As a platform adminstrator, I want to enforce strong authentication requirements on the /mcp endpoint I am exposing to ensure only identified and authorised clients can access this endpoint.

Requirements:

• Allow a RHCL customer to use AuthPolicy to protect the single MCP endpoint that is exposed via the gateway
• Document within an  MCP context to ensure a user learns about this capability of AuthPolicy

This should already be possible and should really just form a documentations as some form of MCP guide