The Model Context Protocol (MCP) represents a transformative shift in how AI agents connect to data and tools, but the path to production-readiness and real-world AI value is still fraught with challenges.
As organizations rush to adopt MCP and build agentic workflows, they're encountering four critical barriers:
These aren't minor hurdles. In fact, they're fundamental obstacles that must be solved before MCP can truly scale in enterprise environments.
The solution landscape is complicated by the fact that MCP is still finding its footing, and there are many various OSS projects and vendors that are rapidly shipping “MCP support” in an attempt to take advantage of the hype and attention around MCP.
Unfortunately, many early attempts at solutions have missed the boat, and organizations find themselves in a place where they now have even more MCP challenges than they may have had before, with no easy way to identify which solutions promise real value. Some examples include half-hearted tools that:
At Kong, we’ve taken a different approach — one that prioritizes meaningful support over chasing hype, building on our trusted foundation as the innovator in AI gateway infrastructure, and leveraging our deep expertise from shipping the first enterprise-grade AI gateway for LLM traffic, agentic workflows, and advanced AI-powered automation.
We’re solving the pressing problems around enterprise MCP usage. Here’s how.
In today's rapidly evolving AI landscape, the imperative is clear: organizations must accelerate agent development and rapidly validate what drives business value. Success requires a robust ecosystem of APIs and MCP-enabled tools that empower agents to leverage leading LLMs for mission-critical outcomes without introducing excess governance risks and/or costs.
Today, engineers are spinning up MCP servers left and right. Many organizations have no way to standardize this process and enforce MCP server development best practices around quality, security, visibility, and resilience. This, as you might anticipate, leads to buggy, risky MCP server development and exposure. And it means more time and money eventually spent debugging and mitigating serious incidents.
Kong AI Gateway eliminates this friction entirely with our new MCP server generation capability. With Kong AI Gateway, you’re able to take any existing Kong-managed REST API and generate a remote MCP server (hosted by Kong) so that agents, AI coding tools, and other AI applications can better consume the functionality of your existing APIs as tools.
But, it's much more than just server generation. We’ve already talked about how enabling server generation without the ability to enforce standards and guardrails at the moment of generation can lead to more problems than it ever solves.
This is where the AI Gateway truly helps.
By offloading MCP server generation responsibilities to Kong AI Gateway, you can use Kong’s policy/plugin engine and automation solutions to automatically apply security and observability for every single MCP server that is generated from your REST APIs, eliminating the governance issues associated with today’s disparate MCP server development sprawl.
Organizations can now transform their existing API infrastructure into MCP-compatible tools instantly, without writing a single line of server code or managing deployment complexity. This native integration accelerates agent development cycles from weeks to minutes without the future risk of serious security, quality, cost, or resilience issues, allowing teams to focus on what truly matters: building intelligent agents and AI applications that deliver measurable business value.
And that’s just the beginning of our MCP Gateway. Read on to learn more about the new OAuth policy/plugin and MCP observability, plus some hints about what's coming next.
Security has been one of the most significant barriers to MCP adoption in enterprise environments. The MCP specification was initially released without a comprehensive authentication framework, creating critical vulnerabilities that left organizations unable to safely deploy MCP servers at scale.
Fortunately, in June 2025, the official MCP specification introduced OAuth support, establishing that MCP servers should function as OAuth Resource Servers and delegate authentication and token issuance to separate Authorization Servers.
Kong AI Gateway's new OAuth 2.1 implementation, available in version 3.12, fully aligns with this specification by positioning Kong as the OAuth Resource Server in the MCP authentication flow.
This native integration means that Kong not only enforces authentication standards but also serves protected resource metadata directly to MCP clients, eliminating the need for custom authentication logic in each individual MCP server.
The impact of this centralized approach is transformative for enterprise deployments. As organizations build growing ecosystems of MCP tools — whether hand-coded or auto-generated from APIs — each one requires proper security to ensure MCP clients are authenticated when accessing sensitive data and services.
