answer just changed. In June, the Model Context Protocol project stabilized the[ _Enterprise-Managed Authorization (EMA) extension_](https://blog.modelcontextprotocol.io/posts/enterprise-managed-auth/) _Enterprise-Managed Authorization (EMA) extension_, with Okta, Anthropic, and Microsoft among the first adopters. But adoption takes time, on both ends. Clients have to learn to produce an ID-JAG, servers have to learn to accept one, and most of the software you actually run isn't there yet. Plenty of it you don't even control. That's the gap Kong AI Gateway closes today. The new id-jag-relay plugin handles the client side, and the same gateway brings EMA to any server that isn't ready for it yet.

## What EMA changes

Standard MCP authorization is user-scoped and interactive: every user authorizes every server, one consent flow at a time. This is fine for consumers but unworkable at enterprise scale. Onboarding becomes a checklist of consent screens, security teams can't enforce or audit policy, and work and personal identities blur together.

EMA makes your identity provider the decision-maker for MCP access. Admins define policy once: which groups get which tools, under which conditions. Users sign in with their corporate identity and every authorized MCP server connects automatically, scoped to the groups and roles they already have on day one. No per-server consent and nothing to configure.

Under the hood, EMA runs on the[ _Identity Assertion JWT Authorization Grant_](https://datatracker.ietf.org/doc/draft-ietf-oauth-identity-assertion-authz-grant/) _Identity Assertion JWT Authorization Grant_ (ID-JAG), an IETF OAuth draft. Instead of a consent dance between apps, the client exchanges its SSO identity at the IdP for a short-lived, signed, audience-bound assertion that names exactly who is acting on whose behalf. The MCP server's authorization server trades that assertion for a scoped access token, and the request goes through. Policy lives at the IdP. The delegation chain lives in the token. Auditors get a real answer to "who approved this, and who's accountable?"

That's the shift. Agents calling tools on behalf of users is a delegation problem, and enterprises have been solving it with bearer tokens and API keys that flatten the chain. EMA keeps the chain intact, end to end, in a standard.

And the resource side is coming online too. Okta is the first supported IdP through its Cross App Access (XAA) implementation. Asana, Atlassian, Canva, Figma, Granola, Linear, and Supabase already accept EMA on the server side, with more on the way. That's real momentum. But accepting an ID-JAG is work each server has to build, and it's early. Plenty of MCP servers, first-party and third-party alike, won't get there for a while, if at all, and the ones you don't own you can't put on a schedule.

## Two gaps: Where the specification meets reality

The exchange that powers EMA has to start somewhere: a client takes the ID token it got from SSO and trades it at the IdP for an ID-JAG. EMA-aware clients like Claude, Claude Code, Cowork, and VS Code do this themselves.

Now count the clients in your organization that aren't on that list. The internal agent your team built in Q1. The CI job that calls an MCP server to file tickets. The scripts, the notebooks, the older MCP clients, the vendor tool that won't ship EMA support until next year, if ever. Every one of them holds an API key or OIDC client credential, often on a user's desktop.

That's the first gap: **the downstream resource requires an ID-JAG, and the client can't produce one.** The MCP server did the right thing. The IdP is ready. And the request still fails at the front door.

Now flip it around. Plenty of MCP servers won't accept an ID-JAG. The one your data team stood up last quarter. The third-party server on its own EMA timeline, if it has one at all. The SaaS tool that authenticates with its own token and has no reason to care about your IdP. A compliant client produces a perfectly good ID-JAG, and the server has nowhere for it to land. That's the second gap: **the client did everything right, and the server can't meet it.** Same failure, mirror image: the IdP is ready, the client did its part, and the request still dies at the door.

Two gaps, mirror images of each other, one root cause. A standard only works when both ends speak it, and your internal fleet is behind on both.

The options look grim. Retrofit the token exchange into every internal client, and stand up a compliant authorization server in front of every internal server: security-critical OAuth code, duplicated across codebases in five languages, on both ends. Or carve out exceptions so the stragglers bypass EMA, which quietly recreates the credential sprawl you adopted EMA to kill. Or wait, and let half your fleet sit unreachable behind a standard it can't speak.

