## AI Agents with Frontegg Entitlements AI agents often act autonomously on behalf of users, executing actions like updating tickets, posting messages, or pulling reports. To ensure every action is authorized according to your business logic, Frontegg provides a native integration between its Entitlements Engine and AI Agents using MCP tools. This guide covers: 1. Deploying the Entitlements Agent (with MCP support) 2. Connecting your AI agent to MCP tools 3. Enforcing policy checks autonomously through prompt engineering br ![ai-agent-authz](/assets/ai-agent-authz.b79c6241ed9e536b848bf19e4c85182ae314ae31efbcd0a9d6c71a75e9729d97.930a87ff.png) ### Step 1: Deploy the Entitlements Agent with MCP Start deploying the Entitlements Agent in your environment using Helm with custom values.yaml configuration file: 1. Create `values.yaml` br In order to obtain `fronteggClientCredentialsOauthClientId` and `fronteggClientCredentialsOauthSecret`, please follow [these instructions](/ciam/guides/authorization/entitlements/agent/setup#step-2-run-the-agent-as-a-docker-container). br ```jsx env: # PDP Agent container environment variables pdpAgent: fronteggRegion: "eu" / "us" / "ca" / "au" fronteggClientId: "FRONTEGG_CLIENT_ID" fronteggClientCredentialsOauthClientId: "FRONTEGG_CLIENT_CREDENTIALS_OAUTH_CLIENT_ID" fronteggClientCredentialsOauthSecret: "FRONTEGG_CLIENT_CREDENTIALS_OAUTH_SECRET" pollingMinDelay: "30" pollingMaxDelay: "60" # MCP Server container environment variables mcpServer: pdpUrl: "http://localhost:8181" ``` br 1. Install using Helm br ```jsx helm repo add frontegg https://frontegg.github.io/helm-charts helm repo update helm install entitlements-agent frontegg/entitlements-agent --values values.yaml ``` br This deploys: - The **Entitlements Agent (PDP)** – fetches and syncs policies from Frontegg - An **MCP Server** – exposes authorization tools over HTTP for local access by your agent ### Step 2: Connect your AI Agent to MCP You can now connect your AI Agent to the MCP server to access the entitlement tools programmatically. #### Example (TypeScript): ```jsx import { Client, StreamableHTTPClientTransport, loadMcpTools } from 'mcp-sdk'; const entitlementsMcpClient = new Client({ name: 'ent', version: '1.0.0', serverUrl: 'http://127.0.0.1:8182/mcp', //this is the MCP server URL deployed in the helm chart before }); await entitlementsMcpClient.connect( new StreamableHTTPClientTransport(new URL('http://127.0.0.1:8182/mcp')) ); const entitlementsTools = await loadMcpTools('entitlements', entitlementsMcpClient); ``` ### Available MCP tools After connecting, your agent can use the following tools: | **Tool Name** | **Description** | | --- | --- | | is-entitled-to-entity-action-tool | Performs an entitlement check for a given user/entity and requested action. | | entitlements-entities-tool | Returns a list of entity types and actions available in the current policy. | ## **Step 3: Enforce Authorization Using Prompt Instructions** To ensure your agent performs checks before any operation, provide it with the following system prompt: ```jsx Important! oauth tools do not require an action, you can execute them directly. Important! before executing any tool other than the oauth* tools, verify the tool is allowed by executing the 'is-entitled-to-entity-action-tool' using the user ID from the context and the entities from the 'entitlements-entities-tool'. Important! before executing the 'is-entitled-to-entity-action-tool', you must call the 'entitlements-entities-tool' MCP tool. The default entityType of the executing entity when using entitlements is 'user'. ``` br This makes the AI agent: - Call entitlements-entities-tool first to discover the available schema - Use the is-entitled-to-entity-action-tool before executing any action - Enforce policy **autonomously**, without relying on backend API enforcement ### Summary | **Capability** | **Description** | | --- | --- | | Policy sync | Policies are pulled periodically from Frontegg to your environment | | Local enforcement via MCP | AI agents check authorization before action using MCP tools | | Agent-autonomous access control | Prompts instruct the agent to verify entitlement without app-side logic | br By combining Frontegg Entitlements with MCP tooling, AI agents become secure, policy-aware entities that enforce authorization with no developer intervention required per action. br ![ai-agent-authz](/assets/agents-rebac.556bd9d5829a721ad971522b007e93aafd38413c8ba38671f1364071d14d9f7b.930a87ff.gif)