| HN Mirror

Y	Hacker News new \| ask \| show \| jobs


	by dfcowell 70 days ago
	This is solved by the agent having its own identity and credentials. Why would you share your login and identity with your AI agent? Access control and permissions should be handled on the backend by enforcing IAM on well-defined principals, not with MCP middleware. Claude can already bypass MCP and call APIs or use CLIs if it runs into blockers using MCP, so it’s not an effective point to implement the control.

2 comments

corlinp 70 days ago

IAM is generally binary (allowed yes/no) whereas MCP usually supports more nuance (always allow/ask if risky/always ask/no)

link

darepublic 70 days ago

You can have agents that serve multiple different users with varying levels if permission

link

toomuchtodo 70 days ago

Anti-pattern imho. Agents should operate within granular identity and permission scopes, with audit and log trails for all data operations (read, write, etc).

Copilot: https://learn.microsoft.com/en-us/entra/agent-id/identity-pl... | https://learn.microsoft.com/en-us/purview/audit-copilot (for example)

TLDR Maintain an identity boundary whenever possible.

link