This isn't a new problem. It's where API authentication stood a decade ago, when every service and client implemented its own auth and every implementation drifted. The industry's answer then is the answer now: cross-cutting security belongs at the traffic layer, not scattered through application code. Connectivity is infrastructure. It was true for APIs. It's true for tokens.

## Why the gateway is the essential piece

An AI gateway already sits in exactly the right place: between every client you can't change and every resource that now speaks ID-JAG. It terminates every request. It's where you already enforce authentication, rate limiting, and observability. And because it sits inline on both sides, it can stand in for whichever end is behind.

On the client side, it upgrades the credential in flight, once, for every client. The gateway accepts what the client already has (its SSO ID token), performs the ID-JAG exchange, and presents the credential the resource requires. One implementation of verification, exchange, caching, and replay handling, tested and patched in one place, instead of a copy in every client codebase. Your clients keep sending the token they've always had. Your resources get the credential they now demand. Neither side changes.

On the server side, it does the mirror image. It enforces the EMA decision at the edge, checking the caller's assertion against your IdP policy before the request reaches the server, then presents whatever credential the upstream actually requires. For a server that speaks standard OAuth, that's a token it already trusts. For one that runs its own auth, it's that server's native credential, brokered by the gateway and never handed to the agent. Either way, the server behind it never learns EMA exists. It just receives a request it already knows how to trust.

Either way, the gateway acts as a named broker, not invisible middleware. ID-JAG has a delegation model built for exactly this. The IdP explicitly authorizes the gateway as a broker for specific apps and resources, and the gateway appears in the token's actor chain. Redemption is bound to it, so an intermediary the IdP didn't authorize gets rejected. The gateway's trust is explicit in the token, not ambient in the network. Your audit trail shows the user, the client acting for them, and the broker in the middle. No holes.

There's a governance dividend, too. Because every MCP call crosses the gateway with a full delegation chain attached, the traffic layer becomes the one place you can see, meter, and control agent access across the company: which agent, which user, which tool, which scope. Speed and governance stop being a tradeoff. You get both, at the same layer.

## Now in Kong

### On the client edge: id-jag-relay

The new id-jag-relay plugin turns Kong AI Gateway into that trusted broker. The name is the behavior: Kong acts as the ID-JAG-capable client for the ones that can't.

The client calls through Kong with its OIDC ID token. Kong validates that token locally: it checks the signature against the IdP's public keys (the JWKS Kong fetches once and caches) plus the issuer, audience, and expiry. There's no per-request call to Okta to do it. A bad signature fails closed, so the request gets a `401` and never touches the upstream. 

The network calls come next: Kong exchanges the ID token at the IdP's token endpoint for an ID-JAG that names the user, the original client app, and Kong as the actor, then redeems that assertion at the MCP server's authorization server for a scoped access token (both results cached). Kong proxies the request upstream carrying that token, spoofable identity headers stripped, and the MCP server validates exactly what it was built to validate: a standard access token from its own trusted authorization server.

Here's the full path a request takes:

Configuration is a few lines:

plugins:
  - name: id-jag-relay
    config:
      audience: https://mcp.example.com
      id_token_audiences: ["my-client-app"]
      trusted_idps:
        - issuer: https://idp.example.com
          client_id: kong-broker
          client_secret: "{vault://env/kong-broker-secret}"

Notice what's absent? The client codebase stays untouched. The resource is already done; it speaks ID-JAG. The access policy lives in the IdP, where your security team can see it. The protocol burden lives in the gateway, once, for every client in front of it.

### On the resource edge: EMA for any server

The same gateway closes the gap on the other end, for any MCP server that isn't EMA-ready, first-party or third-party, on your network or a vendor's. On the way in, Kong enforces the EMA decision: is this user, acting through this agent, allowed to call this tool? That answer comes from your IdP policy, centrally, before the request ever reaches the server. On the way out, Kong hands the server exactly the credential it expects and keeps it away from the agent: a standard token for a server that speaks OAuth, or the server's own native credential for one that doesn't.

The server doesn't change, and you don't wait on its roadmap. The agent authenticates once, to Kong, with its EMA-scoped identity. Whatever the server wants on the far side, the two credentials only ever meet inside the gateway. From your IdP's point of view, every server behind Kong now falls under the same policy and the same audit trail.

