Core concepts
AgentLink provides the foundation for SaaS products and organizations to safely open their APIs and product capabilities to AI platforms and agents.
It turns your product into an AI-native platform, allowing customers to interact with it through AI assistants (like ChatGPT, Claude, Gemini, or custom MCP agents) — while maintaining security, governance, and compliance.
This page explains the core concepts that make AgentLink work.
MCP server
The MCP Server is the managed runtime that connects your product's APIs to the Model Context Protocol (MCP) ecosystem.
- It’s hosted and orchestrated by AgentLink.
- It exposes your APIs as Tools to AI agents.
- It acts as a secure gateway between your backend and external AI platforms.
- It enforces access control, data protection, and policies for every action.
Each organization or tenant can have its own isolated MCP server instance, enabling independent governance and customization.
Tools
A Tool represents an action, function, or API endpoint that an AI agent can invoke through AgentLink.
- Tools are imported from OpenAPI or GraphQL schema files.
- Each tool defines metadata like name, description, input/output schema, and authentication type.
- You can enable, disable, edit, or remove tools directly from the AgentLink dashboard.
- Tools are automatically discoverable by connected AI agents via MCP.
Example:
| Tool Name | Description | Type |
|---|---|---|
create_expense_report | Creates a new expense report in your product | REST (OpenAPI) |
get_user_profile | Fetches user profile data | GraphQL Query |
Users, tenants, and claims
AgentLink is multi-tenant and identity-aware by design.
- Users represent individuals interacting with your product.
- Tenants correspond to logical customer environments (e.g., different organizations using your SaaS).
- Claims are attributes from your authentication tokens (JWTs) that represent identity, role, or scope.
Example JWT:
{
"user_id": "u-12345",
"tenant": "acme-inc",
"role": "finance_admin",
"region": "US"
}AgentLink uses these claims to apply Access Control and Policy rules dynamically per tenant or user.
Access control (RBAC / ABAC)
Access Control defines who can see or execute which tools through AgentLink.
- RBAC (Role-Based Access Control): map tools to roles (e.g., only users with
finance_admincan approve expenses). - ABAC (Attribute-Based Access Control): use JWT claims like
region,department, orentitlementto restrict tool access.
Access rules are defined in the Access Control screen and can be based on roles or JWT attributes.
This ensures each AI agent invocation respects the same security boundaries as your core application.
Policies and guardrails
Policies define what actions are allowed or restricted when AI agents call your tools.
Each policy can result in one of several actions:
| Policy Action | Behavior |
|---|---|
| Allow | The tool request executes normally. |
| Deny | The request is blocked and logged. |
| Ask for Approval | Requires human review before proceeding. |
| Step-Up Authentication | Requires additional verification (e.g., MFA, admin token). |
Policies can include conditional logic combining context and claim values.
Example condition:
If the tool is
create_expense_reportand the amount is greater than 500, then Ask for Approval.
This enables fine-grained, dynamic governance for every AI-triggered request.
Approval flows
When a policy requires approval, Approval Flows define who reviews and approves those requests.
- Approvers can be defined by role (e.g.,
finance_manager) or by email address. - Notifications can be sent via email or SMS.
- Once approved, the original tool call automatically resumes.
Approval Flows ensure that sensitive or high-impact actions include a human-in-the-loop step.
Example:
| Flow Name | Trigger | Approvers | Notification |
|---|---|---|---|
| Expense Approval | amount > 500 | Role: finance_manager | Email + SMS |
Data protection
Data Protection allows you to enforce data masking and redaction rules across tools.
This feature ensures that sensitive fields (like PII, PHI, or PCI data) are automatically hidden from AI agents unless explicitly allowed.
You can define:
- Which tools the rules apply to.
- Which fields to mask or redact.
- What masking pattern to apply (e.g.,
***-**-####).
Example:
| Field | Masking Type | Applies To |
|---|---|---|
ssn | PII | HR API |
credit_card_number | PCI | Payments API |
This is critical for maintaining GDPR, HIPAA, and SOC 2 compliance in AI-driven operations.
Monitoring and auditing
All actions within AgentLink are monitored and logged for transparency and troubleshooting.
You can see:
- Which user or AI agent invoked which tool
- When the request occurred
- What AI platform or model was used
- Which policies or approvals were triggered
The Monitoring screen provides a full activity timeline for your MCP environment — essential for audit trails and incident analysis.
Configuration
The Configuration screen lets you control your MCP gateway settings.
You can:
- Define your API forwarding endpoint (the base URL where tool requests are sent).
- Configure a custom domain for your AgentLink instance.
- Manage authentication and secret keys.
- Adjust timeout and retry parameters.
- Enable advanced options such as Dynamic Client Registration (DCR).
Configuration ensures a consistent and secure runtime environment for every tenant.
Putting it all together
Here's how the core concepts interact inside AgentLink:
| Layer | Description |
|---|---|
| AI Agent | The customer’s AI platform or assistant (e.g., ChatGPT, Claude, Gemini) that initiates actions. |
| AgentLink MCP Gateway | The secure bridge between AI agents and your product’s APIs. It applies all governance layers below. |
| → Access Control | Determines who can see and execute specific tools based on roles or attributes. |
| → Policies & Guardrails | Evaluate conditions and enforce allow, deny, approval, or step-up actions. |
| → Approval Flows | Trigger human reviews for sensitive or high-risk operations. |
| → Data Protection | Masks or redacts sensitive fields in requests and responses. |
| → Monitoring & Auditing | Logs all tool executions, policy decisions, and approvals for visibility and compliance. |
| Your SaaS Product APIs (Tools) | The underlying APIs or GraphQL endpoints of your product that perform the actual business actions. |
Together, these layers ensure that every interaction between an AI agent and your product is secure, policy-driven, and fully observable — allowing you to safely become an AI-native platform.