Key Takeaways

  • Set clear, measurable goals and understand what specific problems you’re solving before investing in agentic AI to avoid scope creep and wasted resources.
  • Agentic AI systems depend on robust, secure APIs to function properly. Without mature APIs, you’ll face integration challenges and security vulnerabilities.
  • Multi-agent systems require sophisticated workflow management beyond basic API access to handle collaboration between different AI agents effectively.
  • While simple API vendors work for basic connections, comprehensive platforms like Axway’s Amplify provide the unified management, security, and orchestration capabilities needed for enterprise AI success.

It’s tempting for organizations today to jump onto the agentic AI bandwagon, driven by pressure from multiple fronts. Fierce competition within the market compels businesses to explore new avenues for efficiency and innovation. C-level executives, eager to maintain a competitive edge and demonstrate forward-thinking leadership, often champion aggressive AI adoption targets. Simultaneously, the media hype and market expectations increase the drive to invest in advanced AI capabilities, even before fully understanding the requirements or potential pitfalls.

We recently warned of the need for more control around agentic AI initiatives. The next question is, where do you go from here? We would like to suggest some best practices and share how Axway can help incorporate agentic AI in your organization.

Define success before starting: set your goals for AI use cases

Before embarking on any agentic AI project, it is important to establish clear and measurable outcome definitions. Without a precise understanding of what success looks like — what specific problems we are trying to solve, what quantifiable results are expected, and how performance will be evaluated — projects will be aimless, prone to scope creep, and at high risk of failing to deliver tangible value.

As we saw with blockchain in the recent past and many other rising technologies, the endeavor should not turn into a preselected solution looking for a problem, but rather the optimal solution for a problem we are trying to solve.

In that context, agentic AI is one of the options, assuming it will be demonstrably (based on quantifiable criteria) the best, most cost-efficient, or uniquely capable approach compared to other methods.

Defining the desired end-state up front provides focus, guides development, enables effective testing, and ensures that the significant investment in agentic AI will bring meaningful returns.

Secure and integrate: why API maturity matters

For agentic AI projects to deliver on their promise, it is critical to first evaluate and update your organizational readiness. Particularly in the context of this discussion, API maturity is a prerequisite.

To access information, AI agents rely heavily on APIs to connect with enterprise systems, external data sources, and various tools. Immature APIs will inevitably lead to significant integration challenges, security issues, and a fragile agent experience.

See also: OpenAI’s Super Agents: Future API-Powered Digital Personal Assistants

The security aspect as part of this maturity evaluation is critical. Agents introduce complex security considerations and require robust identity management and granular access controls. Without well-defined API security models, agents could inadvertently access sensitive data, perform unauthorized actions, or become vectors for broader system compromise.

Beyond access: orchestrating intelligent workflows

There are quite a few API gateway vendors now adding support for MCP and A2A – allowing you to define and configure an (MCP) interface – but realistically, that that is not enough.

MCP (Model Context Protocol) servers establish a common language that allows agents, systems, and tools to exchange data and coordinate tasks. They form the technical backbone of intelligent automation, providing a standardized foundation for multi-step workflows. Beyond the pure access to your MCP Server, facilitated through the gateway function, you must ensure that you can orchestrate these complex workflows with seamless execution across various systems.

This is where Amplify Fusion comes in – not only providing you the ability to create an MCP interface but also allowing you to integrate and orchestrate the flows with your back-end systems in a low-code/no-code manner.

Agent-to-Agent collaboration: the next frontier

When it comes to A2A, organizations must establish processes that enable agents to intelligently communicate and collaborate. Beyond an individual agent’s access to an MCP server for tools and context, organizations need to ensure that different AI agents can seamlessly exchange information and delegate tasks to one another in multi-agent systems. This requires a robust orchestration layer that facilitates these complex, A2A-driven AI workflows, with seamless execution across various agents and the systems they interact with.

Amplify Fusion not only allows you to manage the interactions between agents but also to integrate with back-end systems that individual agents might need to access or update.  The low-code/no-code approach and pre-built connectors significantly reduce the complexity as well as the required time and effort.

Security at scale: managing identity, access, and governance

Similarly, just having the integration capabilities is not enough either.  The earlier described challenges around security and authentication / authorization require you to pick a vendor that can help you manage this complexity and additional sprawl for all your assets.

Architecture diagram illustrating a client-server interaction flow with third-party integrations. On the left, a user icon and AI bot icon are labeled 'Client - Server' with an arrow pointing to a stylized head silhouette containing a circuit/network pattern, representing AI processing. From this central processing unit, two dark blue arrows branch out to integration points marked with chain-link icons. The upper path leads to 'Server - 3rd Party' services, showing a key icon followed by multiple colored arrows (red, teal, and blue) pointing to a circular network node icon and a database cylinder. The lower path shows similar integration flow with a key icon, followed by red, green, and gray arrows leading to a hexagonal icon, representing different third-party service connections and data flows.

The simplistic diagram above visualizes the challenges around credential management, authentication, and authorization. This diagram still looks manageable but now, imagine this multiplied by a factor of 100.

Diagram showing interactions between MCP protocol and API applications

We covered some of the security challenges in a previous blog, but just to highlight a few governance problems:

  • MCP servers using their own broad(er) permissions instead of the user’s, limited permissions
  • MCP servers relying on long-lived, static access tokens
  • Lack of granular permissions in the back-end applications/services
  • Decentralized credential management and sprawl
  • Lack of auditing/visibility

There is currently a proposal being discussed in the MCP community referred to as Secure Elicitations, which will help alleviate the complexity around server-to-third-party authorization. But in the absence of this initiative being ratified and implemented, this remains a challenging area. At Axway, we are keeping a close eye on these developments and will incorporate them as soon as they mature into a standard.

Finding the right partner: built for the AI era

Choosing a vendor today means looking beyond just connecting systems. It’s about building an intelligent, adaptive, and future-proof digital ecosystem. Here’s why Axway’s Amplify Platform, with its integrated API management and integration capabilities and an integrated, unified engagement layer, offers a significant strategic advantage over an API-only approach, especially as your organization increasingly leverages AI.

If you’re looking to simply connect a few systems, an API-only vendor might be good enough. However, if your vision includes leveraging AI agents, building intelligent enterprise orchestration, breaking down data silos, and creating a truly adaptive enterprise, Amplify is the clear choice.

Any MCP servers you create are automatically registered in Amplify Engage. Non-Axway MCP assets can be registered in a few clicks – providing you one central registry with all your AI assets in addition to your more traditional ones.

Take advantage of the capabilities in Engage to curate, productize, and monetize your new agentic assets. And manage the lifecycle, improve the definition for human discovery and evaluation, drive adoption, and add monetization options.

Transform fragmented systems into real-time, governed data flows that power intelligent automation, frictionless orchestration, and AI-ready business innovation.

Share this article