AI runtime authorization
What the MCP proxy does and why it sits between AI clients and upstream services. → AI runtime authorization
Explanation
Explanation pages cover the reasoning behind Wicket’s design — tradeoffs, threat models, and conceptual context. Read these when you want to understand why, not just how.
Request flow
Step-by-step trace of an MCP tool call through the proxy, Cedar evaluation, and upstream. → Request flow
Trust model
How agents, members, and owners relate — and what each party can see or control. → Trust model
Why structured policies
Why Wicket exposes a structured UI instead of raw Cedar, and when you’d want raw Cedar anyway. → Why structured policies
Threat model
What Wicket protects against, what it explicitly does not protect against, and the credential security model. → Threat model
Compliance posture
Current SOC 2 status, data residency, and retention practices. → Compliance posture