Back to Overview

Bridging the Gap: Secure Enterprise Integration for Productive AI Agents via MCP

Artificial Intelligence
A global reinsurer makes existing enterprise systems accessible to agentic AI systems with minimal effort. By opening its enterprise APIs via MCP, the company transforms productive AI agents into true knowledge work assistants – secure, controlled, and scalable enterprise-wide.

Project at a Glance

  • Challenge – Bridging AI and Enterprise Systems: Existing enterprise APIs need to become usable for Agentic AI while maintaining security and governance requirements
  • Solution: Provision of MCP tools based on existing APIs through Azure API Management as central governance layer, with OAuth 2.0 and consistent use of open standards
  • Result: Reusable architecture blueprint demonstrating that enterprise APIs can be made MCP-capable without specialized solutions or high investments
  • Key Feature: 100% open standards (MCP, OAuth 2.0) and reuse of existing infrastructure

Initial Situation

In the insurance and financial services industry, specialized processes rely heavily on analyzing complex, unstructured information and documents. In this environment, productive AI agents are already being deployed to support demanding knowledge work. The goal is to free up professionals for strategic tasks and optimize the use of valuable time. However, if agentic systems remain isolated from central enterprise systems, employees often need to manually aggregate and provide information. Without system integration and access to data repositories, the actual value of AI agents remains limited.

Our client faced the task of making their established API infrastructure accessible to agentic systems. This required maintaining strict compliance requirements and ensuring seamless integration with existing security infrastructure (Azure Entra ID, OAuth 2.0).

Solution

pentacor implemented a Proof of Concept that serves as a reusable architecture blueprint for the entire organization:

  • Implementation of Model Context Protocol (MCP): Leveraging the MCP standard to provide enterprise APIs as standardized tools for AI agents
  • Azure API Management as Platform: Deployment of the gateway as central security and management layer to enforce governance policies
  • Extension of Existing APIs: Provision of MCP-compliant endpoints with minimal code effort, without changing the core logic of existing APIs
  • Standardized Authentication: Consistent use of OAuth 2.0 to secure end-to-end communication, including OAuth Discovery for dynamic runtime configuration of AI agents

The pragmatic approach: leverage the existing platform and infrastructure and demonstrate that Azure API Management enables a solid entry into MCP without additional investments in specialized solutions.

Results

The implementation validates a scalable path for deploying Agentic AI in enterprise environments:

  • Increased Business Impact of AI: By eliminating isolation, AI agents can directly process information from enterprise systems, making knowledge work more efficient
  • Validated Security & Compliance: The solution meets all internal security requirements; authorization remains fully under the control of the customer's gateway
  • Scalability & Time-to-Value for AI: The blueprint provides the foundation for enterprise-wide MCP adoption and accelerates the deployment of future AI use cases

Project at a Glance

  • Challenge – Bridging AI and Enterprise Systems: Existing enterprise APIs need to become usable for Agentic AI while maintaining security and governance requirements
  • Solution: Provision of MCP tools based on existing APIs through Azure API Management as central governance layer, with OAuth 2.0 and consistent use of open standards
  • Result: Reusable architecture blueprint demonstrating that enterprise APIs can be made MCP-capable without specialized solutions or high investments
  • Key Feature: 100% open standards (MCP, OAuth 2.0) and reuse of existing infrastructure

Initial Situation

In the insurance and financial services industry, specialized processes rely heavily on analyzing complex, unstructured information and documents. In this environment, productive AI agents are already being deployed to support demanding knowledge work. The goal is to free up professionals for strategic tasks and optimize the use of valuable time. However, if agentic systems remain isolated from central enterprise systems, employees often need to manually aggregate and provide information. Without system integration and access to data repositories, the actual value of AI agents remains limited.

Our client faced the task of making their established API infrastructure accessible to agentic systems. This required maintaining strict compliance requirements and ensuring seamless integration with existing security infrastructure (Azure Entra ID, OAuth 2.0).

Solution

pentacor implemented a Proof of Concept that serves as a reusable architecture blueprint for the entire organization:

  • Implementation of Model Context Protocol (MCP): Leveraging the MCP standard to provide enterprise APIs as standardized tools for AI agents
  • Azure API Management as Platform: Deployment of the gateway as central security and management layer to enforce governance policies
  • Extension of Existing APIs: Provision of MCP-compliant endpoints with minimal code effort, without changing the core logic of existing APIs
  • Standardized Authentication: Consistent use of OAuth 2.0 to secure end-to-end communication, including OAuth Discovery for dynamic runtime configuration of AI agents

The pragmatic approach: leverage the existing platform and infrastructure and demonstrate that Azure API Management enables a solid entry into MCP without additional investments in specialized solutions.

Results

The implementation validates a scalable path for deploying Agentic AI in enterprise environments:

  • Increased Business Impact of AI: By eliminating isolation, AI agents can directly process information from enterprise systems, making knowledge work more efficient
  • Validated Security & Compliance: The solution meets all internal security requirements; authorization remains fully under the control of the customer's gateway
  • Scalability & Time-to-Value for AI: The blueprint provides the foundation for enterprise-wide MCP adoption and accelerates the deployment of future AI use cases

About the customer

The client is a major reinsurance company with global presence. As a reinsurer, the company is subject to particularly high security, compliance, and governance requirements. The IT landscape is characterized by established enterprise APIs, standardized processes, and a modern cloud infrastructure based on Azure. The client actively pursues strategies for automation and AI support of business processes, particularly in claims processing and underwriting – areas where manual processes traditionally dominate and significant automation potential exists.

Andreas Siegel

Software Engineer & Allesforscher

Any questions?

Are you facing a similar challenge and would like to learn how we can support you in a targeted and effective way? Andreas will be happy to assist you.

Contact now

We create digital experiences and products that drive progress for our customers and foster freedom for growth.

Let’s explore how we can collaborate effectively.
Services
Projects
© pentacor GmbH
Imprint