Considering AI Gateway alternatives?

Enterprises need a unified platform that manages both APIs and AI services with consistent policies, rather than siloed tools.

• Kong: Provides full API + AI management in one control plane, with policies, governance, and visibility spanning all APIs and LLMs — reducing silos and simplifying platform operations.
• LiteLLM: Focused narrowly on proxying AI calls; lacks full API management lifecycle features such as tiered plans, developer onboarding, or consumer analytics.
• Portkey: Strong AI routing and analytics, but does not cover broader API lifecycle management (APIs, products, versioning).
• Databricks Mosaic: Primarily manages Databricks-hosted models; no API productization or API consumer management.
• Solo Gloo: Kubernetes-native gateway; can manage APIs and AI endpoints inside of K8s, but lacks multi-cloud or non-K8s API lifecycle breadth.
• Google Apigee: Extends mature API management to AI, applying the same governance, quotas, and analytics to LLMs. AI-specific features are accessed through Vertex AI and Model Armor rather than within Apigee itself.
• AWS Bedrock: Provides a single entry point for AWS-hosted models and third-party providers. However, it lacks a broader control plane for APIs, policy federation, and multi-team governance.
• Azure: Extends existing API management with GenAI-specific policies like token limits, semantic caching, and telemetry. However, AI-specific governance is fragmented across Azure API management, Foundry, and Cognitive Services.

AI adoption at scale requires deep visibility into usage and spend. Without built-in observability, teams risk runaway costs, compliance gaps, and lack of accountability. AI Gateways should provide metrics (tokens, latency, cost) broken down by model, provider, team, or endpoint — and make them easy to act on.

• Kong: Provides native AI analytics in Kong Konnect: per-model/provider/team token usage, latency, and cost — all alongside API traffic in a single pane. Integrates with OTel for export, and includes advanced tool-call analytics, budget alerts, and cost controls to prevent overruns.
• LiteLLM: Exposes basic metrics (token counts, latency, cost) via OpenTelemetry; enterprises often need to plug into their own observability stack (Grafana, Datadog, etc.) for deeper cost tracking. Governance around per-team cost allocation is limited.
• Portkey: Offers a dedicated analytics suite with filters by model, cost, tokens, latency, metadata, and time range. Includes developer feedback loops, but lacks a unified single-pane view across both AI and traditional APIs.
• Databricks Mosaic: Includes inference tables and usage tracking, but logs can take up to an hour to appear, limiting real-time visibility. Cost attribution tied to Databricks billing makes fine-grained team allocation difficult. Usage tracking, logging, and guardrails are add-on paid features.
• Solo Gloo: Provides token and usage visibility through Envoy/Kubernetes metrics. Can track consumption by model, provider, or namespace, but requires custom dashboards via Prometheus/Grafana to visualize per-team or per-endpoint spend.
• Google Apigee: Provides token usage, latency, and error metrics in Apigee analytics, plus budget enforcement and semantic cache reports. However, native analytics can typically lag by ~10 minutes, and fine-grained AI observability across models or teams requires external services like Looker Studio.
• AWS AgentCore: Surfaces observability through CloudWatch dashboards and logging. However, monitoring is AWS-siloed, with no unified MCP analytics or cross-vendor cost governance for multi-cloud AI workloads.
• Azure: Integrates with Application Insights, Azure Monitor, and Event Hub to track token usage, latency, and budgets. Foundry provides developer-level dashboards on model usage and token consumption, but cloud-cost attribution is not built-in. On-premises deployments require the local equivalents of these observability tools.

As LLM adoption grows, organizations will need to process millions of requests reliably, with minimal latency and predictable throughput. A performant gateway not only reduces costs by optimizing traffic and caching responses, but also ensures customer-facing applications are responsive, with accurate results. Poor performance at the gateway layer can amplify downstream costs, increase latency for end-users, and ultimately limit the scalability of AI initiatives.

• Kong: Benchmark-proven leader: 859% faster vs LiteLLM, 228% faster vs Portkey, with semantic caching + token-aware rate limiting (source).
• LiteLLM: Proxy-only; benchmarks show Kong is 859% faster throughput and 86% lower latency (source).
• Portkey: Provides caching/routing, but Kong outperformed it by 228% throughput and 65% lower latency (source).
• Databricks Mosaic: No external benchmarks published. Monitoring is delayed, with inference table logs taking up to an hour to appear.
• Solo Gloo: Envoy-based; strong in K8s but no AI-specific performance features published.
• Google Apigee: Apigee X and Hybrid are Envoy-based, while legacy Apigee Edge is Java-based with higher latency. No AI-specific performance benchmarks are published; performance depends on applied policies, routing complexity, and GCP integrations.
• AWS AgentCore: AgentCore enables long-running, large-payload agents (~8h/100MB). Meanwhile, AWS API Gateway times out at 30s and 10MB, making it unsuitable for AI-scale APIs.
• Azure: Supports autoscaling and caching to handle load. However, it is documented that scale-out changes can often take 15+ minutes, and published resource limits (v2 tiers) constrain throughput headroom.

