Loading…
June 14-15, 2026
Mumbai, India
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for MCP Dev Summit Mumbai to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration..

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
← Back to schedule
Closing the AuthZ Gap in MCP: Policy-Driven Tool Invocation Control - Oshi Gupta, Infracloud Technologies - An Improving Company & Sonali Srivastava, Improving
Sunday June 14, 2026 5:15pm - 5:40pm IST
Lotus 3
MCP tools give AI agents direct access to external services - production databases, internal APIs, third-party platforms. But most teams deploying MCP today have no answer to a simple question: who authorized that tool call?

MCP has made remarkable strides in standardizing agent-to-tool connectivity - but AuthN and AuthZ at the tool invocation layer remain an open problem. Tool calls are dynamic and runtime-driven; static Kubernetes RBAC has no vocabulary for per-tool, per-agent, or per-parameter enforcement. There is no native spec primitive to say "only this agent can call this tool."

In multi-tenant environments this gets worse - one misconfigured agent can invoke tools across tenant boundaries and nobody finds out until the damage is done. Teams filling this gap today are relying on custom middleware, app-level checks, or nothing at all.

This talk explores where MCP's authorization model falls short and how policy-as-code closes the gap - with Kyverno as one strong implementation path. The session walks through real ClusterPolicy configurations, multi-tenant isolation patterns, and hard-won lessons from tuning enforcement without breaking production agents.
Speakers
avatar for Oshi Gupta

Oshi Gupta

Site Reliability Engineer, Infracloud Technologies - An Improving Company
Oshi Gupta works as a Site Reliability Engineer at Improving Pune (Infracloud). She is KCNA , KCSA , CKAD , CKA & AWS Solutions Architect-Associate certified and LFX mentee for CNCF Kyverno.
avatar for Sonali Srivastava

Sonali Srivastava

Senior Developer Advocate, Improving
Sonali Srivastava is a Senior Developer Advocate at Improving, Co-chair KubeCon India 2026, and Co-organizer CNCF Women in Cloud Native. With experience across system administration, open source contribution and developer advocacy, she focuses on bridging gap between developers and... Read More →
Sunday June 14, 2026 5:15pm - 5:40pm IST
Lotus 3
  Security, Identity + Trust
  • Audience Experience Level Any

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Conference Scheduling App Privacy Terms
Share Modal

Share this link via

Or copy link