SSO / SAML
RBAC
Observability
mTLS
SOC 2 Type II
Audit log
AI Gateway
AIDEPLOYED
Routesroutes.oas.json
GET/ordersREST
POST/checkoutREST
/mcp/githubMCP
/mcp/slackMCP
POST/v1/chat/…AI
+Add route
PoliciesRequest ↓ · ↑ Response
api-key-auth
ai-guardrails
rate-limit
budget-cap
+custom-policy.ts
Failoveropenai/gpt-4o → anthropic/claude
MCP Gateway
MCPDEPLOYED
Routesroutes.oas.json
GET/ordersREST
POST/checkoutREST
/mcp/githubMCP
/mcp/slackMCP
POST/v1/chat/…AI
+Add route
PoliciesRequest ↓ · ↑ Response
oauth-2.0-auth
rate-limit
enforce-agent-access
audit-log
+custom-policy.ts
Upstream MCPhttps://mcp.github.com/mcp
API Gateway
RESTDEPLOYED
Routesroutes.oas.json
GET/ordersREST
POST/checkoutREST
/mcp/githubMCP
/mcp/slackMCP
POST/v1/chat/…AI
+Add route
PoliciesRequest ↓ · ↑ Response
api-key-auth
rate-limit
monetization-metering
request-validation
+custom-policy.ts
Upstreamhttps://api.internal.acme.com
Every Endpoint, Managed
Complete visibility into every route
Govern every route
Auth, rate limits, validation
Turn APIs into revenue
Plans & metering built in
MCP Gateway & Servers
A pipeline for every tool call
Full policy enforcement
Built-in and custom policies
Catch rogue tool calls
Audit + allow-list per agent
Universal API
Change one URL, use any provider
Guardrails
Block prompt injection & PII
Stop runaway AI bills
Budget monitoring and enforcement
One platform · one control plane
APIs, MCP, and AI — composable, on one platform.
The same gateway runs your APIs, federates your MCP servers, and routes your LLM traffic.
Foundation
API Gateway
Routes, policies, and auth — the pipeline every other layer runs on.
Agents & tools
MCP Gateway
MCP servers are just routes — federated, toggled, and governed from the same designer.
LLM traffic
AI Gateway
LLM calls run the same policy pipeline — budgets, guardrails, and provider failover.
Zuplo unified platform: three layers