← All Use Cases

Securing MCP tool access

Your agents call MCP tools. IDProva ensures they only call the ones they're allowed to.

The Problem

MCP servers expose powerful tools — filesystem access, database queries, API calls. Today, any agent with the server URL can call any tool. There's no standard way to scope, time-limit, or audit tool access per agent.

The Solution

IDProva DATs let you grant specific MCP tool permissions to specific agents. Filesystem read but not write. Database query but not modify. Each permission is cryptographically signed, time-bounded, and produces an auditable receipt.

Key capabilities

4-Part Scope Grammar

mcp:tool:filesystem:read — precise tool-level permissions using namespace:protocol:resource:action syntax.

Time-Bounded Access

Issue DATs with 1-hour, 1-day, or custom expiry. Agents lose access automatically — no cleanup required.

Delegation Chains

Orchestrator delegates to sub-agents with narrower scopes. Each hop cryptographically constrained.

Instant Revocation

Compromised agent? One API call kills its DAT. All downstream delegations invalidated immediately.

mcp-scope-example.sh
$ idprova dat issue \
  --issuer "did:aid:acme.com:orchestrator" \
  --subject "did:aid:acme.com:data-agent" \
  --scope "mcp:tool:filesystem:read" \
  --scope "mcp:tool:database:query" \
  --expires-in "1h" \
  --key orchestrator.key

# data-agent can read files and query DB
# but CANNOT write files or modify data
# access expires in 1 hour automatically
Request Access Try Self-Hosted