Skip to content
CTRL K
    Docs Standalone Kubernetes Models Blog Enterprise Community Get Started GitHub
    🎯 New workshop: Govern AI Costs in Real Time — Hands-On with agentgateway agentgateway has joined the Agentic AI FoundationLearn more

    For the complete documentation index, see llms.txt. Markdown versions of all docs pages are available by appending .md to any docs URL.

    Page as Markdown
    Security
    Secure backends and routes with authentication, authorization, and TLS policies.
    Secure backends and routes with different types of security, authentication, authorization, and rate limiting policies.
    The guides in this section show example configuration for different types of policies. Policies are applied to routes, which are part of a listener on a bind.
    binds:
- port: 3000
  listeners:
  - routes:
    - policies:
    Backend authentication
    Attach authentication tokens to outgoing backend requests.
    Backend TLS
    Configure TLS for secure connections to backend services.
    CORS
    Configure Cross-Origin Resource Sharing policies to control cross-domain requests.
    CSRF
    Protect against cross-site request forgery attacks with origin validation.
    HTTP authorization
    Define allow, deny, and require rules using CEL expressions.
    Network authorization
    Enforce access control at the L4 level using CEL expressions.
    JWT authentication
    Verify JWT tokens from incoming requests using JWKS and configured issuers.
    Basic authentication
    Configure simple username and password authentication for your routes.
    API Key authentication
    Authenticate requests using API keys with configurable validation modes.
    External authorization
    Delegate authorization decisions to external services like OPA.
    MCP authentication
    Configure OAuth 2.0 protection for MCP servers with JWT validation.
    MCP authorization
    Define authorization rules for MCP method invocations using CEL expressions.
    OIDC browser authentication
    Enable browser-based OpenID Connect authentication with encrypted session cookies.
    Resiliency
    Was this page helpful?
    

    
Agentgateway assistant
    


    Ask me anything about agentgateway configuration, features, or usage.
    Note: AI-generated content might contain errors; please verify and test all returned information.
    Tip: one topic per conversation gives the best results. Use the + button in the chat header to start a new conversation.
    Switching topics? Starting a new conversation improves accuracy.

    ↑↓ navigate
 select
esc dismiss
    

    

    What could be improved?
    Your feedback helps us improve assistant answers and identify docs gaps we should fix.
    Need more help? Join us on Discord:
https://discord.gg/y9efgEmppm
    Want to use your own agent? Add the Solo MCP server to query our docs directly. Get started here:
https://search.solo.io/.