## Security model Agen for SaaS operates on a **zero-trust** security model. Every request from an AI agent is treated as potentially untrusted and must pass through multiple verification and enforcement layers before reaching your APIs. ### Zero-trust principles | Principle | Implementation | | --- | --- | | **Verify explicitly** | Every request must include a valid authentication token. No implicit trust based on network location. | | **Least-privilege access** | Tools are only accessible to users with explicitly assigned roles or permissions via access control rules. | | **Assume breach** | All actions are logged, all sensitive data is masked, and all critical operations require human approval. | ### Identity and authentication - All requests must include a valid JWT issued by your configured auth provider (Frontegg or OIDC). - JWTs are validated on every request — expired, malformed, or unsigned tokens are rejected. - The authorization server federation URL provides the endpoint for token validation. - Custom domains can be configured for both authentication and MCP Gateway endpoints. ### Multi-tenant isolation - Each tenant's data and policy context is isolated. - JWT claims (tenant ID, roles, permissions) drive all access control and policy decisions. - Tenant-level policy delegation allows customers to add their own governance within platform boundaries. - Global policies set by the platform provider cannot be overridden by tenant-level policies. ### Backend verification Agen for SaaS signs requests forwarded to your backend APIs with cryptographic signatures (SHA-256 HMAC). This allows your backend to verify that requests originate from your MCP Gateway and have not been tampered with. For implementation details, see [Backend trust and verification](/agen-for-saas/configuration/backend-verification). ### Defense-in-depth layers Requests pass through the following layers in order: 1. **TLS encryption** — All communication is encrypted in transit. 2. **Authentication** — Token validation and identity verification. 3. **Access control** — Role and permission-based tool restrictions. 4. **Policies** — Conditional rule evaluation (deny, step-up, approval). 5. **Hooks** — Custom code execution for additional validation. 6. **Data protection** — Sensitive data masking in responses. 7. **Monitoring** — Complete audit trail of the entire interaction. ### Related topics - [Security and compliance overview](/agen-for-saas/security-compliance/overview) - [Best practices](/agen-for-saas/security-compliance/best-practices) - [Backend trust and verification](/agen-for-saas/configuration/backend-verification) - [Access control](/agen-for-saas/access-control/overview)