Your data. Your infrastructure. Your control.

The MCP Gateway — built on the open Model Context Protocol standard — runs on your infrastructure. Your operational data (pilots, aircraft, flights, maintenance records) is queried in real time through your own REST API. Nothing is copied, cached, or stored outside your network.

UAVCrew.ai never has direct access to your database. The gateway translates AI agent requests into authenticated HTTP calls against the APIs you already run and control. Integration is configured via a declarative manifest that maps your existing API endpoints to operational data types — no code changes required on your side.

Every agent request generates a short-lived, scoped delegation token using industry-standard RS256 JWT (RFC 7519) signed with asymmetric keys. Each token specifies exactly which data types the agent is authorized to access for that specific request — for example, read:aircraft and read:maintenance.

Tokens expire after 30 minutes. There are no persistent credentials or standing access. The gateway validates every token cryptographically before executing any request against your API.

Access is enforced via role-based access control (RBAC) — each agent has a defined access matrix specifying which operational data types it can read and which it can write. This is enforced at both the UAVCrew platform and the on-premise gateway.

Agents can read data freely within their authorized scope. But when an agent needs to write — create a maintenance record, update a flight status, schedule an inspection — the operation is intercepted and presented as an Action Card in the chat interface.

Your team sees exactly what the agent wants to do, reviews the details, and explicitly approves or rejects the action. Nothing changes in your system without human authorization.

Your operational data is never used to train AI models. Queries and responses are processed in real time and not retained for model improvement by any LLM provider.

LLM providers receive only the minimal context needed for each specific request. Your fleet data, pilot records, and maintenance history are not part of any training dataset.

Every agent action is tagged with the agent's identity. Your API receives an X-Agent header on every request, enabling your own audit logging to record exactly which AI agent took which action and when.

Conversation history — every message, tool call, and approval decision — is retained for compliance review. You have complete visibility into what your AI agents are doing.