How is Zuplo's MCP Gateway different from Arcade.dev's runtime?

Zuplo is a programmable API and MCP gateway built on a TypeScript runtime that runs on the managed edge, on your dedicated cloud, or on your own Kubernetes cluster. Every MCP request passes through policies you write as code — OAuth 2.1 inbound, RFC 8707 resource-indicator validation, per-user OAuth brokering to upstreams, capability filtering, prompt injection detection, and secret masking. Arcade is a US-only SaaS MCP runtime focused on a curated tool catalog (~145 MCP servers, thousands of tools) with per-user OAuth handled inside their closed-binary Engine. Custom policies on Arcade are external webhooks ("Contextual Access hooks") that you host and operate yourself, with a default 5-second timeout per call. Both products solve the same enterprise problem from different angles — Zuplo's wedge is code-first programmability, multi-cloud deployment, and a full API gateway on the same runtime.

Can I keep Arcade and put Zuplo in front of it?

Yes. Some teams use Arcade for its pre-built tool catalog and put Zuplo in front for governance — OAuth 2.1 inbound, RFC 8707 resource indicators, capability filtering, audit-grade analytics, and the dollar budgets / token rate limits from Zuplo's AI Gateway. The Arcade Engine becomes one more upstream MCP server registered in your Zuplo project. This is a common interim posture before consolidating to Zuplo entirely at the next renewal.

Why does Arcade Cloud only run in the United States?

Per Arcade's deployment docs , "all of Arcade Cloud's infrastructure is located in the United States, including data storage and processing." There is no EU region, no APAC region, no multi-region SaaS option. The documented answer for non-US residency is "deploy Arcade on-premises or in your preferred cloud region using a self-hosted deployment" — but self-hosted Kubernetes is an Enterprise-tier offering and the Engine itself ships as a closed binary, not buildable from source. Zuplo's Managed Dedicated tier deploys single-tenant on AWS, Azure, GCP, Akamai Connected Cloud, or Equinix with explicit region pinning for sovereignty and data residency.

What about Arcade's argument that gateways are not the right control point?

Arcade's framing — "the gateway era was defined by the proxy as the control point; the agentic era is defined by the runtime" — is a real argument. But it is also a category-defining argument made by a vendor whose product is in that category. In practice, Zuplo's MCP Gateway is the runtime layer for MCP traffic: it terminates the inbound OAuth 2.1 flow, evaluates per-user authorization, resolves the upstream credential from the encrypted vault, applies capability filtering, and forwards the JSON-RPC call. The control plane and the runtime live on the same TypeScript edge. The difference is that Zuplo's runtime is programmable in code, multi-cloud, and runs on the same platform as your APIs — and Arcade's runtime is a closed binary in a US-only SaaS.

How does pricing compare?

Zuplo prices on API gateway traffic. Free includes 100K requests/month with 5 environments, 100 consumers, and 1K MCP tool calls; Builder is $25/month with up to 1M requests, 10 environments, and 10K MCP tool calls; Enterprise starts at $1,000/month on annual contract with 99.5% SLA at entry, up to 99.999% available, and volume discounts past 1M requests. Arcade meters three things separately: user "challenges" (auth events), tool executions (split into Standard $0.01 each and Pro $0.50 each past included quotas), and hosted MCP server hours ($0.05/hour past one free server). The Arcade $25/month Growth tier includes 600 challenges, 2,000 Standard executions, and 100 Pro executions; SSO, RBAC, audit logs, and dedicated tenancy are Enterprise-only.

Is the MCP Gateway available today?

The Zuplo MCP Gateway is in private beta as of mid-2026 — onboarding 15 design partners this quarter. The MCP Server handler (OpenAPI-to-MCP conversion) is GA on every tier including Free and is what Finsolutia used to ship a working MCP server in hours. Request MCP Gateway beta access at zuplo.com/mcp-gateway .

Does Zuplo work with my existing identity provider?

Yes. The MCP Gateway ships first-class OAuth presets for Auth0, Amazon Cognito, Clerk, Google, Keycloak, Logto, Microsoft Entra ID, Okta, OneLogin, PingOne, and WorkOS — plus a generic OIDC policy for anything else. SAML SSO is available as an Enterprise add-on across the broader Zuplo platform. Per-user JWT claims from your IDP drive per-team and per-tenant authorization at the gateway edge via request.user.data , accessible from any policy or handler.

