Claude agents connect to APIs securely

Anthropic is solving a key enterprise security risk, allowing its Claude AI agents to securely connect to internal APIs without exposing sensitive credentials.

Enterprises have been hesitant to connect AI agents to internal systems due to the security risk of agents carrying authentication tokens. A compromised agent could leak these credentials, granting access to sensitive data. Anthropic is addressing this critical issue with two new features for its Claude Managed Agents. The first, self-hosted sandboxes, allows companies to run the agent's tool execution code within their own secure infrastructure. The second, MCP tunnels, creates a secure connection between the agent and private servers without ever exposing the credentials to the agent itself. This design ensures that the "keys" to internal systems never leave the company's control.

This development is significant because it removes a major barrier to the enterprise adoption of AI agents. Security and IT teams have been cautious about deploying agents that could potentially expose internal APIs and databases. By isolating credential management from the agent's execution environment, Anthropic provides a much-needed layer of security and control. This move directly addresses a core concern for CTOs and developers evaluating AI agent architectures, positioning Claude as a more enterprise-ready solution. It allows businesses to more confidently explore using AI agents for complex internal workflows without compromising their security posture.