## The point

EMA gives enterprise MCP the answers that were missing: your IdP approves the access, and the token names everyone accountable. But a standard only works when both ends speak it, and for years your fleet won't, on either end. The gateway is how the standard meets reality, the same reason API auth ended up there. It produces the ID-JAG for the clients that can't, and enforces it in front of the servers that can't, brokering the right credential on every hop and keeping the full delegation chain intact end to end.

The standard is ready. Your fleet doesn't have to be.

*Read the*[* *_*EMA extension spec*_](https://modelcontextprotocol.io/extensions/auth/enterprise-managed-authorization)* *_*EMA extension spec*_*, the*[* *_*ID-JAG draft*_](https://datatracker.ietf.org/doc/draft-ietf-oauth-identity-assertion-authz-grant/)* *_*ID-JAG draft*_*, or talk to us about running MCP through Kong AI Gateway.*

- [AI Gateway](/blog/tag/ai-gateway)AI Gateway- [MCP](/blog/tag/mcp)MCP- [OAuth](/blog/tag/oauth)OAuth- [API Security](/blog/tag/api-security)API Security- [Governance](/blog/tag/governance)Governance

Table of Contents

  • What EMA changes
  • Two gaps: Where the specification meets reality
  • Why the gateway is the essential piece
  • Now in Kong
  • The point

## More on this topic

_Videos_

## MCP vs OpenAPI vs A2A vs ?: Preparing for the Agentic World

_Videos_

## Moving Beyong the API Gateway to an API Platform

## See Kong in action

Accelerate deployments, reduce vulnerabilities, and gain real-time visibility. 

[Get a Demo](/contact-sales)Get a Demo
**Topics**
- [AI Gateway](/blog/tag/ai-gateway)AI Gateway- [MCP](/blog/tag/mcp)MCP- [OAuth](/blog/tag/oauth)OAuth- [API Security](/blog/tag/api-security)API Security- [Governance](/blog/tag/governance)Governance
Andrew Jessup
Principal Product Manager, Agentic Identity, Kong
Vincent Le Goff
Senior Staff Software Engineer, Kong
Michael Field
Principal, Technical Product Marketing Manager, Kong

Recommended posts

# Kong A2A and MCP Metrics: Visibility and Governance for AI Tool Adoption at Scale

[Product Releases](/blog/tag)Product ReleasesApril 23, 2026

When an organization deploys AI agents at scale, high uptime and low latency are an important baseline. However, Platform owners and business stakeholders could be flying blind on several fronts: The Insights Gap: Non-technical stakeholders have li

Amit Shah

# Govern the Full AI Data Path with Kong AI Gateway 3.14

[Product Releases](/blog/tag)Product ReleasesApril 14, 2026

Agent-to-agent communication is the next frontier of AI infrastructure. As teams decompose monolithic AI workflows into specialized agents — a research agent, a booking agent, a summarization agent — the calls between those agents become as importa

Greg Peranich

# Bringing Identity-Aware Security & Policy Enforcement to Event Streaming

[Product Releases](/blog/tag)Product ReleasesMarch 25, 2026

The widespread adoption of Kafka and event streaming platforms is evident across several enterprises, where they serve as the backbone of critical operations, ranging from financial transactions to AI inference pipelines. However, in the domains of

Hugo Guerrero

# From APIs to Agentic Integration: Introducing Kong Context Mesh

[Product Releases](/blog/tag)Product ReleasesFebruary 10, 2026

Agents are ultimately decision makers. They make those decisions by combining intelligence with context, ultimately meaning they are only ever as useful as the context they can access. An agent that can't check inventory levels, look up customer his

Alex Drag

# Introducing MCP Tool ACLs: Fine-Grained Authorization for AI Agent Tools

[Product Releases](/blog/tag)Product ReleasesJanuary 14, 2026

The evolution of AI agents and autonomous systems has created new challenges for enterprise organizations. While securing API endpoints is well-understood, controlling access to individual AI agent tools presents a unique authorization problem. Toda

Michael Field

# Kong Cloud Gateways: A Year in Review

[Product Releases](/blog/tag)Product ReleasesDecember 17, 2025

A quick refresher: Kong Cloud Gateways Kong Cloud Gateways are fully managed, high-performance data planes running on customer-dedicated infrastructure, orchestrated and operated by Kong through Kong Konnect . Customers can choose between: Serverle