Can I self-host Zuplo?

Yes. Self-Hosted Zuplo runs on any Kubernetes cluster, deployed via Helm chart, in either Hybrid mode (gateway self-hosted, shared services like rate limiting still managed) or Full Self-Hosted (everything in your infrastructure). Self-hosting is an Enterprise tier. Managed Dedicated single-tenant on AWS (with VPC integration), Azure (private networking), GCP, Akamai Connected Cloud, Equinix, or TerraSwitch is also an Enterprise option, with explicit region pinning for sovereignty. Arcade's self-hosted option is also Enterprise-tier and ships as a closed Engine binary via Helm chart and Docker image — not source-buildable.

API Gateway Comparisons

Zuplo vs
Arcade.dev

Q: What happens to my custom tools when I migrate from Arcade?

Custom tools you authored with arcade-mcp-server (Python) re-author as TypeScript MCP tools using @zuplo/mcp , which is an open-source, fetch-API-based, remote-server-first MCP SDK on npm. For APIs you own, the MCP Server handler auto-generates an MCP server from your OpenAPI specification — Finsolutia stood up a working MCP server in under 24 hours with zero code changes to their existing REST APIs. If your custom tools are deeply tied to Python (e.g. complex LangChain orchestration inside the tool body), the pragmatic migration pattern is to keep the Arcade Engine running as one more upstream MCP server registered behind Zuplo until renewal forces a consolidation.

Q: Does Zuplo collect my tool inputs and outputs for ML training?

No. Zuplo does not train models on customer payloads. Arcade Cloud, by default, collects "tool queries, tool execution inputs, and tool execution results" for ML training with retention up to 5 years; opt-out is org-level and takes effect immediately, but the default is opt-in. For workloads handling Stripe payloads, Salesforce records, HubSpot CRM data, or Microsoft 365 content, this is a non-trivial default to inherit. (Source: Arcade Cloud docs .)

Q: How do audit logs compare?

Zuplo emits typed analytics events across the MCP request lifecycle — mcp_request , capability_invocation , auth_event — with seven outcome classes per event and a common dimension set ( subjectId , upstreamServerId , capabilityName , latencyMs , reasonCode , failureOrigin ). Logs export to Datadog, AWS CloudWatch, Dynatrace, Google Cloud Logging, Loki, New Relic, Splunk, Sumo Logic, or any OTLP-compatible destination on all paid tiers. The Audit Logs add-on for control-plane management actions is Enterprise. Arcade's audit logs cover administrative actions only — the documented audit-log REST API has no TOOL_CALL resource type — and audit logs themselves are Enterprise-tier-only.

SOC 2 Type II
99.999% SLA
300+ edge locations

The Independent, Code-First MCP Gateway Teams Choose Over a US-Only, Closed-Runtime Tool Catalog

Talk to an Architect Compare with AI

Feature

Zuplo

Arcade

Product Category and Architecture

Deployment Model and Data Residency

Audit Logs, RBAC, and SSO Tier Gating

Programmable Policies (Code vs. Webhooks)

GitOps and Developer Workflow

Per-User OAuth Brokering and Token Vault

Read the Case Study

What's wrong with Arcade

Arcade's key limitations for modern engineering teams

The forces driving enterprises off Arcade in 2026 — operational tax, plugin sprawl, retrofitted AI, and pricing that doesn't predict.

Arcade Cloud is US-only with no multi-region option

All of Arcade Cloud's infrastructure — control plane, MCP server clusters, data storage and processing — is located in the United States, per the deployment docs. There is no EU region, no APAC region, no managed multi-region SaaS. Teams with sovereignty or residency requirements are pushed to self-hosted Kubernetes — which is itself an Enterprise-tier offering, deployed as a closed binary via Helm chart.

Audit logs, RBAC, and SSO are Enterprise-tier-only

Per the published pricing page, Audit Logs, Role-Based Access Control, SSO, and SAML for the Arcade admin console are all Enterprise-tier features. Hobby and Growth tiers share a single tenant with no isolation. For a product whose entire pitch is enterprise authorization, basic enterprise governance starts at a sales call.

Tool training data collection is opt-out by default

Arcade Cloud collects tool queries, tool execution inputs, and tool execution results for ML training by default, with retention up to 5 years. Opt-out is org-level and takes effect immediately — but the default is opt-in. For regulated workloads handling customer payloads through tools like Stripe, Salesforce, or HubSpot, this is a non-trivial default to inherit. (Source: Arcade Cloud docs.)