Rather than burdening developers with implementing OAuth for every MCP server they create, Kong's OAuth plugin secures all MCP servers simultaneously at the gateway level with a single configuration. This centralization dramatically reduces security risk, accelerates deployment timelines, and ensures consistent authentication policies across the entire MCP ecosystem. For enterprises navigating the complexity of agentic AI adoption, Kong's MCP Auth implementation provides the production-grade security foundation that makes large-scale MCP deployments viable.
Kong is solving for MCP server generation consistency and AuthN, but that’s not all that an organization needs to be aware of. Whether in development and test for preparation’s sake or in prod, organizations also need dedicated MCP observability.
Without comprehensive observability, platform teams operate blindly, unable to track which tools agents are invoking, identify performance bottlenecks, or understand the resource consumption patterns that drive LLM costs.
Kong AI Gateway 3.12 introduces purpose-built MCP traffic observability that brings the same level of monitoring rigor to MCP servers that enterprises have long expected for traditional APIs. The platform provides granular tracking of tool usage patterns, enabling teams to understand which MCP capabilities agents rely on most heavily and identify underutilized servers that may be candidates for deprecation. Equally important, Kong captures prompt and completion sizes flowing through MCP interactions, surfacing the context bloat that drives unnecessary LLM expenses and degrades agent performance.
Beyond usage analytics, Kong's observability framework delivers real-time performance monitoring of MCP servers themselves. Teams gain visibility into latency metrics, error rates, and throughput patterns across their entire MCP ecosystem, enabling proactive identification of performance degradation before it impacts agent reliability. This telemetry integrates seamlessly with existing observability stacks, providing platform teams with a unified view of their agentic infrastructure.
For organizations managing dozens or hundreds of MCP servers across development and production environments, this level of visibility transforms MCP from an opaque black box into a fully instrumented, governable component of the AI infrastructure stack, which is essential for maintaining service-level objectives and optimizing both performance and cost at scale.
With this new level of MCP observability, organizations can continue to further centralize and standardize how they capture monitoring and observability metrics for their APIs, event streaming, and AI-powered applications. Of course, you can see these metrics and dashboards native in Konnect as well as in your enterprise-wide SIEM and observability tooling.
Kong AI Gateway 3.12 marks just the beginning of our MCP Gateway journey. While we won’t reveal too much just yet, we’d like to share a glimpse into the product areas we’re actively developing for upcoming releases.
Rest assured, there's much more coming, but we wanted to give you little insight into where we're going in the near future. If you’ve got any questions or requests for our MCP Gateway, please reach out to your Kong CSM or point of contact.
Kong’s MCP Gateway is a part of our larger AI Gateway offering and is an enterprise-only solution that leverages paid plugins. You can use the MCP Gateway functionality in both Kong Gateway Enterprise for fully self-hosted deployments and in Kong Konnect for hybrid and cloud deployments where you also get the value of Konnect’s Developer Portal, Service Catalog, Advanced Analytics, and more.
If you want to try the new MCP Gateway, either reach out to your CSM or a known point of contact at Kong — or book a demo to explore an enterprise POC.
Kong AI Gateway isn’t just an MCP Gateway. It started as and continues to be the most advanced and feature-rich LLM Gateway on the market.
And this is crucial for both MCP and LLM use cases, and both will rely on each other and both are critical parts of the AI data path that need building, running, discovering, and governing.
We’ve already discussed our MCP updates. Now it’s time to turn attention to the breakthrough new LLM Gateway value that was added in 3.12 with the new LLM as a Judge policy/plugin, GCP Model armor integration, and more. Let’s dig in!
As organizations deploy AI applications and agents at scale, ensuring output quality and safety becomes paramount. However, traditional rule-based validation struggles to evaluate the nuanced, natural language responses that LLMs generate. The "LLM as a Judge" approach addresses this by leveraging a separate LLM instance to assess the quality, accuracy, relevance, and safety of primary LLM outputs before they reach end users or trigger downstream actions.
