As a platform admin, I want the MCP Gateway to authorize access to tools based on the identity of the requesting user, so that I can restrict tool usage to only those users or services that are permitted.

considerations

• Support for identity extraction from headers (e.g. Authorization, X-User-ID, X-Forwarded-User)
• should we allow an AuthPolicy to target an MCP resource so a MCP developer can register an MCP server and also create a policy for that server
• Define and enforce tool-level access policies (e.g., user X can use tools A and B, but not C)
• Deny unauthorized requests with a standard JSON-RPC error
• Log authorization decisions (successful and failed) for auditing
• Default-deny mode?