For a self-serve platform to succeed, runtime provisioning needs to be simple, consistent, and adaptable to different enterprise environments. Provisioning should support multiple deployment models — self-hosted, hybrid, or cloud-native — while giving teams the ability to roll out infrastructure quickly across monolithic, microservices, and multi-cloud environments.

• Kong: Kong provides flexible deployment options with a setup script generated directly in the Konnect control plane, tailored for the chosen runtime environment. Connections between control and data planes are secured with mTLS. Cloud deployments are fully configurable and can be provisioned across multiple regions and providers, enabling self-service onboarding for a variety of teams. This flexibility ensures consistent and secure provisioning across hybrid, multi-cloud, Kubernetes, VM, and bare-metal environments.
• LiteLLM: Provisioning is entirely manual and configuration-driven. Teams must set up LiteLLM as a proxy, configure environment variables, and maintain the routing logic themselves. There is no control-plane integration, automation workflow, or self-service provisioning experience for new teams. As a result, it can be challenging to implement consistency and repeatability across environments.
• Portkey: Provisioning is limited to AI routing rules and integrations defined through its dashboard or APIs. While this makes it relatively straightforward to onboard an AI provider, it does not extend to broader gateway provisioning or automated rollout of policies across environments. Enterprises that want to enforce standardized runtime deployments must rely on external automation or manual configuration, making Portkey more of a point solution than a platform.
• Databricks Mosaic: Gateways cannot be deployed independently outside Databricks workspaces. Limited to managed deployments in AWS, Azure, or GCP — with no on-premises or private data center option. All workloads are tied to Databricks infrastructure, restricting hybrid and multi-cloud flexibility.
• Solo Gloo: Provisioning is handled entirely through Kubernetes CRDs. While this provides strong declarative control for Kubernetes-native teams, it is YAML-heavy and requires significant Kubernetes expertise. For teams outside Kubernetes, the process is more complex. There are no turnkey setup scripts or multi-cloud runtime provisioning workflows, and consistency is limited to what Kubernetes itself enforces.
• Google Apigee: Provisioned as a managed service (Apigee X) or via Hybrid (control plane in GCP, runtimes in Kubernetes). Deployment is tied to Google Cloud, with no turnkey air-gapped provisioning.
• AWS AgentCore: Provides a simple launch flow for deploying agents within AWS. However, deployments are AWS-only, and extending to hybrid or multi-cloud environments requires extra tooling and manual setup.
• Azure: Supports SaaS, hybrid, and containerized gateways. However, there is no turnkey deployment for on-prem or multi-cloud provisioning.

IaC ensures consistency across environments, while APIOps shifts governance left into CI/CD pipelines. Automation is crucial to enforce governance across the AI and API lifecycle. Without various and in-depth automation offerings, teams will be left to slow, error-prone manual work.

Many organizations eventually make the decision to move from a “click ops” approach to an infrastructure-as-code approach. This approach requires platform and infrastructure teams to be able to automate the various actions typically done within the GUI and ensure that certain guardrails are in place so that every step of the API lifecycle is compliant with their organizations’ various policies and procedures.

For example, the team taking an IaC approach to API deployment and publishing might set up a series of automated steps that result in every API always being deployed with:

• A gateway in front of them
• Gateway policies configured (i.e., rate limiting, authorization, etc.)
• Publishing to a developer portal with documentation

The application of these kinds of practices within your larger API strategy is often referred to as APIOps, and this is one area where Kong has an advantage over every other API management solution in the space.

