---
title: "AI Gateway — Control LLM Traffic"
description:
  "One gateway for REST, LLMs, and MCP. Route models, cache semantically, block
  prompt injections, and cap dollar spend — on the same policy engine that runs
  your APIs."
canonicalUrl: "https://zuplo.com/ai-gateway"
sourceUrl: "https://zuplo.com/ai-gateway"
pageType: "product"
generatedAt: "2026-04-23"
---

# One Gateway for REST, LLMs, and MCP.

> Put every LLM call through the same policy pipeline that runs your APIs.
> Multi-provider routing, semantic caching, prompt injection protection, and
> dollar budgets — all OpenAPI-native, deployed via GitOps.

- [Start for free](https://zuplo.com/signup)
- [Read the docs](https://zuplo.com/docs/ai-gateway/introduction)

## Built for LLM traffic, governed like an API.

### Multi-provider routing

Route to OpenAI, Anthropic, Gemini, and Mistral through one endpoint. Swap
providers in config, not code.

### Semantic caching

Cache responses by vector similarity, not exact match. Cut latency and spend on
repeated prompts.

### Prompt injection protection

Block malicious instructions before they reach your model. Fully configurable
via the `prompt-injection-outbound` policy.

### Secret masking

Redact API keys, emails, and other sensitive values from responses with the
`secret-masking-outbound` policy.

### Dollar budgets, per team

Set hierarchical spend limits in USD for each team. Requests halt when the
budget is hit — no overspend.

### Observability & tracing

Stream every request to Galileo, Comet Opik, or your own collector. Inspect
latency, tokens, and cost per call.

## Route to the right model, every time.

Map routes to OpenAI, Anthropic, Gemini, or Mistral. Override the target in
policy per-request, per-tenant, or per-API-key. Teams keep the same SDK
integration while platform teams control cost and availability.

- Declarative provider mapping in `zuplo.json`
- Per-route model selection via OpenAPI extensions
- Drop-in compatibility with OpenAI SDK `baseURL`
- Works with Claude Code, Cursor, LangChain, Goose

## Swap the base URL. Keep your SDK.

Point any OpenAI-compatible client at your Zuplo gateway and policies take over.
No new SDK to learn.

```typescript
// Keep your existing OpenAI SDK — just swap the base URL
import OpenAI from "openai";

const client = new OpenAI({
  baseURL: "https://your-org.zuplo.app/v1",
  apiKey: process.env.ZUPLO_AI_KEY, // your Zuplo key, not OpenAI's
});

const response = await client.chat.completions.create({
  model: "gpt-4o",
  messages: [{ role: "user", content: "Summarize our Q1 sales data." }],
});
```

## Not a standalone AI box — part of one API platform.

The AI Gateway runs on the same policy engine, the same auth modules, and the
same GitOps pipeline as your REST and MCP APIs. One bill. One pane of glass.
When your AI product graduates from prototype to production, the gateway already
knows how to run it.

- [See every policy](https://zuplo.com/docs/policies)
- [Explore the full AI platform](/ai)

## Related

- [AI platform overview](/ai.md)
- [Compare AI gateways — Kong AI Gateway alternative](/api-gateways/kong-alternative-zuplo.md)
- [MCP Gateway](/mcp-gateway.md)