Telefónica and Nokia use agentic AI to accelerate network API adoption
Telefónica and Nokia are piloting agentic AI to make network APIs easier to expose, discover, and consume, aligning with GSMA Open Gateway’s push for interoperable, developer-ready telecom capabilities.
GSMA Open Gateway momentum meets AI-powered execution
Industry efforts like GSMA Open Gateway and CAMARA have raised awareness of standardized network APIs, but uptake hinges on practical tooling that abstracts network complexity while preserving telco-grade security and control. Telefónica and Nokia are now testing agent-to-agent orchestration and context-sharing protocols to let AI “agents” reliably find, chain, and call network functions in a repeatable way. The initiative is less about new APIs and more about operationalizing them at scale, so enterprises can plug network intelligence into real-time business workflows without bespoke integrations.
From APIs to agentic AI: the new consumption layer for telecom
Agentic AI introduces autonomous software agents that can plan, select tools, and coordinate with other agents to complete tasks. In telecom, that means agents can query exposure platforms, negotiate policies, validate entitlements, and sequence multiple network capabilities—turning static APIs into composable, goal-driven building blocks. For buyers, the promise is faster time-to-value and portability across operators; for telcos, it is a path to higher attach rates and monetization through curated bundles, policies, and SLAs enforced by exposure platforms.
Inside the Telefónica–Nokia agentic AI pilot
The collaboration combines emerging AI protocols with Nokia’s exposure stack and Telefónica’s network testbed to validate agent-driven workflows on real telecom capabilities.
The protocols powering agents: A2A and MCP
The Agent-to-Agent Protocol (A2A) provides a common way for multiple AI agents to discover each other, exchange intent, and coordinate complex tasks without brittle, point-to-point integrations. The Model Context Protocol (MCP) standardizes how AI systems securely access external tools, data, and API schemas, keeping context fresh and permissions consistent. Used together, A2A handles coordination while MCP governs tool access and context, reducing custom glue code and improving auditability.
Exposure and aggregation platforms for network APIs
Telefónica is running a lab environment that uses an MCP server on Nokia’s Network Exposure Platform to surface standardized network APIs and related resources. Nokia’s Network as Code platform then aggregates these capabilities and presents them to application developers and agents in an A2A-friendly format. This two-layer approach—exposure for policy and security, aggregation for packaging and discoverability—aims to give developers a consistent interface while letting operators enforce governance, throttling, and observability.
First use case: telecom signals for banking fraud prevention
The initial pilot centers on financial fraud detection, where low-latency network signals provide valuable risk checks. An agent-driven application can call SIM-swap and device-change signals (and related attributes) to flag suspicious profile shifts before authorizing transactions. In the lab, Telefónica’s network capabilities are exposed via MCP, and Nokia aggregates them for A2A consumption so a fraud agent can orchestrate queries, interpret results, and trigger downstream actions. Additional use cases—such as number verification, device status, or quality-on-demand—are logical next steps.
Why this matters for telecom operators and enterprise buyers
The project moves network APIs from isolated endpoints to an agent-ready fabric that can automate trust, policy, and orchestration across ecosystems.
Monetization models beyond per-API calls
Agentic patterns enable curated bundles (for example, identity and risk signals), outcome-based offers, and tiered SLAs aligned to business workflows rather than single endpoints. Exposure platforms can enforce quotas, dynamic pricing, and partner revenue sharing while ensuring compliance. For operators, packaging capabilities as reusable “skills” for agents can increase adoption and create cross-sell paths into analytics, edge compute, and private networks.
Security, trust, and compliance built into the product
Financial services, healthcare, and public sector workloads require verifiable controls. MCP provides consistent authorization, scoping, and auditing for tool access, while A2A supports signed messages and policy-aware coordination. Telcos must still address AI governance—model provenance, prompt injection, rate limiting, data minimization, and regional sovereignty—so enterprise security teams can certify agent workflows. Exposure platforms should integrate with SIEM/SOAR, identity providers, and secrets management to pass enterprise risk reviews.
Developer experience and GSMA/CAMARA standardization
Developers need portable APIs, SDKs, and reference agents that work across operators. Alignment with GSMA Open Gateway and CAMARA definitions is critical to avoid fragmentation. The Telefónica–Nokia approach—MCP for consistent schemas and credentials, A2A for orchestration—can reduce time-to-first-call, simplify multi-operator onboarding, and make cross-market rollouts feasible for global apps. Clear documentation, sandboxes, and usage telemetry will be as important as the APIs themselves.
Key challenges to scale agentic AI for network APIs
Success depends on production-grade reliability, consistent standards adoption, and enterprise-ready governance at scale.
Ecosystem maturity and cross-operator portability
Enterprises will demand that agents built for one operator also run with others without rework. This requires consistent API semantics, error models, quota policies, and eventing across networks, plus compatibility across different exposure platforms. Early wins will likely come from high-value, low-friction signals like number verification and SIM-swap insights before expanding to session control or QoS.
Operational robustness and reliability for agent workflows
Agent chains introduce new failure modes—tool timeouts, inconsistent contexts, and circular reasoning. Production rollouts will need guardrails: deterministic fallbacks, strong idempotency, circuit breakers, and observability spanning the agent layer and the network API layer. SLAs must reflect multi-hop dependencies, not just single endpoints.
Data stewardship, consent, and AI ethics
Risk data is sensitive. Operators and platform vendors must maintain strict purpose limitation, consent handling, and lawful access controls. Clear data-retention policies, encryption standards, and explainability for agent decisions will be central to customer trust and regulatory compliance.
What operators and enterprises should do now
Enterprises and operators can prepare for agent-driven network integrations by establishing the right pilots, controls, and partnerships.
Recommendations for operators
Prioritize two to three cross-industry, high-value use cases (for example, fraud risk, identity verification, and device attestation) and expose them via MCP-compatible endpoints mapped to Open Gateway/CAMARA specifications. Stand up an agent sandbox with golden paths, rate limits, and synthetic data. Define monetization tiers and security policies at the exposure layer, integrate with enterprise identity and observability, and publish reference A2A agent templates.
Recommendations for enterprises and ISVs
Start with controlled pilots that combine network signals with existing risk engines or CX workflows. Use MCP to manage tool access and secrets, and adopt A2A patterns to keep orchestrations modular. Build evaluation criteria around accuracy lift, latency, coverage across operators, and compliance posture. Engage early with operators and platform vendors on SLAs and data-handling requirements.
Metrics to track for adoption and performance
Watch time-to-first-call for developers, cross-operator portability, agent workflow success rates, fraud-detection lift versus baseline, mean latency per agent step, and revenue per API bundle. Also monitor standardization milestones within GSMA Open Gateway and adjacent open-source efforts that impact compatibility and tooling.
Bottom line: by pairing exposure platforms with agentic AI protocols, Telefónica and Nokia are turning network APIs into composable, policy-aware building blocks that enterprises can adopt faster—provided the ecosystem executes on security, reliability, and standards at scale.







