AI Deployment
Summt

From Pilot to Production

REGISTER

February 12, 2026

Virtual Summit

Tray.ai continues to enrich the capabilities of its unified AI Agent platform designed to securely build, govern, and scale enterprise-ready agents. The latest update is Tray.ai’s Agent Gateway, which adds rich support for working with and governing MCP (Model Context Protocol).

In specific, Tray.ai’s Agent Gateway lets IT teams build governed, maintainable MCP servers and MCP tools directly on the Tray.ai platform -- and then publish them via MCP.  This approach provides stable and secure agent use across the full stack, Rich Waldron Tray.ai Co-Founder and CEO told IDN. 

Within this environment, Waldron outlined how its Agent Gateway lets IT teams accomplish three key tasks:

• define, test, version and document MCP services;
• apply scope and guardrails to set how tools are exposed; and
• ensure each service aligns with enterprise policies and security requirements

Waldron describes the ultimate benefits this way: 

Agent Gateway gives IT a centralized way to set policies, permissions and versioning for MCP tools. “With this managed approach, organizations can standardize how agents gain new capabilities, reduce risk from unvetted code, and prepare for emerging interoperability standards,” Waldron said. Such  emerging standards include those for A2A (Agent-to-Agent)", he added. 

For ease of use and quick on-ramping,  Agent Gateway offers capabilities that align with how developers and agent builders work with MCP today, Waldron said.

• Composite MCP Tools: Teams can create sophisticated composite tools in Merlin Agent Builder and publish them as MCP services. These tools can perform complex processes end-to-end, embed guardrails with Tray Guardian, and mitigate agent non-determinism by encoding business logic.
• Connector-backed MCP Tools: Tray’s library of 700+ managed connectors can now be published as MCP Tools, instantly giving MCP-enabled agents secure reach across CRM, ERP, HR, analytics and more, all with the governance enterprises expect.
• MCP consumption for Tray Agents: Tray Agents can securely consume external MCP servers while IT gains centralized visibility, logging, and auditability.

For deep and granular control over agents, Agent Gateway ensures every MCP tool and execution built in Tray is managed in the Tray Insights Hub, where it is logged, versioned, and traceable, Waldron said, This creates what he called a “complete audit trail,” which can be streamed to observability platforms (such as Datadog or Splunk) to provide users with greater oversight without slowing delivery. “With defined ownership, version control, and documentation, IT can maintain governance across the MCP services developed on Tray, replacing fragmented efforts with a single managed environment,” he added.

Agent Gateway Joins Tray AI Orchestration Platform for Secured, Governed Agentic AI

Tray’ai’s Agent Gateway operates as the latest component of its multi-function Tray AI Orchestration Platform.

Tray AI Orchestration Platform. Is designed to give developers “secure, governed control” over their entire AI Agent development-to-deploy lifecycle, Waldron said. This means “bringing the same enterprise-level standards that have long governed API and process automation — access control, observability, versioning, and auditability — into the world of AI agents, he told IDN.

Waldron detailed for IDN how Tray AI Orchestration Platform unites several crucial agentic AI capabilities:

Agent Gateway – Tray’s new orchestration capability that enterprises use to safely expose or consume Model Context Protocol (MCP) and Agent-to-Agent (A2A) services with built-in authentication, scope control, and governance.

 

Merlin Agent Builder – a no-code agent development environment that enforces guardrails, permissions, and version management from design through deployment.

 

Agent Hub – a composable asset repository that ensures every agent, tool, and Smart Data Source is managed, reusable, and versioned.

 

Together, these components make AI orchestration secure by design, not as an afterthought,” Waldron added.

 

For example, with Agent Gateway, every MCP interaction runs through governed endpoints — centrally logged, monitored, and controlled. An MCP server can be provisioned in minutes while still being tied to enterprise tokens, permissions, and configuration verification,

 

Think of it this way: Tray Guardian is what keeps each individual agent tool safe and compliant; and Agent Gateway ensures the entire agent ecosystem stays secure, observable, and interoperable. One enforces rules within agents, the other governs between them. And at the same time, IT and security teams use Agent Gateway to monitor, authorize, and adjust policies dynamically across their entire agent landscape — from a single, governed console. [Meanwhile, with] Merlin Agent Builder, developers can move fast, building or customizing agents.

