# Agent Gateway

> A proxy that sits between agents and the tools or models they call, enforcing security, access-control and observability policies on agent traffic.

_The Agentic Web Lexicon · /glossary/agent-gateway · [JSON](/api/glossary/agent-gateway) · [all The Agentic Web Lexicon](/glossary)_

- **term:** Agent Gateway
- **category:** identity
- **short_def:** A proxy that sits between agents and the tools or models they call, enforcing security, access-control and observability policies on agent traffic.
- **long_def:** An agent gateway (sometimes 'agent firewall' for the security-focused variant) is a networking layer built on agent-native protocols like MCP and A2A. It inspects and governs agent-to-tool, agent-to-model and agent-to-agent calls — applying policy, redacting secrets and PII, blocking prompt-injection and SSRF, and logging everything. It is where a site can centrally control what visiting or internal agents are allowed to do.
- **see_also:** prompt-injection, agent-identity, mcp
- **etymology_origin:** — (verify-against-primary-at-build)
- **related_to:** prompt-injection, agent-identity, mcp, web-bot-auth, delegation
- **contrast_with:** Unlike a traditional network firewall, which filters IP/port traffic, an agent gateway understands agent protocols — it inspects MCP tool calls and A2A messages for prompt injection, secret leakage and policy violations, not just packets.
- **example:** Open-source agent gateways such as agentgateway provide drop-in security, observability and access control for agent-to-LLM, agent-to-tool and agent-to-agent communication across frameworks.
- **source:** https://agentgateway.dev/
- **status:** emerging
- **why_it_matters:** An agent gateway is where an organization enforces agent-readiness safely at scale — verifying identity, scoping permissions and blocking injection in one controllable choke point.
- **sameAs:** —
- **bridge_entity:** protocols/identity/web-bot-auth
- **last_verified:** 2026-06-15
- **md_twin:** /glossary/agent-gateway.md