Star on GitHub Get Started Free
Get Started Free Star on GitHub

Entity Types

Estimated reading time: 2 minutes

Praesidia manages three types of entities. Each represents a component in your AI infrastructure that needs to communicate securely with other components.

Applications

An application is any web or mobile application in your stack. This could be a frontend app, a backend service, or a microservice.

When you register an application:

  • It receives a client key and client secret
  • It can be configured as a client (makes requests) or a server (receives requests) in connections
  • Guardrails and policies can be set for its interactions

Example: A customer-facing web application that needs to call an MCP server for AI-powered features.

MCP Servers

A Model Context Protocol server provides tools and resources to AI models. MCP servers are a critical part of modern AI infrastructure, exposing databases, APIs, and business logic to agents and applications.

When you register an MCP server:

  • It receives credentials for authentication
  • Praesidia acts as the authentication and authorization layer
  • You can control which entities are allowed to connect and what tools they can access
  • Content-aware guardrails can filter requests and responses

Example: An MCP server that provides access to a product database. You want to allow a customer agent to query products but prevent it from modifying inventory.

Agents

An agent is an AI system that can take actions. Praesidia supports two types:

  1. External agents: Agents running outside of Praesidia. You register them and manage their connections and security.
  2. Platform agents: Agents built and hosted directly on Praesidia using OpenClaw or ZeroClaw, deployed on Heroku. Full lifecycle management from creation to monitoring.

When you register an agent:

  • It receives credentials like any other entity
  • It can connect to applications and MCP servers
  • Guardrails control what it can request and what it receives
  • Policies set operational boundaries (rate limits, schedules, etc.)

Example: An AI agent that processes customer support tickets. It connects to a CRM MCP server and a knowledge base MCP server, with guardrails preventing it from accessing financial data.

Entity credentials

Every entity receives:

  • Client key: A public identifier for the entity
  • Client secret: A private key used for authentication

Use these credentials to authenticate requests through Praesidia's OAuth2 endpoint:

POST https://auth.praesidia.ai/oauth/token
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials
&client_id=YOUR_CLIENT_KEY
&client_secret=YOUR_CLIENT_SECRET

The response includes an access token to use in subsequent authenticated requests.

Next steps