Skip to content
CTRL K
    Docs Standalone Kubernetes Tutorials Standalone Kubernetes Models Blog Enterprise Community Get Started GitHub
    ✨ agentgateway has joined the Agentic AI Foundation (AAIF) — Learn more

    For the complete documentation index, see llms.txt. Markdown versions of all docs pages are available by appending .md to any docs URL.

    Page as Markdown
    MCP target policies
    Apply policies to individual MCP backend targets
    Apply policies at the MCP target level to control behavior for individual MCP servers within a multiplexed backend.
    Overview

    MCP target policies allow you to configure policies for specific MCP backend targets, rather than applying them globally to all targets in a backend. This is useful when you have multiple MCP servers with different authentication or routing requirements.
    Policies are merged from the backend group level down to the target level, with more specific policies taking precedence.
    Best practices

    • Use backend-level policies for common settings: Apply shared policies at the backend level to reduce duplication.
    • Use target-level policies for exceptions: Override specific targets that need different behavior.
    • Be explicit about authorization: Always configure authorization policies at the backend level, even if permissive.
    • Test policy inheritance: Verify that policies merge correctly by checking logs and testing access.
    Supported policy types

    The following policies can be configured at the MCP target level.
    PolicyDescription
    backendAuthBackend authentication (API key, passthrough, AWS, GCP, Azure)
    backendTLSTLS configuration for backend connections
    requestHeaderModifierModify request headers
    responseHeaderModifierModify response headers
    Note: The following policies are not supported at the MCP target level. They must be configured at the backend level instead:
    • mcpAuthorization: Fine-grained authorization rules for tools, prompts, and resources.
    • ai: LLM processing policies such as prompt guards, overrides, defaults, and model aliases.
    • a2a: Mark traffic as agent-to-agent.
    Policy inheritance

    Policies are merged hierarchically:
    1. Backend group level: Policies defined at backends[].policies
    2. Target level: Policies defined at backends[].mcp.targets[].policies
    Target-level policies override backend-level policies for the same policy type.
    Before you begin

    Set up MCP multiplexed backends.
    Configuration examples

    Target-level policies are configured under mcp.targets[].policies.
    Authentication per target

    Use different authentication methods for different targets.
    # yaml-language-server: $schema=https://agentgateway.dev/schema/config
mcp:
  port: 3000
  targets:
  - name: service-a
    mcp:
      host: https://service-a.example.com/mcp
    policies:
      backendAuth:
        key: "$SERVICE_A_API_KEY"
      backendTLS:
        sni: service-a.example.com
  
  - name: service-b
    mcp:
      host: https://service-b.example.com/mcp
    policies:
      backendAuth:
        key: "$SERVICE_B_API_KEY"
      backendTLS:
        sni: service-b.example.com
    Learn more

    MCP authorizationMCP observability
    Was this page helpful?
    

    
Agentgateway assistant
    


    Ask me anything about agentgateway configuration, features, or usage.
    Note: AI-generated content might contain errors; please verify and test all returned information.
    Tip: one topic per conversation gives the best results. Use the + button in the chat header to start a new conversation.
    Switching topics? Starting a new conversation improves accuracy.

    ↑↓ navigate
 select
esc dismiss
    

    

    What could be improved?
    Your feedback helps us improve assistant answers and identify docs gaps we should fix.
    Need more help? Join us on Discord:
https://discord.gg/y9efgEmppm
    Want to use your own agent? Add the Solo MCP server to query our docs directly. Get started here:
https://search.solo.io/.