Josh Wigginton

# Securing, Observing, and Governing MCP Servers with Kong AI Gateway

[Product Releases](/blog/tag)Product ReleasesApril 24, 2025

The explosion of AI-native applications is upon us. With each new week, massive innovations are being made in how AI-centric applications are being built. There are a variety of tools developers need to consider, be it supplying live contextual data

Greg Peranich

# Kong A2A and MCP Metrics: Visibility and Governance for AI Tool Adoption at Scale

[Product Releases](/blog/tag)Product ReleasesApril 23, 2026

When an organization deploys AI agents at scale, high uptime and low latency are an important baseline. However, Platform owners and business stakeholders could be flying blind on several fronts: The Insights Gap: Non-technical stakeholders have li

Amit Shah

# Govern the Full AI Data Path with Kong AI Gateway 3.14

[Product Releases](/blog/tag)Product ReleasesApril 14, 2026

Agent-to-agent communication is the next frontier of AI infrastructure. As teams decompose monolithic AI workflows into specialized agents — a research agent, a booking agent, a summarization agent — the calls between those agents become as importa

Greg Peranich

# Bringing Identity-Aware Security & Policy Enforcement to Event Streaming

[Product Releases](/blog/tag)Product ReleasesMarch 25, 2026

The widespread adoption of Kafka and event streaming platforms is evident across several enterprises, where they serve as the backbone of critical operations, ranging from financial transactions to AI inference pipelines. However, in the domains of

Hugo Guerrero

# From APIs to Agentic Integration: Introducing Kong Context Mesh

[Product Releases](/blog/tag)Product ReleasesFebruary 10, 2026

Agents are ultimately decision makers. They make those decisions by combining intelligence with context, ultimately meaning they are only ever as useful as the context they can access. An agent that can't check inventory levels, look up customer his

Alex Drag

# Introducing MCP Tool ACLs: Fine-Grained Authorization for AI Agent Tools

[Product Releases](/blog/tag)Product ReleasesJanuary 14, 2026

The evolution of AI agents and autonomous systems has created new challenges for enterprise organizations. While securing API endpoints is well-understood, controlling access to individual AI agent tools presents a unique authorization problem. Toda

Michael Field

# Kong Cloud Gateways: A Year in Review

[Product Releases](/blog/tag)Product ReleasesDecember 17, 2025

A quick refresher: Kong Cloud Gateways Kong Cloud Gateways are fully managed, high-performance data planes running on customer-dedicated infrastructure, orchestrated and operated by Kong through Kong Konnect . Customers can choose between: Serverle

Josh Wigginton

# Securing, Observing, and Governing MCP Servers with Kong AI Gateway

[Product Releases](/blog/tag)Product ReleasesApril 24, 2025

The explosion of AI-native applications is upon us. With each new week, massive innovations are being made in how AI-centric applications are being built. There are a variety of tools developers need to consider, be it supplying live contextual data

Greg Peranich

# Kong A2A and MCP Metrics: Visibility and Governance for AI Tool Adoption at Scale

[Product Releases](/blog/tag)Product ReleasesApril 23, 2026

When an organization deploys AI agents at scale, high uptime and low latency are an important baseline. However, Platform owners and business stakeholders could be flying blind on several fronts: The Insights Gap: Non-technical stakeholders have li

Amit Shah

# Govern the Full AI Data Path with Kong AI Gateway 3.14

[Product Releases](/blog/tag)Product ReleasesApril 14, 2026

Agent-to-agent communication is the next frontier of AI infrastructure. As teams decompose monolithic AI workflows into specialized agents — a research agent, a booking agent, a summarization agent — the calls between those agents become as importa

Greg Peranich

# Bringing Identity-Aware Security & Policy Enforcement to Event Streaming

[Product Releases](/blog/tag)Product ReleasesMarch 25, 2026

The widespread adoption of Kafka and event streaming platforms is evident across several enterprises, where they serve as the backbone of critical operations, ranging from financial transactions to AI inference pipelines. However, in the domains of

Hugo Guerrero

# From APIs to Agentic Integration: Introducing Kong Context Mesh

[Product Releases](/blog/tag)Product ReleasesFebruary 10, 2026

Agents are ultimately decision makers. They make those decisions by combining intelligence with context, ultimately meaning they are only ever as useful as the context they can access. An agent that can't check inventory levels, look up customer his