 

The result is that AI orchestration finally meets enterprise IT: open, composable, and fully governed — so innovation can move fast without creating new risk.

Tray’s Holistic Approach to Agentic AI Removes Roadblocks

Tray.ai’s AI Orchestration Platform unified and correlated approach also helps remove three common roadblocks to moving AI agent projects “pilot to production” enterprises, Waldron highlighted 

• Complexity and integration sprawl – Instead of managing the complexity of hosting, scaling, and monitoring multiple untrusted community-built MCP servers, teams can use a single enterprise-ready MCP server on Tray. This unified approach provides instant access to 700+ trusted connectors and 10k tools with built-in monitoring, logging, and access controls, eliminating the need for infrastructure management entirely.
• Governance and security gaps – Guardrails ensure that every tool and agent operates within defined policies, eliminating the risk of “shadow MCP”. Authentications can be controlled and governed by IT, so they know what is being used where and how, rather than being blind to someone throwing a SFDC API key, for example, into a randomly downloaded MCP server.
• Real-time adaptability – Tray’s orchestration capabilities allow on-the-fly updates and scope changes without redeploying agents, safely accelerating experimentation.

Tray Casts a Light on ‘Shadow MCP” and Controls “AI Sprawl” 

Tray.ai’s launch of Agent Gateway come at a time when “shadow” AI projects are popping up all over many enterprises, particularly in the form of unauthorized or rogue MCP servers.

Tray.ai executives describe it this way:  “As enterprises race to extend agents with new capabilities, shadow MCP servers and tools are developed in JavaScript, Python, and ad-hoc scripts and services, often without IT visibility or required guardrails. Agent Gateway provides a managed environment for creating MCP servers and tools with defined policies, permissions, and versioning, so IT can maintain security and compliance, reduce shadow MCP development, and prepare the agent ecosystem for emerging standards, such as A2A.” 

Tray.ai’s platform also looks to tackle “shadow MCPs” twin sister –"AI Sprawl”  

We asked Waldron what this “AI sprawl” looks like, how it might compare to API sprawl of the last decade – and how Tray is helping get this under control.

What we’re seeing with AI today looks a lot like what happened with APIs a decade ago. As every team began publishing their own endpoints, organizations quickly realized they needed a layer of governance — authentication, version control, observability, and centralized policy management — to keep innovation from turning into fragmentation.

 

The same dynamic is now happening with AI and MCP (Model Context Protocol). Individual teams are deploying community-built and untrusted MCP servers, often with little oversight. That creates what [we’ve] called “AI sprawl” — lots of powerful but disconnected agentic components that expose risk and make management difficult.  The Tray AI Orchestration platform was built on modern API development standards such as JSON and JSON schema, which are directly compatible with MCP. Tray solves MCP sprawl in the same way we solved API sprawl: with hundreds of out of the box trusted connectors using the same modern standards.

 

The Tray Agent Gateway acts as the policy and visibility control point for every MCP server or tool — enforcing authentication, versioning, and observability by design. Each MCP tool published through Tray is centrally logged in Tray Insights Hub; versioned, and auditable  At the same time, Tray Merlin Agent Builder and Tray Agent Hub ensure that developers can still innovate quickly: they build agents from composable, certified building blocks instead of unmanaged code. IT teams then apply organization-wide policies through Agent Gateway, getting full telemetry, security, and control without slowing delivery.

 

So the parallel is exact — just as iPaaS unified APIs into governed, reusable services, Tray’s AI Orchestration Platform unifies agents and MCP tools into governed, reusable AI services. That’s why integration developers and API professionals are central to this next phase: they already understand how to manage scale, enforce policy, and drive reuse. We’re simply extending those same disciplines into the agentic world.

Readers can learn more about Tray’s Agent Gateway, and the entire AI Orchestration Platform here.