Feature Description
Bring the new mcp related components into Platform Mesh's deployment.
Investigate an FGA AccessProvider that builds the workspace map from Platform Mesh's OpenFGA store. Pick a sync strategy (push, pull, or hybrid), apply org-scoped filtering inside the provider so cross-org isolation happens before SCAR ever sees a result.
Secondly, we should integrate with an MCP-aware gateway, eg. (agentgateway, validated in the PoC) in front of FrontProxy, configured with OIDC, dynamic client registration, rate limiting, and audit log shipping. Bearer-token passthrough through the new hop has to be re-verified.
We should automate the deployment and verify it has everything to work properly
Proposed Solution
Solution should be deployed as part of platform-mesh.
Alternative Solutions
No response
Additional Context
No response
Feature Description
Bring the new mcp related components into Platform Mesh's deployment.
Investigate an FGA
AccessProviderthat builds the workspace map from Platform Mesh's OpenFGA store. Pick a sync strategy (push, pull, or hybrid), apply org-scoped filtering inside the provider so cross-org isolation happens before SCAR ever sees a result.Secondly, we should integrate with an MCP-aware gateway, eg. (agentgateway, validated in the PoC) in front of FrontProxy, configured with OIDC, dynamic client registration, rate limiting, and audit log shipping. Bearer-token passthrough through the new hop has to be re-verified.
We should automate the deployment and verify it has everything to work properly
Proposed Solution
Solution should be deployed as part of platform-mesh.
Alternative Solutions
No response
Additional Context
No response