Govern
Deploy MCP-I servers for AI agent governance with delegations, proofs, and consent flows
What is Govern?
Checkpoint Govern enables you to deploy and manage MCP-I (Model Context Protocol with Identity) servers for comprehensive AI agent governance. While Detect identifies agents and Enforce blocks or redirects them, Govern provides a framework for authorizing agents — letting verified AI agents interact with your resources under controlled conditions.
Govern implements a zero-trust model: every AI agent request must carry a cryptographic proof of identity and authorization before accessing protected resources.
How It Works
AI Agent → MCP-I Proof → Your Server → Checkpoint Verification → Protected Resource
↓
Dashboard (audit trail)- An AI agent obtains a delegation (authorization grant) through an OAuth flow
- The agent creates a cryptographic proof for each request, referencing the delegation
- Your server uses
@kya-os/bouncer-middlewareto verify the proof with Checkpoint - If valid, the request proceeds with verified agent identity attached
- All activity is logged to the Checkpoint dashboard for audit
Key Concepts
Agent DIDs
Every AI agent is identified by a DID (Decentralized Identifier), such as did:key:z6Mk.... This provides a stable, verifiable identity for agents across sessions and services.
Delegations
A delegation is an authorization grant from a user or service to an AI agent. It specifies what the agent can do (scopes), for how long, and under what constraints. Think of delegations as OAuth tokens for AI agents.
Proofs
A proof is a cryptographic assertion attached to each request. It contains the agent's DID, the target audience, a nonce, and a reference to the delegation that authorizes the request.
Learn more about proof verification
Scopes
Scopes define fine-grained permissions. For example, files:read allows reading files while payment:create allows initiating payments. Each delegation grants specific scopes, and each protected endpoint can require specific scopes.
Verifiable Credentials
Checkpoint issues and verifies verifiable credentials that attest to agent identity and permissions. These are signed by Checkpoint's infrastructure and can be independently verified.
Deployment Options
Checkpoint supports two deployment models:
| Model | Description | Infrastructure |
|---|---|---|
| Dashboard Deploy | One-click setup with GitHub repo + Cloudflare Worker | Your GitHub + Cloudflare account |
| Self-Host (BYOK) | Full control with MCP-I packages | Your infrastructure |
Migrating an Existing MCP Server
Already have a standard MCP server? Add MCP-I identity and authorization without rewriting your server.
Authentication Methods
When an agent requests access, the user must authenticate. Checkpoint supports multiple methods:
| Method | Description |
|---|---|
| Consent Only | Simple approve/deny — no external auth required |
| OAuth | Sign in with GitHub, Google, Microsoft, and more |
| Custom Provider | Connect your own authentication backend |
| Credentials | Username/password or API key authentication |
Compare authentication methods →
Quick Start
1. Install the middleware
npm install @kya-os/bouncer-middleware2. Protect an endpoint
import express from 'express';
import { createBouncerMiddleware } from '@kya-os/bouncer-middleware';
const app = express();
app.use(express.json());
app.post(
'/api/files',
createBouncerMiddleware({
apiKey: process.env.CHECKPOINT_API_KEY!,
projectId: process.env.CHECKPOINT_PROJECT_ID!,
requiredScopes: ['files:write'],
reputationThreshold: 60,
}),
(req, res) => {
// Access verified agent info
const { agentDid, scopes, reputation } = req.bouncer;
res.json({ message: 'File created', agent: agentDid });
}
);3. Configure tools in the dashboard
Navigate to Project → Control Access → Tools to define which tools require delegations and what scopes they need.
Features
| Feature | Description |
|---|---|
| Deployment | Deploy MCP-I servers via dashboard or self-host |
| Migration | Add MCP-I to an existing MCP server |
| Auth Methods | OAuth, Consent Only, Credentials, Custom Providers |
| Delegations | Create and manage authorization grants for AI agents |
| Proofs | Verify cryptographic proofs on every request |
| OAuth | Standard OAuth flows for agent authorization |
| Tool Protection | Per-tool scope requirements and access control |
| Consent Flows | User consent UI for agent authorization |
Govern vs Enforce
| Govern | Enforce | |
|---|---|---|
| Purpose | Authorize known agents | Block unknown agents |
| Model | Allow-list with cryptographic verification | Detect and apply policies |
| Use case | MCP server developers, API providers | Website and app developers |
| Integration | @kya-os/bouncer-middleware | Gateway (DNS) or Middleware (code) |
Govern and Enforce are complementary. Use Enforce to protect your web application from unwanted bots, and Govern to authorize legitimate AI agents that need to interact with your APIs.
Dashboard
Manage Govern features from the Checkpoint dashboard:
- Delegations — View and revoke active delegations
- Proofs — Monitor verification activity and audit agent access
- Control Access → Tools — Configure tool-level permissions
- Control Access → Consent — Customize the consent page agents see
- Control Access → Config — General Govern configuration
Next Steps
- Deploy an MCP-I Server — One-click deployment or self-host
- Migrate from MCP to MCP-I — Add identity to an existing server
- Authentication Methods — Choose how users authorize agents
- Managing Delegations — Create and verify authorization grants
- Proof Verification — Implement server-side proof checking
- OAuth Integration — Standard OAuth flows for agents
- Tool Protection — Per-tool access control
- Consent Flows — User consent for agent actions