Engine is a closed binary and tools went closed-source in July 2025

The Arcade Engine is distributed as a closed Docker image and binary — not source-buildable. On July 25, 2025 Arcade transitioned most MCP server source code out of the public arcade-ai monorepo to closed-source, with source "available upon request" only for paying customers (per the public changelog). The OSS framework (arcade-mcp) remains MIT-licensed, but the runtime and tool catalog you actually depend on are not.

Hooks are webhooks, not in-process policies

Arcade's Contextual Access extensions (Access, Pre-Execution, Post-Execution) are external webhooks that you host yourself, with a default 5-second timeout per call. Every PII redaction, allow/deny check, or payload transform adds webhook round-trip latency. There is no first-party JavaScript or WASM sandbox for policy code — policies are arbitrary code in an HTTP endpoint you operate.

No native GitOps or PR preview environments

The documented deployment workflow is arcade deploy from the CLI to push a local MCP server to Arcade Cloud. There is no Git-driven promotion model, no per-branch preview environments, and no first-class CI/CD integration. For teams that expect branch = environment, PR = live preview, push = global deploy, the Arcade workflow is a step back.

Why Zuplo

Built for teams replatforming off Arcade.dev

Managed, modern API management with predictable economics across procurement cycles — no operator overhead, no plugin sprawl, no consumption-pricing surprises.

Product Category and Architecture

Programmable gateway with full API surface vs. MCP-only runtime with curated tool catalog.

Deployment Model and Data Residency

Managed edge, dedicated cloud, and self-hosted with region pinning vs. US-only SaaS with self-host as the only non-US path.

Audit Logs, RBAC, and SSO Tier Gating

OIDC SSO and policy controls on all paid tiers vs. governance basics behind an Enterprise sales call.

A solutions architect can walk you through your current Arcade setup, surface the biggest operational tax, and map a migration path — no slide deck required.

Talk to an Architect Evaluate your migration

"We didn't touch a line of code, it's just plug and play. The results were very surprising, in just a couple of hours we had a great result and a fully working MCP Server."

Miguel Madeira

CTO & Co-Founder, Finsolutia

Read the case study

Enterprise ready

Production-ready for regulated and high-volume workloads

Compliance & Audit

SOC 2 Type II audited annually
Third-party penetration test reports available under NDA
GDPR-aligned data processing
Audit logs across the control plane
API governance with policy enforcement

Identity & Access

SAML SSO and SCIM provisioning
Role-based access control across organizations, projects, and environments
Service-account credentials with scoped permissions
API key metadata for downstream authorization

Deployment Flexibility

Managed edge across 300+ locations — global by default
Managed dedicated single-tenant on AWS, Azure, GCP, Akamai, or any major cloud
Self-hosted on Kubernetes with full control plane
Bring-your-own-cloud for data residency requirements

Support & Success

Up to 30-minute response SLA on Enterprise
24/7/365 emergency hotline for critical incidents
Named technical account manager
Architecture and migration professional services

Built for the AI era

Built as a programmable MCP gateway, not a closed-runtime tool catalog

Arcade ships an opinionated, US-only SaaS runtime with a Python-first SDK, a managed tool catalog that went closed-source in July 2025, and webhook hooks for custom policy. Audit logs, RBAC, SSO, dedicated tenancy, and self-hosting are Enterprise-only. Zuplo gives you the same OAuth 2.1 inbound, per-user upstream OAuth brokering, and tool-level RBAC as first-class policies in a TypeScript-programmable gateway that runs on 300+ edge POPs, your dedicated cloud, or your Kubernetes cluster.

OAuth 2.1 with RFC 8707 resource indicators

Zuplo's MCP Gateway is both an OAuth 2.1 Resource Server and Authorization Server. The <code>resource</code> parameter is required on every authorization and token request, and tokens are bound to a specific virtual MCP server — a token minted for one server is rejected at another. PKCE S256 required, RFC 7009 token revocation published at <code>/oauth/revoke</code>. CIMD (OAuth Client ID Metadata Documents) preferred over Dynamic Client Registration for trusted MCP clients like Claude Desktop, Claude Code, and VS Code.

