Why you need an Agentic Control Plane

AI is moving from chatbots to agents that take real actions on behalf of real users. Without a governance layer, every tool call is unidentified, unauthorized, and unauditable.

The market is moving fast

Three platform shifts are happening simultaneously — and none of them include a governance layer.

OpenAI Apps SDK

ChatGPT actions can now call any HTTP endpoint on behalf of a user. OAuth is supported but identity binding, policy enforcement, and audit logging are left to the developer.

Model Context Protocol

MCP gives LLMs a standard way to discover and call tools. But the protocol has no built-in identity propagation, authorization, or usage controls.

Enterprise agent rollouts

Every enterprise is deploying internal copilots and agent workflows. Most are doing it with shared API keys, no per-user policies, and no audit trails.

Enterprise agent governance

Model providers are building governance into their platforms — validating identity, permissions, and audit as the bottleneck to adoption. But vendor-specific governance only covers one model.

What happens without a control plane

Shadow AI

Teams integrate AI tools without security review. Shared API keys get passed around. Nobody knows which users are making which requests. When something goes wrong, there's no way to trace it back to a person or a policy violation.

Data leakage

Without content filtering at the gateway, sensitive data flows into LLM prompts unchecked. Patient records, financial data, legal documents — all sent to third-party models with no PII detection, no redaction, and no record of what was shared.

No audit trail

A compliance officer asks "who accessed patient data through the AI assistant last Tuesday?" Without identity binding and structured logging at the control plane, the honest answer is: "We don't know."

Runaway costs

An agent loop fires 10,000 API calls in a minute. A single user burns through the team's monthly LLM budget overnight. Without per-user rate limits and budget caps enforced at the gateway, there's no guardrail until the invoice arrives.

Regulators are paying attention

Every major compliance framework now has implications for AI-mediated access to protected data.

HIPAA

AI access to patient data requires identity verification, minimum necessary access controls, and audit trails linking every query to an authenticated user.

SOC 2

Trust service criteria require access controls, monitoring, and logging. An AI system with shared API keys and no per-user governance fails these requirements.

GDPR

Data subject rights require knowing what personal data was processed and by whom. Without identity binding, you can't answer data access requests for AI interactions.

PCI DSS

Cardholder data environments require strict access controls and logging. An AI agent querying payment data through a shared key violates the principle of least privilege.

Before and after

Concern	Without an ACP	With an ACP
Identity	Shared API key — backend can't distinguish users	Every request bound to verified user identity
Authorization	All-or-nothing access, enforced in app code	Per-user, per-tool policies enforced at the gateway
Data protection	PII flows into prompts unchecked	PII detected and redacted before reaching the model
Cost control	No per-user limits — surprise bills, runaway loops	Rate limits, budget caps, and agent guard per user
Audit	Generic logs with no user attribution	Every action logged with identity, policy, and cost
Compliance	Manual controls, audit gaps, failed reviews	Automated evidence for HIPAA, SOC2, GDPR, PCI

Ready to let your agents do more, safely?

Set up in minutes. GatewayStack is the open-source reference implementation of the Agentic Control Plane pattern. Start with one module or adopt the full pipeline.

Get started See the architecture