Tetrate and Ory have announced a strategic partnership aimed at helping enterprises secure AI agents in production environments. The joint solution combines Ory’s identity and authorization platform with Tetrate Agent Router Enterprise to provide dynamic runtime security, granular policy enforcement, and governance for AI agent tool interactions.
As enterprises move AI agents from pilot programs into production environments, security and governance concerns around agent behavior, permissions, and runtime control are becoming increasingly critical.
The partnership between Tetrate and Ory focuses on securing AI agents through a combination of identity management, authorization policies, and real-time enforcement of tool usage and request parameters.
According to the companies, many MCP runtimes currently focus only on determining which tools an AI agent can access. The Tetrate-Ory solution extends beyond basic tool visibility by evaluating every live request, including the content and risk level of MCP tool parameters.
When requests exceed predefined risk thresholds, the platform can pause the transaction, initiate authentication and approval workflows through Ory, issue temporary elevated access, and maintain detailed audit trails for compliance and governance purposes.
The solution combines Ory’s identity and authorization technologies with Tetrate’s Envoy-based runtime enforcement layer.
Ory treats AI agents as first-class digital identities and manages authentication, OAuth2 and OIDC token flows, consent workflows, and fine-grained authorization policies through Ory Hydra and Ory Keto.
Tetrate Agent Router Enterprise enforces those policies during live interactions with AI models, enterprise systems, and MCP tools. The platform also provides parameter-level policy enforcement, allowing organizations to control not only which tools agents can access but also how those tools are used.
"The challenge with AI agents isn't just controlling which tools they can access—it's controlling how they use those tools," said David Wang, head of product management at Tetrate. "Tetrate Agent Router Enterprise enforces fine-grained authorization on MCP tool invocations down to the parameter level, based on policies defined in Ory, and does so through a globally distributed Envoy-based gateway layer. That gives enterprises the precision, scale and control that production deployments demand."
"AI agents must be treated as first-class identities with explicit authentication, authorization and governance," said Jeff Kukowski, CEO, Ory. "Together with Tetrate, Ory is helping enterprises secure AI agent deployments end to end, from identity and access decisions to runtime enforcement and policy control."
The joint platform is built on Envoy AI Gateway, an open-source project already used in production by large enterprises including Bloomberg. Tetrate, a major contributor to Envoy and Envoy Gateway, provides the distributed AI gateway layer for routing, observability, and policy enforcement across providers and environments.
The partnership also evolved from an existing customer relationship. Ory previously adopted Tetrate Enterprise Gateway for Envoy to support its global IAM and CIAM infrastructure, reducing resource consumption by 40% while improving operational observability.
The companies stated that the platform supports a range of enterprise use cases, including retail refunds, financial services approvals, healthcare data access, government services, IT operations, HR workflows, and customer support automation.
In each scenario, low-risk actions can proceed automatically while higher-risk requests trigger step-up authorization and approval processes.
The joint solution is available immediately, with both companies collaborating on customer deployments, technical enablement, and go-to-market initiatives focused on enterprise AI security and governance.
About Tetrate
Tetrate helps enterprises run AI inference with an intelligent routing layer. Tetrate Agent Router Enterprise provides an enterprise AI gateway for routing and governing model, MCP, and agent traffic across providers, regions, and environments. Built on Envoy AI Gateway, Tetrate gives teams a consistent way to route, observe, and control AI traffic at scale. More at tetrate.io.
About Ory
Ory is the modern choice for CIAM, B2B and Agent IAM, and one of the world's most widely adopted IAM platforms. Ory manages more than 2.5 billion identities across open source and commercial deployments. Its infrastructure powers 10 percent of the top 40 websites and serves leading enterprises in financial services, technology, media, and other sectors requiring flexible, high performance identity solutions. With over 45,000 GitHub stars and 700 million downloads, Ory delivers enterprise grade security with developer-friendly flexibility. The company is backed by investments from Insight Partners, Balderton Capital, PHX Ventures, and IQT.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.