This approach enables sophisticated evaluation criteria that would be impractical to encode as static rules: detecting hallucinations, verifying logical consistency, assessing tone appropriateness, and identifying potential policy violations. The trick here is governance. Like any other best practice and approach, “LLM as a Judge” must be implemented across the organization consistently to drive the most value and deliver maximum LLM confidence – something that will only become more and more important in an MCP, AI agent, and AI coding assistant world.
Your team now has the power of this consistency in your Kong AI Gateway with the new LLM and a Judge policy/plugin. When enabled, Kong AI Gateway will leverage a third-party LLM to evaluate responses from proxied LLMs to determine quality. From here, the AI Gateway can:
And it can do all of this consistently and without sacrificing velocity by designing and enforcing "LLM as a Judge policy" as automated guardrails leveraging Kong’s industry-leading automation solutions.
Google Cloud's Model Armor represents a significant advancement in enterprise AI safety, providing sophisticated content filtering, PII detection, and adversarial attack prevention specifically designed for production LLM deployments.
Kong AI Gateway's new native integration with Model Armor enables organizations to leverage Google's enterprise-grade safety controls without building custom middleware or introducing additional latency into their AI workflows. This integration is particularly valuable for enterprises already invested in the Google Cloud ecosystem, as it allows security policies configured in Model Armor to be enforced consistently across all LLM traffic flowing through Kong — whether targeting Google's Vertex AI models or third-party providers.
By centralizing Model Armor enforcement at the gateway layer, organizations gain unified protection across their entire multi-model AI infrastructure while maintaining the flexibility to apply differentiated safety policies based on use case, user context, or compliance requirements.
While the LLM as a Judge policy and Model Armor integration top the list of LLM Gateway highlights, we introduced more important functionality in AI Gateway 3.12:
If you aren’t already investing in an AI Gateway strategy, you’re likely behind others in your space. Luckily, Kong offers what you need to get started and rapidly ship AI workflows into production. If you want to learn more, check out the AI Gateway docs or reach out to your main Kong’s point of contact. We look forward to working with you and seeing what AI applications and agents you build on top of Kong’s advanced LLM and MCP infrastructure.
We aren’t just building MCP support into the AI Gateway. We’ve also announced brand-new MCP support across other areas of Konnect that we highly recommend you check out.
Check out the blog and webpage, or reach out to your Kong point of contact to learn more.
As of September 2025, Kong Gateway Enterprise 3.8 will enter its End Of Life (EOL) phase and will no longer be fully supported by Kong. Following this, Kong Gateway Enterprise 3.8 will enter a 12-month sunset support period, focused on helping cus
We're very excited to announce Kong Mesh 2.12 to the world! Kong Mesh 2.12 delivers two very important features: SPIFFE / SPIRE support, which provides enterprise-class workload identity and trust models for your mesh, as well as a consistent Kuma R
Ever feel like you're fighting an uphill battle with your API strategy? You're building APIs faster than ever, but somehow everything feels harder. Wasn’t API-first supposed to make all this easier? Well, you're not alone. And now industry analys
It’s been almost a year since we released our Konnect Terraform provider . In that time we’ve seen over 300,000 installs, have 1.7 times as many resources available, and have expanded the provider to include data sources to enable federated managem
Kong-quer the Agentic AI Hackathon 🚀 Calling all builders, tinkerers, and API innovators. The Kong Hackathon is back for API Summit 2025 ! This year, we’re challenging developers worldwide to create projects that don’t just react, they think , a
In the last two parts of this series, we discussed How to Strengthen a ReAct AI Agent with Kong AI Gateway and How to Build a Single-LLM AI Agent with Kong AI Gateway and LangGraph . In this third and final part, we're going to evolve the AI Agen
In my previous post, we discussed how we can implement a basic AI Agent with Kong AI Gateway. In part two of this series, we're going to review LangGraph fundamentals, rewrite the AI Agent and explore how Kong AI Gateway can be used to protect an LLM