Home Dashboard GitHub

MCP Control Plane — 43 Tools, Secretless Access, Full Operator Governance

2026-03-10

mcp-servermcp-gatewaygovernancedashboard

What We Built

Elevated BrainstormRouter's MCP layer from a strong but fragmented feature set into a coherent, documented control-plane capability. BrainstormRouter now operates as both an MCP server (exposing 43 control-plane tools via Streamable HTTP) and an MCP gateway (registering, discovering, governing, proxying, and auditing external MCP servers with secretless access).

The consolidation added a flagship MCP concepts page to documentation, filled SDK governance gaps (updatePolicy), and upgraded the dashboard from read-only governance status to full approve/deny/policy-edit operator workflows.

Why It Matters

No other AI control plane offers both MCP server and MCP gateway in one platform with secretless access. When teams register external MCP servers, upstream credentials stay on the server registration — agents never see them. This eliminates secret sprawl across AI workloads while maintaining full governance and audit trails.

For enterprise security teams, this means tool access can be granted without sharing API keys, rotated without coordinating with agents, and revoked instantly at the gateway level.

How It Works

Secretless access flow:

Agent (API key) → BrainstormRouter → (stored bearer token) → External MCP Server

Agents authenticate to BrainstormRouter with their own credentials. BrainstormRouter injects the stored upstream credentials when proxying tool calls. allowed_key_ids scoping restricts which API keys can access each server.

Governance pipeline:

// Set an approval requirement and cost annotation
await client.mcp.updatePolicy({
  tool_name: "delete_record",
  allowed: true,
  max_cost_usd: 0.5,
  requires_approval: true,
});

// Tool call returns 202 if approval required
// Operator approves via dashboard or SDK
await client.mcp.approve("approval-id");

The Numbers

  • 43 MCP server tools across 11 categories
  • 16 gateway API endpoints (server CRUD, tools, audit, governance, approvals)
  • Full SDK parity: TS (14 methods) + Python (14 methods, sync + async)
  • Dashboard: server management + tool discovery + governance approve/deny + policy editor
  • 4 discovery surfaces synchronized: tool-manifest.ts, server.ts, agents.json, llms.txt

Competitive Edge

Portkey and OpenRouter provide model routing but have no MCP gateway, no tool governance, and no secretless access model. Letta offers memory but no MCP control plane. Aembit focuses on identity but not tool-level governance. BrainstormRouter is the only platform combining MCP server + gateway + governance + secretless access + memory + routing in one control plane.

Lockstep Checklist

  • [x] API Routes: src/api/routes/mcp-gateway.ts, src/api/routes/mcp-server.ts updated with control-plane narrative.
  • [x] TS SDK: packages/sdk-ts/src/resources/mcp.ts — added updatePolicy().
  • [x] Python SDK: packages/sdk-py/src/brainstormrouter/resources/mcp.py — added update_policy() (sync + async).
  • [x] MCP Schemas: src/mcp/server.ts descriptions updated. site/.well-known/agents.json updated with secretless-access narrative.
  • [x] Dashboard: Governance approve/deny + policy editor in site/dashboard/src/pages/mcp.ts.
  • [x] Docs: docs/concepts/mcp.mdx (new), docs/api-reference/mcp-gateway.mdx (connect endpoint), docs/docs.json (nav).
  • [x] GTM/Discovery: site/llms.txt updated with all 43 MCP tools.