I spent the last year building agentic systems with MCP and MCP Gateway, and want to share what I learned — especially the things you only hit when you try to build for a real, regulated domain.

The build is a four-part system: a React portal, a LangGraph agent, Microsoft MCP Gateway as the front door, and a FastMCP server with 19 tools behind it. This talk walks through how the pieces fit together and the specific patterns that worked.

What I'll cover:

- How I structured MCP tools with Pydantic schemas, idempotency keys, and correlation IDs that travel through every layer
- Why my first three gateway deployments failed and how the mcp-session-id header fixed stateful tool routing through MCP Gateway
- A simple tool wrapper pattern that keeps sensitive data like SSN out of the LLM context while the agent still reasons about the workflow
- Why I made consent its own MCP tool with a signed receipt instead of bundling it into submit
- Three gaps I hit in MCP and the gateway and how I worked around them — honest notes for the community

If you're building with MCP and MCP Gateway and heading toward anything production-grade, these are the patterns I wish I'd had going in.