Use Cases
The launch use case for PolicyArc is securing MCP access for AI agents — Claude Code, OpenCode, and anything else speaking the Model Context Protocol. Every tool call through the PBAC Gateway is introspected, every scope checked, every decision logged.
Primary use case
AI Agents and MCP
Claude Code and similar agents today run with the developer's credentials. There is no agent identity, no audit trail per agent, no policy at the tool-call boundary. PBAC changes that with an MCP Gateway that sits between every agent and every tool.
- Trust tiers for agent clients (developer, CI, read-only, internal-trusted)
- Scope checks on every tool call — not just at login
- Live policy change without token reissue
- Full audit log: agent identity, tool, scope, decision, timestamp
MCP servers PBAC protects
The same gateway in front of any of these backends. Each row links to the configuration and scope catalog.
| Backend | Category | Example scopes |
|---|---|---|
| GitHub | Source control | github:repos:read, github:repos:write, github:prs:merge |
| GitLab | Source control | get_project, list_tree, create_branch, commit, create_mr |
| Google Workspace | Productivity | workspace:drive:read, workspace:gmail:send, workspace:calendar:write |
| Google Drive | File storage | drive:read, drive:write |
| Slack | Messaging | slack:read, slack:write |
| Jira | Issue tracking | jira:read, jira:write |
| Jenkins | CI / builds | get_build, get_artifact, trigger_build |
| PostgreSQL | Databases | db:read, db:write, db:ddl, db:admin |
Don't see yours? Any HTTP API becomes a gateway-protected MCP server. Use the dashboard's Gateway tab to add a new backend with its tools and scopes, or contact us — we'll likely add it to the catalog.
Next steps
- AI Agents and MCP — the full use case
- MCP servers — catalog of supported backends
- Start Here — the eight-step dashboard onboarding
- Talk to us — your backend, your policy model