Per-user OAuth brokering with encrypted token vaulting

Each end-user completes the upstream's OAuth flow themselves; the gateway brokers and refreshes their tokens per session with per-user revocation. Refresh tokens are sealed in the gateway vault, encrypted at rest and keyed to the user's subject ID, and never returned to the MCP client. Token passthrough is explicitly forbidden by the MCP spec and enforced — the inbound token a client presents and the upstream token the gateway forwards are never the same token. Works with Linear, Notion, Stripe, GitHub, Grafana Cloud, Microsoft 365, Slack, PostHog, and any OAuth-compliant MCP server.

Virtual MCP servers and capability filtering

Compose multiple upstream MCP servers behind one Zuplo deployment with a curated tool list per role or team. The <code>mcp-capability-filter-inbound</code> policy filters tools, prompts, resources, and resource templates by exact identifier. Calls to hidden tools return JSON-RPC <code>MethodNotFound</code> before the request is forwarded upstream, so even cached tool names can't be invoked. Finance gets a read-only view of Stripe and QuickBooks; engineering gets GitHub and deployment tools — same governance, different exposure.

OpenAPI-to-MCP and programmable TypeScript policies

The MCP Server handler (GA) auto-generates an MCP server from any OpenAPI specification — Finsolutia stood up a working MCP server in under 24 hours with zero code changes to their REST APIs. Custom policies are TypeScript code, not webhook calls, executing in the same edge runtime as the rest of the gateway. Pre and post hooks compose anywhere in the inbound chain alongside the MCP OAuth, token exchange, and capability filter policies.

See it in action

See Zuplo running on your stack

A 30-minute working session with a Zuplo solutions engineer. Bring an OpenAPI spec or a Kong route definition and walk away with a working preview.

Talk to Sales Compare features

Side by side

Feature-by-feature comparison

Feature

Zuplo

Arcade

Product Category and Architecture

Independent, code-first API and MCP gateway built on a TypeScript runtime. Same programmable model handles MCP traffic, AI/LLM routing, and full API management. MCP Gateway in beta with design partners; MCP Server handler (OpenAPI-to-MCP) generally available on every tier including Free.

MCP runtime focused on per-user OAuth brokering and a managed tool catalog. Explicitly argues against the gateway-as-control-point model. Architecturally a closed-binary Engine, a catalog of ~145 MCP servers covering thousands of tools, an MCP Gateway URL that federates them, and webhook hooks for custom policy. (Source: Arcade blog.)

Deployment Model and Data Residency

Managed Edge across 300+ data centers by default. Managed Dedicated single-tenant on AWS (full VPC integration), Azure (private networking), GCP (custom networking), Akamai Connected Cloud, Equinix, or TerraSwitch. Self-Hosted on any Kubernetes cluster via Helm chart. Region pinning available for sovereignty and data residency requirements, including EU and APAC.

Arcade Cloud runs in US-East (Ohio) only — control plane, MCP server clusters, and data storage are all in the United States. No multi-region managed SaaS option. EU/APAC residency requires self-hosting on Kubernetes via Helm chart — an Enterprise-tier offering, deployed as a closed binary, not source-built. (Source: Arcade Cloud docs.)

Audit Logs, RBAC, and SSO Tier Gating

OIDC SSO via Auth0 presets or any OIDC provider on all paid tiers. Per-user JWT claims drive per-team and per-tenant authorization at the gateway edge. SAML SSO available as an Enterprise add-on. Audit logs and penetration test reports under NDA available as Enterprise add-ons. Per-route capability filtering and JWT-claim-driven authorization on all paid tiers — no sales call required.

Audit Logs, Role-Based Access Control, SSO, and SAML are all Enterprise-tier-only per the published pricing page. Hobby and Growth tiers share a single tenant with no isolation. End-user identity (User Sources) is OIDC-only; SAML is not available for User Sources, only for the Arcade admin console — and only at Enterprise.

Programmable Policies (Code vs. Webhooks)

Custom policies are TypeScript code running in the edge runtime alongside the gateway, with full type-safe access to ZuploRequest / ZuploContext. custom-code-inbound and custom-code-outbound policies compose anywhere in the inbound or outbound chain. Same runtime as the rest of the Zuplo platform. No webhook RTT, no separate service to operate.

Contextual Access "Logic Extensions" (Access, Pre-Execution, Post-Execution hooks) are external webhooks that you host yourself, with a default 5-second timeout per call. Every redaction, allow/deny check, or payload transform adds webhook round-trip latency. No first-party JavaScript or WASM sandbox — policies are arbitrary code in an HTTP endpoint you stand up and run.

