Teams are independently adopting 3rd-party MCP servers without a governed approach to discovery, onboarding, and authentication.

Security teams must evaluate and approve MCP server usage within developer IDEs before enterprise-wide adoption can proceed.

HTTP streaming and SSE connections required by MCP and AI services conflict with existing corporate security policies and infrastructure.

Identity and authorization tokens must be properly propagated when AI agents call other agents or services in multi-hop scenarios.

Organizations need to understand and control the total cost of ownership across AI models, MCP servers, and third-party services.

Organizations need to understand how MCP fits into existing API infrastructure and governance tooling they have invested in over the past decade.

Governance rules need to be available directly in developers' coding assistants and AI agents, not just in standalone tools and pipelines.

Enterprise security restrictions prevent using standard distribution mechanisms to deliver governance rules to all API designers.

Morgan needs to track and report on API governance reviews across the portfolio.

Morgan needs teams to obtain API tokens and keys from an internal gateway rather than directly from 3rd-party providers.

Morgan needs to ensure AI coding assistants follow security policies when generating code, with attestation of compliance.

Developers perceive governance as friction and avoid it unless compliance is the easiest path.

API governance must be embedded seamlessly into the developer workflow so that the compliant way of building APIs is also the easiest and most secure way.

Organizations can enforce coding standards and CI gates but cannot enforce equivalent governance for the Markdown files that shape AI agent behavior.

Repositories need to explicitly declare what AI agents are allowed to change and what is off-limits.

Beyond MCP, protocols like A2A, ACP, AP2, and x402 are proliferating — enterprises need unified governance across all agent communication protocols, not just one.

Agentic browsers and AI workspaces will autonomously discover, evaluate, and transact via APIs — organizations need APIs that are not just discoverable but transactable by agents with proper governance guardrails.

Enterprises need an internal registry of approved MCP servers that surfaces inside the developer IDE, acting as an allow-list so developers discover only vetted servers.

The MCP discovery registry (which servers are approved) and the package registry (where the binary actually lives) are two different systems with different governance requirements.

Enterprise contracts only cover generally-available features, so AI tooling rollouts at scale must wait for GA even when developers are already asking for preview capabilities.

Iris sees the patient's data sit in adjacent organizations that legally cannot share it — region vs municipality, primary vs secondary purpose, country vs country — even though all of them care for the same person. She needs a patient-centered data fabric that the law can actually permit.

Iris waits months to years for ethical approvals and data extractions before she can touch real patient data. She needs a synthetic-data pipeline that's data-driven, schema-conformant, and privacy-preserving — so research can move while the legal track runs in parallel.

Iris has watched well-designed healthcare data standards stall for years until regulation made them mandatory — FHIR via 21st Century Cures, openEHR via the European Health Data Space. She needs the regulation-to-implementation path to be cheap, demonstrable, and reusable.

Iris's project pulls in a vendor, a consultancy, a healthcare provider, and a university — each cares about a different slice of the same patient. She needs an interoperability fabric that lets every stakeholder see only what they should and contribute only what they own.

Enterprises that centralize APIs purely as a cost-reduction play without pairing governance investment end up paying the governance bill later — usually right when AI and agent rollouts make the gap visible.

Internal API marketplaces shipped without a defined roles, permissions, and admin-ownership model become unworkable — discovery surfaces with no governance underneath cost more to maintain than they save.

Enterprises need a gateway-enforced layer that authenticates, meters, and tier-routes employee and application AI consumption — not just visibility into spend, but active enforcement of token quotas, model-tier fallback, and outbound traffic restrictions.

Regulated enterprises need agentic and MCP runtimes that deploy fully inside their own VPC, OpenShift, or air-gapped environment — with complete traceability of every call — rather than depending on SaaS control planes or pay-per-use utility-model vendors.

Integration platforms exposing data to consumers across thousands of trading-partner relationships need a superset schema for inbound retrieval (so callers see every property and per-partner nuance) paired with per-trading-partner schemas for outbound writes (carrying the required / conditional / optional flags translated from source-system syntax to JSON Schema validation rules).

Integration platforms focus almost entirely on detecting drift in incoming-data schemas, but rarely on detecting drift in the backend business-system schemas — ERPs, WMS, custom fields — leaving integration teams to react to silent backend changes after data has already been mapped to the wrong place.

Engineering leads see agent-era API strategy as urgent before leadership does. They need a playbook — language, evidence, and risk framing — to convince executives without sounding like AI hype, especially at responsibility-mindset enterprises that won't move fast just because the market is.

Need a way to control that an MCP server actually behaves like it is intended to behave at runtime, not just that it exists in a registry.

MCP servers must be prevented from letting sensitive data out of the enterprise when someone on the implementation side didn't pay enough attention to egress controls.

Need a productized way to check incoming OpenAPI schemas against an enterprise data model so governance teams know where each new API fits or diverges before it ships.

Need an asset database of APIs that auto-publishes specs and breaking-change changelogs into the systems developers actually use — Confluence, intranet, internal portal — because most enterprises do not yet have a true internal developer portal.

Need every API to carry first-class metadata linking it to the job-to-be-done, the team goal, and the group strategic objective it serves, so anyone working on it knows they are going in the right direction.

Need tooling that lets a platform team carry both a legacy API estate and a V2 API platform until customers are fully migrated, without doubling staffing or budget.

Need a way to create a trusted consumer identity for agents so API providers can issue tokens to a known-and-vouched-for agent rather than treating every agent as either anonymous or a human-delegation proxy.

Even with identity and onboarding solved, API providers carry advertising-era baggage — own the user, distrust middlemen — that blocks them from issuing tokens to agents at all.

Sovereign-data enterprises need agent platforms they can stand up internally — controlled deployment, controlled training data, controlled residency — rather than calling out to a third-party SaaS.

Need tooling that lets a non-engineering operator define skills, create role-based agents, give each agent its skill, and wire them together as a working fleet — VP of Marketing agent, Social Media Manager agent, Paid Ads Manager agent — on a single reviewable dashboard.

Developer platforms need server-side telemetry on agent traffic — who's calling, what they're trying, whether they succeeded — because client-side signals like user-agent strings can be spoofed and tell you nothing useful.