Star on GitHub Get Started Free
Get Started Free Star on GitHub

Connections

Estimated reading time: 2 minutes

Connections are at the core of Praesidia's security model. A connection defines a trusted relationship between two entities and the controls that govern their communication.

What is a connection?

A connection is a defined, authenticated link between two entities. Unlike traditional IAM where you assign permissions to individual resources, Praesidia focuses on the relationship between entities.

Every request between connected entities passes through Praesidia, where it is authenticated and checked against configured guardrails and policies.

Creating a connection

To create a connection, you need two registered entities. Specify:

  1. Client entity: The entity that initiates requests
  2. Server entity: The entity that receives requests
  3. Guardrails (optional): Content-level controls
  4. Policies (optional): Operational controls

A connection is directional. If Entity A needs to call Entity B and vice versa, you create two connections.

Connection types

Simple point-to-point

The most common setup: one entity connects directly to another.

Application --> MCP Server

The application authenticates through Praesidia, receives a token, and uses it to make requests to the MCP server. Every request is validated.

Multi-layered orchestration

For complex setups where requests chain through multiple entities:

Application --> Agent --> MCP Server 1
                     --> MCP Server 2

Each hop in the chain is a separate connection with its own guardrails and policies. The agent authenticates as a client to each MCP server independently.

No implicit trust

Connections must be explicitly defined. Even if two entities are registered in the same account, they cannot communicate unless a connection exists between them.

This zero-trust approach ensures that adding a new entity to your account does not automatically grant it access to existing services.

Updating connections

You can update guardrails and policies on a connection at any time without re-issuing credentials or restarting services. Changes take effect immediately.

This allows you to respond to security events in real time: tighten rate limits, add content filters, or temporarily disable a connection without disrupting the rest of your infrastructure.

Monitoring

Each connection provides visibility into the interactions flowing through it. You can see request volumes, response times, and any guardrail or policy violations.

Note: Advanced monitoring and analytics dashboards are coming soon.

Next steps