Omni Gateway Agent Policies

Policies enforce rules when Omni Gateway processes requests, enabling you to secure and govern your server instances. Omni Gateway includes A2A and MCP specific policies that provide enhanced security and control over agent interactions.

To apply a policy, see Applying Policies for Managed Omni Gateways and Connected Mode.

Omni Gateway MCP and A2A server instances also support other Omni Gateway policies to protect server instances through rate limiting, authentication, authorization, threat protection, monitoring, and logging. For more information about MuleSoft-provided policies, see the Inbound Policies Directory and Outbound Policies Directory.

To extend existing functionality or define new functionality, create custom policies based on your specific business requirements. For information about creating custom policies, see Omni Gateway Policy Development Kit (PDK) Overview.

All agent policies are inbound policies and are not supported as automated policies.

SSE Policies

Both A2A and MCP support the following policies for Server-Sent Events (SSE) streaming:

Policy	Summary
SSE Logging	Logs every SSE event while streaming

Policy

Summary

SSE Logging

Logs every SSE event while streaming

A2A Policies

Policy	Summary
A2A Agent Card	Rewrites the Agent Card URL to match the server instance public URL
A2A PII Detector	Detects personally identifiable information (PII) in requests sent to the agent
A2A Prompt Decorator	Decorates prompts with context information
A2A Schema Validation	Validates agent requests to ensure they conform to the A2A specification

Policy

Summary

A2A Agent Card

Rewrites the Agent Card URL to match the server instance public URL

A2A PII Detector

Detects personally identifiable information (PII) in requests sent to the agent

A2A Prompt Decorator

Decorates prompts with context information

A2A Schema Validation

Validates agent requests to ensure they conform to the A2A specification

MCP Policies

Policy	Summary
MCP Attribute-Based Access Control	Controls access to tools, resources, and prompts based on user information such as Tiers, IP, Headers, or Claims
MCP Global Access	Restricts which MCP tools are exposed by defining Allow and Block rules
MCP PII Detector	Blocks elicitation responses containing personally identifiable information (PII) from reaching MCP servers
MCP Schema Validation	Validates MCP requests to ensure they conform to the MCP specification
MCP Support	Adds MCP support to an Omni Gateway MCP server instance. This policy is required for your MCP server instance to function properly.
MCP Tool Mapping	Renames MCP tool names in requests and responses to provide flexible tool naming

Policy

Summary

MCP Attribute-Based Access Control

Controls access to tools, resources, and prompts based on user information such as Tiers, IP, Headers, or Claims

MCP Global Access

Restricts which MCP tools are exposed by defining Allow and Block rules

MCP PII Detector

Blocks elicitation responses containing personally identifiable information (PII) from reaching MCP servers

MCP Schema Validation

Validates MCP requests to ensure they conform to the MCP specification

MCP Support

Adds MCP support to an Omni Gateway MCP server instance. This policy is required for your MCP server instance to function properly.

MCP Tool Mapping

Renames MCP tool names in requests and responses to provide flexible tool naming

Omni Gateway Agent Policies

SSE Policies

A2A Policies

MCP Policies

See Also