GitOps and Developer Workflow

Git is the source of truth. Every branch maps to an environment — push to main and deploy main, push to feature-auth and get a feature-auth environment automatically. PR preview environments let reviewers test changes against a live gateway before merging. Global deploys to 300+ POPs in under 20 seconds. GitHub native integration with auto-deploys; GitLab, BitBucket, and Azure DevOps source-control integration available on Enterprise.

The documented workflow is arcade deploy from the CLI to push a local MCP server to Arcade Cloud. No Git-driven promotion model, no per-branch preview environments, and no first-class CI/CD integration in the public docs. Branch = environment, PR = live preview is not the Arcade pattern.

Tool Catalog and Custom Tools

Auto-generates MCP servers from any OpenAPI specification — Finsolutia stood up a working MCP server in under 24 hours with zero code changes to their existing REST APIs. @zuplo/mcp is published on npm as a fetch-API-based, remote-server-first TypeScript SDK that runs on Zuplo, Node, Deno, and Workerd. Build custom tools in TypeScript with full @zuplo/runtime type safety. Independent of any pre-built catalog — federate whichever upstream MCP servers your team actually uses.

~145 pre-built MCP servers covering thousands of tools, split into "Arcade Optimized" (hand-crafted, LLM-friendly), "Arcade Unoptimized" (auto-generated from raw APIs — Arcade's own docs warn to "thoroughly evaluate each Unoptimized tool with your Agents before using it in production"), Verified, Community, and Auth Provider designations. As of July 25, 2025, most tool source code moved out of the public arcade-ai repo to closed-source. Custom tools built with the Python arcade-mcp-server SDK or Java/Spring AI (TypeScript SDK is early — 2 GitHub stars).

Per-User OAuth Brokering and Token Vault

Per-user OAuth brokering with encrypted token vaulting, keyed to the user's subject ID. Token refresh is transparent — when the upstream returns a 401 mid-request, the gateway refreshes the upstream credential and retries once. Reconsent flow built in — when an upstream policy revokes a refresh token, the next request surfaces reconsent_required and the user re-authorizes through the same browser flow. RFC 7009 token revocation published at /oauth/revoke.

Per-user OAuth brokering with AES-256 application-layer encryption on tokens before persisting to storage. Auth provider catalog includes Asana, Atlassian, Discord, Dropbox, GitHub, Google, HubSpot, Linear, LinkedIn, Microsoft, Notion, Reddit, Slack, Spotify, Twitch, X, Zoom, plus generic OAuth 2.0. Note: Arcade's default OAuth apps cannot be used in production multi-user apps — you must register your own OAuth apps per provider and add them to Arcade. (Source: production auth docs.)

MCP Spec Compliance

Tracks the MCP 2025-11-25 revision for authorization and protocol. Streamable HTTP transport on POST; GET returns 405. Stateless gateway — no MCP session affinity required, scales horizontally on the edge. RFC 8707 resource indicators mandatory. RFC 7636 PKCE S256 required. OAuth Client ID Metadata Documents (CIMD) preferred over Dynamic Client Registration.

Supports the MCP 2025-11-25 spec via the arcade-mcp framework — Arcade co-authored the SEP for URL Elicitation in that revision in collaboration with Anthropic. Streamable HTTP transport. Allowlist mechanism for trusted MCP clients via Client ID Metadata Document URL (Claude Desktop, Claude Code, VS Code). Arcade docs explicitly claim RFC 6750 and RFC 9728; RFC 8707 resource indicators are not mentioned in public docs.

Open Source Footprint

@zuplo/mcp open-source TypeScript SDK published on npm, designed to be "minimum common API" compliant per WinterTC. Inspired by and attributing the official modelcontextprotocol/typescript-sdk. Zudoku developer portal (MIT, ~540 GitHub stars). 81 public repos on the GitHub org. Source-available platform with TypeScript escape hatches.

arcade-mcp framework is MIT-licensed (~900 GitHub stars) and is genuine OSS. The Arcade Engine itself is a closed binary distributed via Brew, APT, and a private Docker image — no source repo published. On July 25, 2025, most MCP server source code was moved out of the public arcade-ai monorepo to closed-source — "source code remains available upon request for our paying customers."