• Kong: Built from the ground up for declarative configuration and automation. Kong offers support for declarative config via our Gateway operator (Kubernetes Operator) for Kube-native teams or our decK CLI and/or Terraform provider for non Kube-native teams. Kong's Admin API works for all supported versions of Kong control planes and data planes, is well-documented, and easy to start with.
• LiteLLM: Offers some API endpoints, but automation and IaC offerings are limited. Because they don’t offer API Platform functionality, they have no automation and IaC tooling for the entirety of the AI API lifecycle. The API also forces imperative config, which might not be suitable for many organizations–especially those that are Kubernetes-native and prefer declarative config.
• Portkey: Offers some API endpoints, but automation and IaC offerings are limited. Because they don’t offer API Platform functionality, they have no automation and IaC tooling for the entirety of the AI API lifecycle. The API also forces imperative config, which might not be suitable for many organizations–especially those that are Kubernetes-native and prefer declarative config.
• Databricks Mosaic: No declarative IaC. Configuration is handled via UI or Python client, with limited automation support. Many policies remain UI-only, and there is no GitOps alignment.
• Solo Gloo: CRD-driven and GitOps-friendly, but only for K8s. For organizations operating in hybrid or multi-cloud environments that include VMs, serverless, or non-K8s workloads, this model becomes restrictive.
• Google Apigee: Supports IaC via Admin APIs, Terraform, Maven plugins, and Kubernetes manifests, with CI/CD through Cloud Build. Automation is viable but fragmented, relying on XML/JSON-heavy policies and manual setup for AI-specific workflows.
• AWS AgentCore: Provides SDK/CLI support for automation. However, there’s no turnkey Terraform or cross-cloud IaC support.
• Azure: Supports IaC through ARM, Bicep, and Terraform. However, with management APIs deprecated, automation is tied to ARM’s resource-centric RBAC model, which can add operational complexity.

A modern gateway must be extensible — allowing organizations to add features, integrate systems, and enforce policies without rewriting infrastructure.

• Kong: Delivers extensibility with a proven plugin framework, supporting 100+ policies and integrations spanning security, observability, traffic control, and AI.
• LiteLLM: Minimal extensibility beyond Python code; lacks plugin ecosystem.
• Portkey: Closed system; enterprises are limited to what Portkey builds.
• Databricks Mosaic: Extensibility confined to Databricks services and Python SDK.
• Solo Gloo: Good extensibility within Kubernetes using CRDs and Envoy filters; limited outside K8s.
• Google Apigee: Extends API management functionality through policies (e.g., ServiceCallout) and AI-focused policies such as semantic caching. For advanced security, Apigee integrates with external services like Model Armor, keeping extensibility tied to GCP.
• AWS Bedrock: Extensibility comes through managed features like guardrails, model routing, and RAG knowledge bases, however, enterprises can’t add custom extensions at the gateway layer.
• Azure: Enables extensibility with custom XML policies and Azure-native integrations like Monitor and Key Vault. While effective in Azure environments, this framework lacks the portability enabled by plugin-driven frameworks.

Protocol mediation in an event gateway enables HTTP-based applications to still garner the benefit of access to real-time data, even if that real-time data is locked down inside of an event broker that does not communicate over HTTP.

• Kong: Kong Gateway can be used as an event gateway that exposes event broker resources (i.e., Kafka broker) as HTTP-based event APIs, such as REST APIs and server-sent event APIs. You can also use Kong Gateway to enforce policies to shape event-based API traffic.
• LiteLLM: No native support in LiteLLM.
• Portkey: No native support in Portkey.
• Databricks Mosaic: No native support in Databricks.
• Solo Gloo: Gloo Gateway can be extended to act as an Event Gateway, such as exposing Kafka brokers over HTTP via an event-driven proxy pattern. However, this requires using Gloo in combination with a Kafka HTTP bridge or REST proxy.
• Google Apigee: Does not provide a native Event Gateway. Apigee can front event APIs over HTTP and apply standard API policies, but lacks dedicated event mediation or event-native abstractions.
• AWS AgentCore: Relies on AWS API Gateway and EventBridge for event routing. These services may work well within AWS, but they don’t provide unified governance across non-AWS platforms.
• Azure: The API Management offering can expose event APIs (HTTP/SSE) and apply policies, but it lacks a dedicated Event Gateway. Real-time streaming requires integration with Event Hub, Event Grid, or Service Bus, adding complexity for unified governance.

Service meshes are key infrastructural components for organizations that want to govern and implement zero-trust security across microservices-based, service-to-service communication.

• Kong: Yes, Kong provides Kong Mesh (based on Kuma and Envoy). It enables organizations to deploy a service mesh that is multi-cloud, multi-cluster, and supports both Kubernetes and VM-based workloads. Kong Mesh delivers zero-trust security, advanced traffic routing, observability, and policy enforcement with a simpler operational model compared to Istio — giving enterprises a more flexible and scalable service mesh solution.
• LiteLLM: No, LiteLLM does not provide a service mesh.
• Portkey: No, Portkey does not provide a service mesh.
• Databricks Mosaic: No, Databricks does not provide a service mesh.
• Solo Gloo: Yes, Solo offers Gloo Mesh, an Istio-based service mesh. It provides mTLS, traffic routing, observability, and policy enforcement across Kubernetes clusters. While powerful for K8s-native teams, it inherits Istio’s operational complexity and is less accessible for non-Kubernetes environments.
• Google Apigee: No native service mesh, but Google will likely recommend Anthos Service Mesh (Istio-based) for service-to-service connectivity.
• AWS AgentCore: No built-in service mesh, but AWS will likely recommend ECS Service Connect.
• Azure: No native service mesh integrated with the API management offering. However, Azure offers an Istio-based service mesh add-on for AKS.

