Zuplo
Learning Center
API Management

Apigee vs Zuplo: API Gateway Comparison for 2026

Nate TottenNate Totten
March 25, 2026
7 min read

A detailed comparison of Apigee and Zuplo for API management, covering architecture, developer experience, pricing, and migration considerations.

Apigee and Zuplo represent two different generations of API management. Apigee is one of the oldest platforms in the category, founded in 2004 and acquired by Google in 2016. Zuplo is a modern, edge-native API gateway designed for how developers build APIs today. This comparison covers the differences that matter when evaluating API management platforms.

Here’s what sets them apart:

  • Architecture: Apigee runs on Google Cloud infrastructure with region-bound instances. Zuplo deploys to 300+ global edge locations with requests routed to the nearest point of presence.
  • Developer experience: Apigee uses XML-based policy configurations with Java callouts. Zuplo uses TypeScript policies with native GitOps workflows.
  • Pricing: Apigee starts at roughly $1,500/month for 100K requests with complex enterprise contracts. Zuplo offers transparent, usage-based pricing that scales as you grow — without six-figure minimums.
  • Developer portal: Apigee’s portal is Drupal-based and requires significant setup. Zuplo auto-generates a developer portal from your OpenAPI spec.
  • Deployment speed: Apigee deployments take minutes to propagate. Zuplo deploys globally in under 20 seconds.

Feature comparison at a glance

FeatureApigeeZuplo
Deployment modelRegion-bound on GCP300+ global edge locations
ConfigurationXML policiesTypeScript + JSON
Deployment speedMinutesUnder 20 seconds
Developer portalDrupal-based, manual setupAuto-generated from OpenAPI
Git integrationRequires custom toolingNative GitOps
Multi-cloudGCP only (Hybrid is complex)Any cloud or on-premises backend
Rate limitingSpikeArrest + Quota (XML)Built-in with sliding window, per-user or per-key
API key managementRequires portal setupBuilt-in self-serve with global replication
Pricing~$1,500/mo for 100K requestsTransparent pricing that scales with usage
Custom logicJava callouts, limited JSStandard TypeScript with npm ecosystem

Architecture

Apigee

Apigee X runs as a fully managed service on Google Cloud Platform. API traffic is processed in specific GCP regions. Apigee hybrid allows deploying a containerized runtime to your own Kubernetes cluster, but the management and control plane remains on GCP.

This architecture means Apigee is effectively tied to Google Cloud. Customers running backends on AWS, Azure, or on-premises infrastructure must route traffic through GCP, adding latency and complexity. Multi-region deployments require configuring each region separately.

Zuplo

Zuplo offers two deployment models, both fully managed:

  • Managed Edge (default): API requests are processed at 300+ global points of presence, automatically routed to the nearest location. Zero infrastructure to manage. Deployments propagate globally in under 20 seconds.
  • Managed Dedicated: Zuplo runs a dedicated, isolated instance on the cloud provider of your choice (AWS, Azure, GCP, Akamai, Equinix, and others). You choose the regions. Private networking (AWS PrivateLink, Azure Private Link, GCP Private Service Connect) is supported for both inbound and outbound connections. Still fully managed by Zuplo — no infrastructure for you to operate.

Both models provide the same Zuplo features, policies, and APIs. Your code and configuration work identically on either deployment option.

Zuplo can front backends on any cloud provider (AWS, Azure, GCP) or on-premises infrastructure from a single gateway configuration. Rate limiting is enforced globally across all edge locations as a single zone, so consumers cannot bypass limits by routing through different regions.

This is a key differentiator for Apigee Edge Private Cloud customers who chose on-premises deployment for data sovereignty or compliance reasons. Apigee X forces you to Google Cloud. Zuplo’s managed dedicated option lets you keep your gateway in your own cloud and regions without taking on any infrastructure burden.

Developer experience

Configuration language

Apigee policies are defined in XML. A rate limiting policy, for example, looks like this:

XMLxml
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<SpikeArrest name="SA-RateLimit">
  <Rate>100pm</Rate>
  <Identifier ref="request.header.x-api-key"/>
  <UseEffectiveCount>true</UseEffectiveCount>
</SpikeArrest>

The same policy in Zuplo:

JSONjson
{
  "name": "rate-limit-inbound",
  "policyType": "rate-limit-inbound",
  "handler": {
    "export": "RateLimitInboundPolicy",
    "module": "$import(@zuplo/runtime)",
    "options": {
      "rateLimitBy": "user",
      "requestsAllowed": 100,
      "timeWindowMinutes": 1
    }
  }
}

For custom logic, Apigee offers Java callouts (requiring JAR file uploads and a JVM runtime) or JavaScript policies in a proprietary runtime. Apigee’s Trireme-based Node.js support has already reached end of life.

Zuplo uses standard TypeScript. Custom policies have access to the full npm ecosystem, standard web APIs (Request, Response, fetch), and can be tested with standard frameworks like Vitest or Jest.

GitOps and deployment

With Apigee, achieving GitOps requires significant custom work: external scripting, custom CI/CD pipelines, and third-party tools. Configuration lives in a mix of UI settings, XML files, and API calls.

Zuplo is GitOps-native. All configuration (routes, policies, environment variables, developer portal settings) is stored as text files in your Git repository. Push to main and the gateway updates globally. Open a pull request and get a preview environment automatically. This is not an add-on; it’s how the platform works.