Identity Provider Integration

First-class MCP OAuth presets for Auth0, Amazon Cognito, Clerk, Google, Keycloak, Logto, Microsoft Entra ID, Okta, OneLogin, PingOne, and WorkOS. Generic OIDC for anything else — drop in your issuer URL and your customers click Connect. SAML SSO available as an Enterprise add-on. Per-user JWT claims accessible from any policy via request.user.data.

End-user identity ("User Sources") is OIDC-only — Entra ID, Okta, Auth0, Clerk, Stytch, or "a similar OIDC provider." SAML is not supported for User Sources. SSO and SAML for the Arcade admin console are Enterprise-tier features. Custom subject claim configurable; PKCE required on User Source OIDC flow.

AI Gateway and Guardrails

Full AI Gateway alongside the MCP Gateway. Multi-provider routing across OpenAI, Anthropic, Google (Gemini), and Mistral via a Universal API, with automatic fallback when a provider rate-limits or errors. Token-based rate limits and hierarchical dollar budgets (org → team → sub-team → app) with Enforce or Warn modes. Semantic caching, prompt injection detection, and the Akamai AI Firewall partnership policy (DLP, toxic content filtering, adversarial protection). Secret masking on outbound responses.

No first-class AI Gateway product. Arcade is model-agnostic and integrates with LangChain, CrewAI, Google ADK, AG2, OpenAI Agents, Mastra, Vercel AI, TanStack AI, and Spring AI — but routing, budgets, semantic caching, and provider guardrails are not part of the Arcade platform. You compose Arcade with whichever LLM router and guardrail vendor you already use.

Observability and Audit Trail

Typed analytics events across the MCP request lifecycle — mcp_request, capability_invocation, auth_event — with seven outcome classes and per-event subjectId, upstreamServerId, latency split gateway-vs-upstream, failure origin, and reason code. Structured logs export to Datadog (native plugin), AWS CloudWatch, Dynatrace, Google Cloud Logging, Loki, New Relic, Splunk, Sumo Logic, or any OTLP-compatible destination (Honeycomb, Tempo, self-hosted Jaeger). Audit logs available as an Enterprise add-on.

Audit logs cover administrative actions only (API_KEY, PROJECT, GATEWAY, HOOK, etc.) — the documented audit-log REST API has no TOOL_CALL resource type, so per-tool-call audit trails route through a separate OpenTelemetry pipeline. Audit logs are an Enterprise-tier feature. Execution logs are stored as Application data with user-controlled retention.

Data Handling and Training Defaults

Customer data is encrypted at rest. Zuplo does not train models on customer payloads. SOC 2 Type II audited; penetration test reports available under NDA on Enterprise.

Arcade Cloud collects "tool queries, tool execution inputs, tool execution results" for ML training by default, with retention up to 5 years. Opt-out is org-level and takes effect immediately — but the default is opt-in. For tools that handle Stripe payloads, Salesforce records, HubSpot CRM data, or Microsoft 365 content, that is a non-trivial default to inherit. (Source: Arcade Cloud docs.)

Compliance Posture

SOC 2 Type II via Trust & Compliance Report, third-party penetration test reports available under NDA, audit logs across the control plane (Enterprise add-on), 24/7/365 emergency hotline available on Enterprise. Up to 99.999% uptime SLA.

SOC 2 Type II achieved August 2025 (Source: SOC 2 announcement). HIPAA, FedRAMP, ISO 27001, and PCI-DSS are not currently claimed — framed as "future work." The SOC 2 blog post itself hedges: "Today's SOC 2 Type 2 is table stakes."

SDK Languages and Framework Coverage

TypeScript runtime with @zuplo/runtime, @zuplo/mcp, and @zuplo/cli on npm. Browser-based authoring in the Zuplo portal with Working Copy environments. Local development via the CLI. Drop-in compatibility with the OpenAI SDK baseURL for AI Gateway traffic.

Python is the primary SDK surface (arcade-mcp-server) for authoring custom tools. Java/Spring AI SDK added April 2026. TypeScript MCP server framework (arcade-mcp-ts) exists but is early (~2 GitHub stars). Client SDKs in Python, Node, Go, and Java. Built-in framework integrations for AG2, CrewAI, Google ADK, LangChain, OpenAI Agents, Mastra, Vercel AI, TanStack AI, Spring AI.