Developer portals accelerate onboarding, self-service, and internal/external adoption of APIs and AI models.

• Kong: Offers multi-portal flexibility with support for distinct identity providers, enabling tailored experiences across business units. It combines highly customizable, branded content using markdown components with fine-grained visibility controls powered by RBAC and IdP integrations. Developers benefit from modern, auto-generated OpenAPI and AsyncAPI docs with built-in “try it” functionality, while integrated analytics provide actionable insights across APIs, versions, developers, and applications.
• LiteLLM: No developer portal; onboarding is manual.
• Portkey: Offers dashboards, but no API/AI developer portal.
• Databricks Mosaic: No dedicated portal; developers interact via UI or Databricks notebooks.
• Solo Gloo: Basic YAML-driven portal; optional Backstage integration but not enterprise-grade.
• Google Apigee: Provides an integrated developer portal for API products with documentation, quotas, and monetization. AI model endpoints can also be published as products.
• AWS Bedrock: No vendor-managed developer portal solution.
• Azure: Provides a built-in portal for API onboarding and AI endpoints. However, enterprises that need more than one portal must self-host and manage it as a standalone app. Its coupling to Azure identity also limits multi-tenant and external developer scenarios.

A catalog provides visibility into available APIs, models, and tools, with ownership, versioning, and access policies.

• Kong: Full API/AI service catalog with ownership, dependencies, compliance scoring. The Kong Service Catalog offers an automated solution for generating a comprehensive catalog of all services running in your organization. By integrating with both Konnect-internal applications, like Gateway Manager and Mesh Manager, as well as external applications like GitHub and PagerDuty, Service Catalog provides you with a 360 overview into each of your organization’s services. It presents you with information that includes who the service’s owner is, its upstream and downstream dependencies, its code repositories, its CI/CD pipelines, and whether it is fronted by an API gateway or is part of a service mesh.
• LiteLLM: No support for service catalog.
• Portkey: Provides a Model Catalog for AI models, but not for APIs.
• Databricks Mosaic: Unity Catalog for data, but no API/AI service catalog.
• Solo Gloo: No built-in catalog, but can integrate with Backstage.
• Google Apigee: Apigee has no direct equivalent to Kong’s service catalog. They have tangentially related services like the API hub that acts as a repository and governance tool for all APIs within an organization, but fails to integrate with 3rd party services—limiting how much context and governance can be provided.
• AWS AgentCore: Tool discovery is supported, but there’s no unified catalog spanning APIs, models, and services.
• Azure: The Azure API Center and API management offerings can catalog APIs for discovery and subscriptions, and MCP servers can also be registered. However, AI models and MCP tools are managed separately, without a unified cross-cloud catalog for enterprise-wide visibility.

An organization needs to know and trust the vendors they rely on. Enterprises should evaluate not just features, but also vendor maturity, global support presence, compliance posture, and proven ability to sustain mission-critical deployments over time.

• Kong: 24/7/365 globally distributed support team along with professional services (architects + field engineers) and local customer success & account managers.
• LiteLLM: Operates with a very small team and community-driven support model (e.g., Slack/Discord). Enterprises may find this level of support and compliance maturity insufficient for mission-critical deployments. Past security missteps, such as exposed user information, further underscore concerns around enterprise readiness (source).
• Portkey: Enterprise support offered, however, Portkey is still a company with less than 20 employees, and is unproven.
• Databricks Mosaic: Missing enterprise features such as advanced secret management, unified security policies, and automated governance. Requires additional charges for usage tracking, guardrails, and logging. Monitoring/logging latency (up to an hour) and mandatory Unity Catalog control plane increase vendor lock-in risk.
• Solo Gloo: Venture-backed company with Kubernetes-native expertise and a portfolio of Envoy/Istio-based products. Gloo AI Gateway is relatively new and tightly tied to Kubernetes expertise; lacks the global scale, breadth of deployment models, and federated enterprise support of larger platforms.
• Google Apigee: Enterprise maturity proven for API management, but AI-specific governance, guardrails, and observability still rely on adjacent GCP services like Model Armor and Vertex AI.
• AWS AgentCore: Benefits from AWS operational maturity, but expect some constraints while AgentCore is still in preview.
• Azure: The AI offering is backed by Microsoft’s global support infrastructure and SLAs, however, API/AI support issues may escalate through general Azure support paths rather than domain experts.