Agent Gateway
A proxy that sits between agents and the tools or models they call, enforcing security, access-control and observability policies on agent traffic.
- term
- Agent Gateway
- category
- identity
- short_def
- A proxy that sits between agents and the tools or models they call, enforcing security, access-control and observability policies on agent traffic.
- long_def
- An agent gateway (sometimes 'agent firewall' for the security-focused variant) is a networking layer built on agent-native protocols like MCP and A2A. It inspects and governs agent-to-tool, agent-to-model and agent-to-agent calls — applying policy, redacting secrets and PII, blocking prompt-injection and SSRF, and logging everything. It is where a site can centrally control what visiting or internal agents are allowed to do.
- see_also
prompt-injectionagent-identitymcp- etymology_origin
- — verify-against-primary-at-build ↗ https://agentgateway.dev/ — 'agent gateway'/'agent firewall' are an emerging product/infrastructure category (e.g. agentgateway.dev, MCP firewalls) with no single coiner or standards body
- related_to
prompt-injectionagent-identitymcpweb-bot-authdelegation- contrast_with
- Unlike a traditional network firewall, which filters IP/port traffic, an agent gateway understands agent protocols — it inspects MCP tool calls and A2A messages for prompt injection, secret leakage and policy violations, not just packets.
- example
- Open-source agent gateways such as agentgateway provide drop-in security, observability and access control for agent-to-LLM, agent-to-tool and agent-to-agent communication across frameworks.
- source
- https://agentgateway.dev/
- status
- emerging
- why_it_matters
- An agent gateway is where an organization enforces agent-readiness safely at scale — verifying identity, scoping permissions and blocking injection in one controllable choke point.
- sameAs
- —
- bridge_entity
- protocols/identity/web-bot-auth
- last_verified
- 2026-06-15
- md_twin
- /glossary/agent-gateway.md