Pricing and Commercial Model

Free tier with 100K requests/month, 5 environments, 100 consumers, 1 MCP server, and 1K MCP tool calls/month. Builder $25/month includes 100K requests with $100 per additional 100K up to 1M, plus 2 custom domains, 10 environments, 10K MCP tool calls/month, and 5 MCP users. Enterprise from $1,000/month on annual contract with 99.5% SLA at entry and up to 99.999% available, volume discounts past 1M requests/month. SSO + RBAC, SOC 2 controls, Managed Dedicated, and Self-Hosted are Enterprise add-ons.

Hobby (free): 100 user challenges, 1,000 standard tool executions, 50 pro tool executions, 1 hosted MCP server, shared tenancy. Growth ($25/mo): 600 challenges, 2,000 standard executions, then $0.01 per standard execution + $0.05 per challenge, $0.50 per pro tool execution, $0.05/hour per hosted MCP server. Enterprise: custom pricing for dedicated tenancy, audit logs, RBAC, SSO/SAML, self-hosted Kubernetes, custom SLA. (Source: arcade.dev/pricing.)

Migration path

Moving MCP traffic from Arcade to Zuplo

Migrating from Arcade is a low-disruption change because MCP clients (Claude Desktop, Claude Code, Cursor, ChatGPT, VS Code, MCP Inspector) point at a gateway URL — swap the URL, repoint OAuth to Zuplo, keep your existing IDP. The biggest practical work is mapping the tool catalog: any custom Python tools you wrote with <code>arcade-mcp-server</code> get re-authored as TypeScript MCP tools (or kept on Arcade temporarily and federated through Zuplo until the renewal cycle consolidates the decision). Pre-built upstream MCP servers — GitHub, Linear, Slack, Notion, Stripe — federate into Zuplo natively with one route per upstream and the gateway's standard OAuth brokering.

Phase

Duration · weeks

W2W4W6W8W10

Outcome

Inventory tools and upstreams in use

Catalog the tools your agents call today via Arcade — both pre-built MCP servers (GitHub, Linear, Slack, Notion, Stripe, HubSpot, Salesforce, Microsoft 365) and any custom Arcade-MCP-server tools you authored. Capture which require per-user OAuth and which use shared service accounts.

2 weeks

Plan locked

Stand up Zuplo MCP Gateway

Configure your IDP (Auth0 preset or any OIDC provider), import each upstream MCP server as a route, and define virtual MCP servers per role or team using <code>mcp-capability-filter-inbound</code>. Bind a credential model per route — per-user OAuth where the upstream supports it, shared API key from the encrypted vault where it doesn't. Pin <code>compatibilityDate</code> ≥ 2026-03-01 in <code>zuplo.jsonc</code>.

2 weeks

Foundation live

Port custom tools to TypeScript or keep on Arcade temporarily

Custom Python tools authored with <code>arcade-mcp-server</code> re-author as TypeScript using <code>@zuplo/mcp</code>, or expose the existing Arcade Engine as one more upstream in your Zuplo MCP Gateway until renewal forces a consolidation. For APIs you own, use the MCP Server handler to auto-generate from OpenAPI — zero code in many cases.

4 weeks

Side-by-side

Apply guardrails and capability filtering

Add prompt-injection detection (<code>prompt-injection-outbound</code>) and secret-masking (<code>secret-masking-outbound</code>) to the inbound MCP request path. Curate each virtual server's tool list with <code>mcp-capability-filter-inbound</code> so each team sees only the tools they should call. Test against your Claude, Cursor, and VS Code clients via the MCP Inspector.

