Talk tech with tips and tutorials from builders at Kong and the Kong Community.
Whether you're drawn to Kong Insomnia's native OpenAPI support, its Git-based sync workflow, or its lightweight interface, migrating from Postman doesn't have to be a weekend project. Insomnia natively understands Postman's export format and can bring over your collections, environments, folder…
[](/blog/engineering/migrating-collections-and-requests-from-postman-to-insomnia)
Digital agreements are at the heart of many critical business processes. As companies modernize their technology stacks and adopt API-driven architectures, integrating agreement workflows directly into applications has become increasingly important. By combining the capabilities of Kong Konnect…
[](/blog/engineering/automating-agreement-workflows-kong-konnect-and-docusign-for-developers)
Modern API architectures are no longer linear. A single request can traverse multiple layers of authentication, transformation, enrichment, and observability. As these flows grow more dynamic, the need for fine-grained control over when plugins execute becomes critical. For years, the standard…
[](/blog/engineering/conditional-policy-execution)
OAuth 2.0 Token Exchange fundamentally alters how services establish trust. And the API gateway is the ideal location to enforce this new model. Modern applications don’t run as a single monolithic. They are composed of services — frontend APIs, backend microservices, third-party integrations —…
[](/blog/engineering/token-exchange-at-the-gateway)
Enterprise security teams have clear requirements: no static credentials, no exceptions. Every service-to-service connection, whether it's Kong talking to databases, caches, or vaults, should authenticate using the same IAM-based identity model that governs the rest of their cloud infrastructure.…
[](/blog/engineering/cloud-native-authentication)
The microservices revolution promised agility and scalability. Teams could deploy faster, scale independently, and innovate without monolithic constraints. You gain speed and flexibility, but you also multiply trust boundaries, identities, network paths, and policy decisions. Then came AI, and…
[](/blog/engineering/5-best-practices-securing-microservices-scale)
AI APIs don't get enough credit for how much weight they're actually carrying. These AI APIs aren't merely technical connectors. They're, in fact, cost drivers and potential revenue engines. And when something goes sideways, they're ground zero. In production, they behave nothing like the…
[](/blog/engineering/monetize-ai-apis)
Bringing APIs and events together has always been a challenge. REST APIs give developers a familiar interface, while event brokers like Solace Broker excel at fan-out, filtering, and scalable, reliable event delivery. The tricky part? Bridging these two worlds without building a lot of custom glue.…
[](/blog/engineering/smarter-event-driven-apis-kong-solace)
A persistent challenge arises as businesses adopt multicloud architectures and agentic AI: the need for state synchronization. API and AI gateways require a robust persistence layer to synchronize data, whether it's for governing AI token usage, facilitating agent-to-agent communication, or…
[](/blog/engineering/dedicated-cloud-gateways-managed-redis-multi-cloud)
As enterprises start deploying AI agents into real systems, a new architectural challenge is emerging. Agents need a reliable way to discover tools, services, and capabilities dynamically, instead of relying on hardcoded integrations. This is where the Model Context Protocol (MCP) ecosystem is…
[](/blog/engineering/mcp-registry-dynamic-tool-discovery)The AI coding and Agent Harness approach is no longer experimental. This is likely the most impactful agentic AI use case in production today, and Claude Code is one of the solutions really leading the charge. But as engineering teams race to adopt Claude Code across their organizations, a critical…
[](/blog/engineering/claude-code-governance-with-an-ai-gateway)
In today's digital landscape, APIs are the backbone of modern applications, and AI is the engine of innovation. As organizations increasingly rely on microservices and AI-powered features, the API gateway has become the critical control point for managing traffic. But as LLM/GenAI and MCP requests…
[](/blog/engineering/prisma-airs-kong-ai-gateway)
APIs and integrations are the foundation of the modern enterprise. Every organization needs to securely connect systems, move data, and automate workflows, all while maintaining control, visibility, and flexibility. Increasingly, those same APIs are also being consumed by AI-powered applications…
[](/blog/engineering/kong-and-polyapi)
For too long, the Model Context Protocol (MCP) has operated on a principle of open access: connect an AI agent to an MCP server, and it gets access to every single tool that server offers. While this approach is simple for initial experimentation, it quickly becomes a liability in production.…
[](/blog/engineering/mcp-tool-governance-security-meets-context-efficiency)
Modern AI applications are no longer just about sending prompts to an LLM and returning text. As soon as AI systems need to interact with real business data, internal APIs, or operational workflows, the problem becomes one of orchestration, security, and control. The challenge is to build secure AI…
[](/blog/engineering/secure-ai-agents-volcano-sdk-kong-mcp-proxy)Have you ever asked an AI assistant to generate code for a framework it doesn't quite understand? Maybe it produces something that looks right, but the syntax is slightly off, or it uses deprecated patterns. The AI is working hard, but it lacks the specific context it needs to truly help you. The…
[](/blog/engineering/mcp-servers-guide)