# MCP Servers: Agent Authorization

An MCP server needs to know whether a connecting wallet is authorized by a real human. The agent connects with its wallet; the server uses ProofPack to verify the IsDelegate chain back to an IsAHuman attestation—no identity data is exposed, just a yes/no.

**Flow:** Agent connects → server calls `verifyByWallet(agentWallet)` (or [IsDelegate REST API](https://docs.zipwire.io/fundamentals/security/attestations/is-delegate-rest-api)) → server grants or restricts access.

## Implementation (canonical)

All code lives in [**ProofPack Examples**](https://docs.zipwire.io/tools-and-integrations/proofpack-agent-delegation/proofpack-examples) and the main [**ProofPack & Agent Delegation**](https://docs.zipwire.io/tools-and-integrations/proofpack-agent-delegation) guide. Use:

* [Path 1: Wallet-only (JavaScript)](https://docs.zipwire.io/tools-and-integrations/proofpack-agent-delegation/path1-wallet-only-javascript) — `verifyByWallet(agentWallet)`
* [Express.js middleware](https://docs.zipwire.io/tools-and-integrations/proofpack-agent-delegation/express-middleware) — middleware that reads `x-agent-wallet` and returns 403 when not authorized
* [Common use cases → MCP Server](https://docs.zipwire.io/tools-and-integrations/proofpack-agent-delegation/common-use-cases#1-mcp-server-integration) — same check for granting or restricting MCP access