2 weeks

Cut-over done

Total timeTypical MCP cut-over in 2–6 weeks for governed deployments

Routes & specs

Direct OpenAPI import

Arcade.dev plugins

Map to TypeScript policies

Risk modelSide-by-side

Migration phases

Typical MCP cut-over in 2–6 weeks for governed deployments

Inventory tools and upstreams in use
Catalog the tools your agents call today via Arcade — both pre-built MCP servers (GitHub, Linear, Slack, Notion, Stripe, HubSpot, Salesforce, Microsoft 365) and any custom Arcade-MCP-server tools you authored. Capture which require per-user OAuth and which use shared service accounts.
2 wksPlan locked
Stand up Zuplo MCP Gateway
Configure your IDP (Auth0 preset or any OIDC provider), import each upstream MCP server as a route, and define virtual MCP servers per role or team using <code>mcp-capability-filter-inbound</code>. Bind a credential model per route — per-user OAuth where the upstream supports it, shared API key from the encrypted vault where it doesn't. Pin <code>compatibilityDate</code> ≥ 2026-03-01 in <code>zuplo.jsonc</code>.
2 wksFoundation live
Port custom tools to TypeScript or keep on Arcade temporarily
Custom Python tools authored with <code>arcade-mcp-server</code> re-author as TypeScript using <code>@zuplo/mcp</code>, or expose the existing Arcade Engine as one more upstream in your Zuplo MCP Gateway until renewal forces a consolidation. For APIs you own, use the MCP Server handler to auto-generate from OpenAPI — zero code in many cases.
4 wksSide-by-side
Apply guardrails and capability filtering
Add prompt-injection detection (<code>prompt-injection-outbound</code>) and secret-masking (<code>secret-masking-outbound</code>) to the inbound MCP request path. Curate each virtual server's tool list with <code>mcp-capability-filter-inbound</code> so each team sees only the tools they should call. Test against your Claude, Cursor, and VS Code clients via the MCP Inspector.
2 wksCut-over done

Read the full migration guide

What our customers say

Trusted by engineering teams at scale

90%

Hardware footprint reduction at scale

Read the Blockdaemon case study →

"The move to Zuplo from our existing API Management vendor was easy, taking just over 2 months to switch mission critical systems, and we're saving over 70% on costs."

Ryan Waites

Senior Director, Blockdaemon

Case study →

"Zuplo gives us the flexibility to scale efficiently, ensures security and compliance, and reduces operational complexity so we can focus on building new capabilities."

Daryl Benzel

Staff Software Engineer, Yext

Case study →

1B+

End users served via Zuplo APIs

Read the AccuWeather case study →

Hours

To launch MCP server on regulated APIs

Read the Finsolutia case study →

"We didn't touch a line of code, it's just plug and play. The results were very surprising, in just a couple of hours we had a great result and a fully working MCP Server."

Miguel Madeira

CTO & Co-Founder, Finsolutia

Case study →

Trusted for regulated and high-volume workloads

SOC 2 Type II Third-party penetration testing GDPR-aligned 24/7/365 emergency hotline

300+ Global edge locations

Billions API requests served / month

Up to 99.999% Enterprise uptime SLA

<20s Global deploy time

Frequently Asked Questions

Common questions about Zuplo vs Arcade.dev.

Ready to talk to an expert?

Book a call with a solutions architect for a tailored walkthrough — SOC 2 controls, dedicated deployment, AI Gateway, and enterprise support. Or start free and explore the platform yourself.

Book a Call Start for Free

Zuplo vsArcade.dev

Arcade's key limitations for modern engineering teams

Arcade Cloud is US-only with no multi-region option

Audit logs, RBAC, and SSO are Enterprise-tier-only

Tool training data collection is opt-out by default

Engine is a closed binary and tools went closed-source in July 2025

Hooks are webhooks, not in-process policies

No native GitOps or PR preview environments

Built for teams replatforming off Arcade.dev

Product Category and Architecture

Deployment Model and Data Residency

Audit Logs, RBAC, and SSO Tier Gating

Production-ready for regulated and high-volume workloads

Compliance & Audit

Identity & Access

Deployment Flexibility

Support & Success

Built as a programmable MCP gateway, not a closed-runtime tool catalog

OAuth 2.1 with RFC 8707 resource indicators

Per-user OAuth brokering with encrypted token vaulting

Virtual MCP servers and capability filtering

OpenAPI-to-MCP and programmable TypeScript policies

See Zuplo running on your stack

Feature-by-feature comparison

Moving MCP traffic from Arcade to Zuplo

Trusted by engineering teams at scale

Frequently Asked Questions

How is Zuplo's MCP Gateway different from Arcade.dev's runtime?

Can I keep Arcade and put Zuplo in front of it?

Why does Arcade Cloud only run in the United States?

What about Arcade's argument that gateways are not the right control point?

What happens to my custom tools when I migrate from Arcade?

Does Zuplo collect my tool inputs and outputs for ML training?

How do audit logs compare?

How does pricing compare?

Is the MCP Gateway available today?

Does Zuplo work with my existing identity provider?

Can I self-host Zuplo?

Ready to talk to an expert?

Zuplo vs
Arcade.dev