New State of Dapr Report 2026.|Get The Report
Diagrid
Back to all questions
Agent Security

How should MCP and agent-to-agent protocols share identity context?

How should MCP and agent-to-agent protocols share identity context?
MCP and agent-to-agent protocols should share identity context through explicit workload identities and policy-aware execution, not through informal headers or broad shared credentials. When one agent calls another agent, and that agent calls an MCP tool, the system should preserve enough context to evaluate access and audit the chain. Teams need to know which workload originated the request, which component forwarded it, and which policy applied at each hop. Diagrid's zero-trust framing is useful here: identity, mTLS, and policy should travel with the architecture instead of being bolted on at one gateway.

Related questions