How It Works - Peta | MCP Infrastructure Architecture

System Overview

How Everything Connects

Peta is MCP infrastructure: a control-plane runtime with encrypted vault, zero-trust gateway, granular access policies, and human-in-the-loop approvals.

Zero Credential Exposure

Our Security Guarantee

Zero credential exposure: Clients use gateway tokens only. Real API keys stay encrypted in Vault and are injected server-side during execution.

Component Details

Inside Peta: MCP Vault, Console, and Desk

MCP vault and gateway, access policies, and human approvals working together.

Peta Core

Peta Core is the MCP vault and zero-trust gateway for your agents. It keeps external credentials encrypted in Vault, issues short-lived agent tokens instead of sharing API keys, validates identity, policy, and human-approval rules on every MCP request, and orchestrates managed MCP servers with autoscaling warm pools and health checks.

Zero-Trust Gateway

Validates identity, policy, and HITL rules before routing any MCP call

Managed MCP Runtime

Transform REST APIs into MCP servers, upload skill packages as namespaced tools, and manage lifecycle automatically

Vault & Secret Injection

External credentials stay encrypted server-side; only Peta service tokens reach clients

Peta Console

Peta Console is the policy and audit plane for agents. It lets you define who or which agent can access which MCP tools, in which environment, and which actions require human approval. Every request through the gateway is logged so you can trace usage, costs, and approvals across your MCP stack.

Team & AI Management

Grant precise tool access and approval rules per tenant, workspace, or agent

Service Token Lifecycle

Issue, rotate, and revoke gateway-only Peta service tokens without touching external keys

Live Observability

Track usage, costs, and audit trails across every MCP operation

Peta Desk

Peta Desk is the human-in-the-loop desk where agent requests become clear, reviewable approval tasks. When an agent wants to perform a high-risk action, Desk shows what it is trying to do and why, so humans can approve, deny, or modify the request from a familiar desktop experience -- without ever exposing raw credentials.

Works Everywhere

Native desktop experience on macOS, Windows, and Linux

Human-in-the-Loop Controls

Route risky actions for approval; AI suggests, humans decide

Auto Client Configuration

Inject Peta service tokens and MCP configs into ChatGPT, Claude, Cursor, and more without manual JSON edits

IMPLEMENTATION

How Peta Gateway Works

Multi-layered security architecture operating in parallel to protect your credentials

CONNECTION LAYER

Authentication & Session Management

How AI agents connect and authenticate to the gateway:

1AI Agent Request

UsesPeta service token

Never seesReal API credentials

Authenticate

→

2Token Validation

VerifyJWT signature & expiry

IdentifyUser context & permissions

Proceed

→

3Session Established

CreateSecure MCP session

TrackAll operations logged

PROCESSING LAYER

Request Validation & Execution

How each request is processed through the gateway:

1Request Validation

Permission checkRBAC/ABAC policies

Rate limitingPer-user/tool quotas

→

2Credential Injection

JIT decryption30s memory TTL

Server-side onlyNever exposed to client

→

3Tool Execution

ExecuteWith real credentials

AuditLog all operations

→

4Secure Response

SanitizeStrip all secrets

ReturnClean data to agent

CONTROL LAYER

Policy Enforcement Mechanisms

Multi-dimensional security controls evaluating every request:

1Risk Assessment

Operation typeRead/Write/Delete classification

Data sensitivityPII/Financial/System detection

→

2Policy Decision

Rule engineRBAC/ABAC/Custom policies

Context analysisUser/Time/Location factors

→

3Control Actions

Response typesAllow/Block/Approve/Mask

NotificationsAlert channels & webhooks

→

4Audit Trail

Log everythingRequest, decision, outcome

ImmutableCryptographic signatures

Specifications

Enterprise-Ready Infrastructure

Key specifications for buyers and technical reviewers

Core Specifications

MCP Protocol

Full compliance with MCP 2025-11-25 latest specification; all standard features supported

Security

AES-256-GCM at rest; memory-only decryption; JIT access; credential injection at gateway

Identity & Access

Zero-trust, RBAC/ABAC, SSO/SAML; rate limiting

Audit & Compliance

Immutable logs; SOC2 Type II ready; HIPAA capable; GDPR compliant

Platforms

Linux/Windows/macOS for both clients and servers

View Full Specifications