Loading…
June 14-15, 2026
Mumbai, India
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for MCP Dev Summit Mumbai to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration..

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
← Back to schedule
Your AI Chatbot Just Exposed Your CEO’s Salary To an Intern: Securing Enterprise AI Agents - Hasini Samarathunga & Sahan Dilshan, WSO2
Monday June 15, 2026 12:20pm - 12:45pm IST
Lotus 3
Have you ever worried that your new AI Agent might be a little too helpful? Imagine an intern asking an HR chatbot, "What is the CEO's salary?" and the bot, designed to be helpful, promptly fetches it.

As we equip LLMs with tools via the MCP to query internal systems, we introduce a significant data privacy risk if the agent cannot distinguish who is making the request.

In this session, we’ll explore the critical intersection of IAM and AI agents. You’ll see how to implement fine-grained access control and “on-behalf-of” user execution in MCP servers. By securely propagating user context, an agent ensures that when the CEO queries salary data, the data is delivered, but when an intern makes the same request, the system restricts it.

We’ll also dive into the “Human-in-the-Loop” (HITL) pattern, a safeguard that pauses high-risk actions for explicit human approval. You’ll learn how to design secure-by-default MCP architectures using standard authentication flows, zero-trust permissioning, and HITL workflows to keep your AI agents aligned, controlled, and trustworthy.
Speakers
avatar for Hasini Samarathunga

Hasini Samarathunga

Senior Software Engineer, WSO2
Hasini Samarathunga is a Senior Software Engineer at WSO2, with 3+ years of experience specializing in IAM and B2B domains. She is currently working on building B2B capabilities for MCP servers and introducing Agent-as-a-Service within WSO2 Identity Server.

She believes great tech talks should cut through the buzzwords and make complex ideas accessible, ensuring everyone, regardless of experience level, can walk away having learned something useful... Read More →
avatar for Sahan Dilshan

Sahan Dilshan

Associate Tech Lead, WSO2
Sahan Dilshan is an Associate Tech Lead at WSO2, where he has spent the past five years designing and building identity and access management features. His current focus sits at the intersection of two complementary areas: IAM for AI securing agentic systems with proper identity... Read More →
Monday June 15, 2026 12:20pm - 12:45pm IST
Lotus 3
  Security, Identity + Trust

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Conference Scheduling App Privacy Terms
Share Modal

Share this link via

Or copy link