Developer portal

Apigee’s developer portal is built on Drupal. It requires installing and maintaining a CMS, configuring authentication, manually keeping documentation in sync with API changes, and customizing the theme. Developer teams are needed on Drupal CMS management.

Zuplo’s developer portal is automatically generated from your OpenAPI spec. It includes interactive API documentation, self-serve API key management, and built-in authentication with any OIDC provider. It updates automatically every time you deploy. The portal is built on Zudoku, an open-source framework, and can be customized with CSS, Markdown, and React components.

Pricing

Apigee’s pricing is complex. The pay-as-you-go model charges per API call, per active environment per region per hour, and per proxy deployment unit per hour. Subscription plans start at roughly $1,500/month for 100K requests, with separate charges for environments, analytics add-ons, and developer portal features. Enterprise contracts often require six-figure annual commitments.

Zuplo’s pricing is transparent and scales with your usage. Enterprise plans are custom-tailored to your needs with competitive pricing — typically 80% less than equivalent Apigee deployments. All plans include unlimited environments, API keys, and developer portals with no per-environment charges and no analytics add-on fees.

Zuplo also offers a free plan that teams can use to test their migration before committing, so you can validate your configuration and policy translation with zero risk.

Authentication and security

Both platforms support API key authentication, JWT validation, OAuth token validation, basic authentication, and IP restriction. There are some differences:

Where Apigee is stronger:

  • Apigee can act as a full OAuth 2.0 authorization server (issuing tokens, not just validating them)
  • Built-in SAML support
  • Dedicated XML and JSON threat protection policies

Where Zuplo is stronger:

  • Built-in API key leak detection (GitHub secret scanning integration)
  • Managed WAF with OWASP Core Ruleset
  • Built-in DDoS protection at the edge
  • Bot detection (enterprise add-on)
  • Pre-built JWT policies for specific providers (Auth0, Cognito, Clerk, Firebase, Supabase) in addition to generic OIDC

Analytics and observability

Apigee has deeper built-in analytics with native dashboards, custom reports, a metrics API, and up to 14 months of data retention. It integrates with BigQuery for advanced analysis.

Zuplo provides built-in real-time analytics and monitoring. For advanced reporting, it integrates with observability platforms like Datadog, New Relic, and Google Cloud Logging via OpenTelemetry and log drain plugins.

If your organization relies heavily on Apigee’s built-in analytics dashboards, you should plan to set up equivalent dashboards in your observability platform during migration.

API monetization

Apigee has built-in monetization with rate plans, prepaid and postpaid billing models, and revenue reporting, though this is tightly coupled to its Drupal developer portal.

Zuplo has built-in API monetization with native metering, real-time quota enforcement, and Stripe billing integration. You define meters (request counts, tokens, bytes, or custom dimensions), create plans with rate cards (flat fee, per-unit, tiered, volume, or package pricing), and publish them to your developer portal. Customers subscribe through Stripe Checkout, get plan-scoped API keys, and usage is metered and enforced at the gateway in real time. No external metering services, no webhook chains, no state sync between systems. Supported billing models include fixed monthly quotas, pay-as-you-go, quotas with overage billing, and prepaid credit/token bundles.

AI capabilities

Zuplo has invested significantly in AI gateway capabilities:

  • Auto-generated MCP server from OpenAPI specs for AI agent discovery
  • Centralized MCP Gateway for managing all MCP servers
  • Model routing to OpenAI, Anthropic, Google, and other providers
  • Real-time token usage and cost tracking

Apigee has recently added some AI-specific policies (LLMTokenQuota, SanitizeUserPrompt, SemanticCacheLookup) but lacks the MCP ecosystem.

When to choose Apigee

Apigee may be the better choice if:

  • You are heavily invested in Google Cloud and want tight GCP integration
  • You need Apigee to act as your OAuth 2.0 authorization server
  • You rely on deep built-in analytics with long retention periods
  • You have existing Apigee expertise and want to stay on the platform

When to choose Zuplo

Zuplo is the better choice if:

  • You want edge-native performance without managing infrastructure
  • You need a dedicated cloud deployment with a modern DX (managed dedicated on the provider and regions you choose)
  • Your team prefers TypeScript over XML and Java
  • You value GitOps workflows with instant preview environments
  • You run multi-cloud or non-GCP backends
  • You want transparent pricing without enterprise-minimum contracts
  • You need a developer portal that auto-generates from your OpenAPI spec
  • You’re migrating from Apigee Edge and want to avoid the Apigee X migration complexity
  • You have data sovereignty requirements but don’t want to sacrifice developer experience

Apigee Edge end of life

If you’re reading this comparison because Apigee Edge is reaching end of life, here’s what you need to know:

  • Apigee Edge for Private Cloud v4.53 reached end of life on April 11, 2026
  • The final version (v4.53.01) reaches end of life on February 26, 2027
  • Migrating to Apigee X is not an in-place upgrade; it’s a full platform rebuild
  • If you need to rebuild anyway, evaluate whether a modern alternative like Zuplo better fits your team’s workflow

Zuplo has a dedicated Apigee migration guide with policy mapping, code examples, and a step-by-step process. You can also see the full feature comparison or start migrating for free.