Release Notes
Back to All

Pathfinder 26.1: MCP Gateway and PathfinderAI

April 15th, 2026

Pathfinder MCP gateway

What's new

BeyondTrust is introducing the Pathfinder MCP (Model Context Protocol) Gateway as an Early Access feature in Platform release 26.1. This release lets AI agents (VS Code copilots, custom chatbots, Cursor, Microsoft Security Copilot integrations, and more) connect directly and securely to your BeyondTrust environment through a single, authenticated endpoint.

This is a foundational capability release. The gateway is read-only, US-region only, and available on an opt-in basis. You can try it and opt out at any time. This release delivers the foundational platform capabilities for MCP access tokens, MCP Gateway/Proxy, Personal Access Tokens, and AI enablement controls, and treats all work that has been started as delivered for this version.

ℹ️

For more information, see Welcome to Pathfinder MCP gateway.

Key capabilities

Single endpoint for all connected products

The Pathfinder MCP gateway exposes tools from seven BeyondTrust product categories through one endpoint:

https://mcp.beyondtrust.io/mcp

Any MCP-compatible agent connects once, discovers available tools automatically, and can query across products without switching contexts. Supported products include:

ProductNotes
Identity Security InsightsRecommendations, risk queries
EntitlePermissions and JIT access requests
Password SafeManaged accounts and credentials
EPM for Windows and MacPolicies, JIT elevation sessions
EPM for LinuxEntitlements, activity
Privileged Remote Access (PRA)Session summaries
Remote Support (RS)Session data

Minimum product versions required

Read-only by design

Every tool exposed through the gateway in this Early Access release is a read operation: list, get, show, index. No write-back to BeyondTrust products is supported at this time. Agent queries flow out to your agent; no changes are made to your environment.

Your existing permissions, automatically enforced

The MCP gateway does not grant new access. Every request runs under the identity of the MCP token owner and respects all existing product-level roles and permissions in Pathfinder. If a user cannot see data in the Pathfinder UI, their agent cannot see it through MCP either.

Required token scopes:

  • mcp: gateway access
  • api: product API access

MCP access tokens with flexible lifecycle management

Administrators enable MCP at the site level. Users then generate their own MCP access tokens from their Pathfinder profile. Tokens support:

  • Configurable expiration: 30, 60, or 90 days, or a custom date up to one year
  • Per-token visibility: creation date, last login, and status visible in-profile
  • Instant revocation of any active token

Token format: MCP_xxxxxxxxxxxxxxxxxxxx

Authentication header: Authorization: Bearer MCP_xxxx

AI enablement governance

MCP access is governed by a two-level entitlement model:

  • Org-level toggle: Administrators can enable or disable AI features for the entire organization from the Support Console.
  • Site-level toggle: Administrators can set MCP to Read Only per individual US-region site via Administration > Edit Site > Platform Model Context Protocol (MCP).

All changes to AI enablement settings are audited.

PathfinderAI: Explore your security data with AI

Your identity security data just got a whole lot easier to explore. PathfinderAI is an AI assistant built directly into Insights: type or speak a question in natural language, and it queries your live environment data to deliver structured, actionable answers. No dashboards to navigate, no filters to configure – just ask "who can get to global admin?" and get a prioritized breakdown of every account with that access, how they got it, and what to do about it.

ℹ️

For more information, see PathfinderAI.

What you get with PathfinderAI

Instant answers across every connected provider: PathfinderAI has access to the same data you see throughout Insights – every connector you've configured is fair game. Ask about Azure AD roles, Active Directory privilege paths, AWS permissions, ServiceNow accounts, or any other connected provider, and get a unified answer without switching between views or building queries.

Risk-prioritized analysis on demand: Ask PathfinderAI about your top risks, excessive permissions, or stale accounts, and it delivers severity-ranked findings with instance counts and impact context – broken down by provider, by role, or however you want to slice it. Follow up with "break that down by provider" and it refines the answer without losing context.

Actionable recommendations, not just data: When PathfinderAI identifies a risk, it doesn't stop at the finding, it provides prioritized remediation steps so you know what to address first and why.

Follow-up questions within a conversation: Start with a broad question like "are there stale accounts with privileged access?" then drill down with "break that down by provider". PathfinderAI uses the context of your current conversation so you don't have to repeat yourself.

🚧

Important information

PathfinderAI is available as an Early Access feature in the US region only.

To enable it, an Administrator must navigate to the Administration site, select the edit button for the site, and toggle PathfinderAI to "On." Once enabled, PathfinderAI appears in the main navigation menu. Each response includes options to copy, retry, quote-reply, and provide feedback on whether the response was helpful.

©2003-2026 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.