Alex Drag

# Introducing MCP Tool ACLs: Fine-Grained Authorization for AI Agent Tools

[Product Releases](/blog/tag)Product ReleasesJanuary 14, 2026

The evolution of AI agents and autonomous systems has created new challenges for enterprise organizations. While securing API endpoints is well-understood, controlling access to individual AI agent tools presents a unique authorization problem. Toda

Michael Field

# Kong Cloud Gateways: A Year in Review

[Product Releases](/blog/tag)Product ReleasesDecember 17, 2025

A quick refresher: Kong Cloud Gateways Kong Cloud Gateways are fully managed, high-performance data planes running on customer-dedicated infrastructure, orchestrated and operated by Kong through Kong Konnect . Customers can choose between: Serverle

Josh Wigginton

# Securing, Observing, and Governing MCP Servers with Kong AI Gateway

[Product Releases](/blog/tag)Product ReleasesApril 24, 2025

The explosion of AI-native applications is upon us. With each new week, massive innovations are being made in how AI-centric applications are being built. There are a variety of tools developers need to consider, be it supplying live contextual data

Greg Peranich

## Ready to see Kong in action?

Get a personalized walkthrough of Kong's platform tailored to your architecture, use cases, and scale requirements.

[Get a Demo](/contact-sales)Get a Demo

## step-0

    • Company
    • [About Kong ](/company/about-us)About Kong
    • [Customers ](/customer-stories)Customers
    • [Careers ](/company/careers)Careers
    • [Press ](/company/press-room)Press
    • [Events ](/events)Events
    • [Contact ](/company/contact-us)Contact
    • [Pricing ](/pricing)Pricing
      •    * [Terms](/legal/terms-of-use)
      •    * [Privacy](/legal/privacy-policy)
      •    * [Trust and Compliance](https://trust.konghq.com/)
    • Platform
    • [Kong AI Gateway ](/products/kong-ai-gateway)Kong AI Gateway
    • [Kong Konnect ](/products/kong-konnect)Kong Konnect
    • [Kong Gateway ](/products/kong-gateway)Kong Gateway
    • [Kong Event Gateway ](/products/event-gateway)Kong Event Gateway
    • [Kong Insomnia ](/products/kong-insomnia)Kong Insomnia
    • [Documentation ](https://developer.konghq.com)Documentation
    • [Book Demo ](/contact-sales)Book Demo
    • Compare
    • [AI Gateway Alternatives ](/performance-comparison/ai-gateway-alternatives)AI Gateway Alternatives
    • [Kong vs Apigee ](/performance-comparison/kong-vs-apigee)Kong vs Apigee
    • [Kong vs AWS ](/performance-comparison/kong-vsaws)Kong vs AWS
    • [Kong vs IBM ](/performance-comparison/ibm-api-connect-vs-kong)Kong vs IBM
    • [Kong vs Mulesoft ](/performance-comparison/kong-vs-mulesoft)Kong vs Mulesoft
    • [Kong vs Postman ](/performance-comparison/kong-vs-postman)Kong vs Postman
    • Explore More
    • [Kong for Startups ](/solutions/startup-program)Kong for Startups
    • [Open Banking API Solutions ](/solutions/open-banking)Open Banking API Solutions
    • [API Governance Solutions ](/solutions/api-governance)API Governance Solutions
    • [Istio API Gateway Integration ](/solutions/istio-gateway)Istio API Gateway Integration
    • [Kubernetes API Management ](/solutions/build-on-kubernetes)Kubernetes API Management
    • [API Gateway: Build vs Buy ](/campaign/secure-api-scalability)API Gateway: Build vs Buy
    • Open Source
    • [Kong Gateway ](https://developer.konghq.com/gateway/install/)Kong Gateway
    • [Kuma ](https://kuma.io/)Kuma
    • [Insomnia ](https://insomnia.rest/)Insomnia
    • [Kong Community ](/community)Kong Community

Kong enables the connectivity layer for the agentic era – securely connecting, governing, and monetizing APIs and AI tokens across any model or cloud.

  • English
  • Japanese
  • Frenchcoming soon
  • Spanishcoming soon
  • Germancoming soon
[Everything is 200 OK](https://status.konghq.com/)
© Kong Inc. 2026
Interaction mode