Cloudflare AI Gateway Alternatives (2026): 6 Options
Cloudflare AI Gateway is the easiest way to put a gateway in front of AI providers: free, fast, zero-ops. Six alternatives cover what it trades away — self-hosting, data residency, MCP and agent governance, and compliance evidence.
Cloudflare AI Gateway is the lowest-friction gateway in the market: an edge proxy that adds caching, rate limiting, spend limits, logging, dynamic routing with fallbacks and Llama-Guard-based guardrails on Cloudflare's global network, free on every plan. For a team that wants routing and cost control with nothing to run, it is often the right first choice.
The reasons to look elsewhere are structural, not quality complaints. The gateway runs only on Cloudflare's edge — there is no self-hosted or VPC option — so every prompt transits Cloudflare, and the product is documented as incompatible with Cloudflare's own Regional Services for data localization. It also stops at the LLM layer: no MCP or agent gateway, no RBAC hierarchy, no AI inventory or compliance evidence. This page maps six alternatives for teams that hit one of those walls, with every claim cited as of July 15, 2026.
Why teams look beyond Cloudflare AI Gateway
Credit first. Cloudflare AI Gateway is genuinely excellent at what it does: free core features, an edge network no self-hosted product can match on latency, unified request logging, dynamic routing with automatic fallbacks and retries, and — since June 2026 — enforced dollar spend limits scoped by metadata. As a public company (NYSE: NET), it is also a low-risk vendor bet. For zero-ops routing and cost control, staying put is often the honest recommendation.
The first switch driver is data residency and sovereignty. The gateway is SaaS-only and runs on Cloudflare's edge; AI traffic transits Cloudflare's network, and the product is documented as incompatible with Regional Services. Regulated organizations that must keep the AI data path inside their own infrastructure — or air-gapped — cannot meet that requirement with an edge service.
The second is scope. Cloudflare governs LLM traffic. It does not provide an MCP gateway, an agent gateway, an RBAC hierarchy, prompt management, an AI inventory, or compliance evidence. Teams that need those reach for a fuller platform.
The third is policy depth. Guardrails are a single moderation model rather than multi-engine orchestration, and there is no agent containment. Buyers who need PII redaction, prompt-injection defense from multiple engines, or a runtime sandbox for autonomous agents need more than the edge gateway offers.
How we chose the alternatives
- Runtime enforcement required: every entry proxies and applies policy to live AI traffic.
- Deployment model stated plainly — the alternatives are chosen partly because they offer self-hosting or residency options Cloudflare does not.
- Documented capabilities only, checked against vendor sources as of July 15, 2026.
- Scope fit: entries are graded on the AI-gateway job, with broader platform capabilities treated as adjacent.
- Migration friction: all entries expose an OpenAI-compatible surface, so applications move by changing a base URL.
The alternatives at a glance
| Product | Best for | Deployment | Open source | Pricing model |
|---|---|---|---|---|
| Portkey | Platform teams standardizing LLM traffic, cost tracking and guardrails across many product teams. | SaaS, hybrid (data plane in your VPC) or air-gapped (enterprise) | MIT (gateway core); platform proprietary | Free dev tier; Pro from $49/mo; enterprise by quote |
| Kosmoy | Regulated enterprises that need governance enforced in the runtime path, in their own infrastructure. | Self-hosted — single-tenant, your own Kubernetes (air-gap capable) | Proprietary | Enterprise subscription; no self-service tier. |
| LiteLLM | Platform teams standardizing LLM access on a self-hosted, OSS-first gateway — with the engineers to run it. | Self-hosted (Docker, Kubernetes, Helm, Terraform) — air-gap supported | MIT core; enterprise/ directory under a commercial license | OSS core free; enterprise license by quote (contact sales), with a free 7-day trial |
| Kong AI Gateway | Platform and API teams — especially existing Kong customers — extending proven gateway governance to LLM, MCP and agent traffic. | Konnect (SaaS control plane, customer-hosted data planes) or fully self-managed; air-gap marketed for Enterprise | Apache-2.0 core (incl. ai-proxy); many AI plugins Enterprise/Konnect-only | OSS gateway free; Konnect has free and self-serve tiers; Enterprise by quote — AI Gateway is not sold separately |
| Helicone | Existing Helicone users who need continuity; the maintenance-mode status makes it hard to recommend for new adoption in 2026. | SaaS; full platform self-hostable (Docker Compose, Helm); no air-gapped option documented | Apache-2.0 (main platform repo, ~5.9k stars) | Free Hobby tier (10k requests/month); Pro from $79/mo; Team $799/mo adds SOC 2 and HIPAA; gateway usage billed at provider cost (zero markup). |
| OpenRouter | Developers, AI startups and engineering teams that want one API to many models — with routing, failover and data-policy controls — without running any gateway infrastructure. | SaaS only; EU in-region routing (eu.openrouter.ai) is the residency option | Proprietary | Pass-through provider token prices with no per-token markup; 5.5% fee on credit purchases and a 5% BYOK fee after a free monthly allowance; enterprise by sales contact. |
Last verified July 15, 2026 against each vendor's public documentation.
Capability shape vs Cloudflare AI Gateway
Each panel shows one alternative across the same ten capability axes (0–10); the dashed outline is Cloudflare AI Gateway for reference. The further a shape reaches on a spoke, the stronger that capability.
The alternatives, one by one
Portkey
AI gateway & LLM-ops control planePortkey is an AI gateway and control plane for production AI — one API to 1,600+ models across 45+ providers, with observability, guardrails, prompt management and MCP/agent access control — acquired by Palo Alto Networks in May 2026.
The feature-rich upgrade. Portkey keeps the managed convenience but adds the depth Cloudflare lacks — 1,600+ models, 21+ observability metrics, prompt management, multi-engine guardrails, MCP and agent gateways — with SaaS, hybrid and air-gapped tiers.
Where it beats Cloudflare AI Gateway
- A hybrid data-plane and a documented air-gapped tier, so the AI path can stay in your VPC or network — impossible on Cloudflare's edge.
- MCP and agent gateways, RBAC, prompt management and far deeper observability than Cloudflare's analytics.
- Model breadth (1,600+ across 45+ providers) versus Cloudflare's fixed provider integrations.
Where it falls short
- Not free at scale: Cloudflare's core gateway is free, Portkey meters logged requests beyond the dev tier.
- More to configure than Cloudflare's near-zero setup.
- Post-acquisition roadmap uncertainty under Palo Alto Networks (public docs changelog stops April 2026, as of July 15, 2026).
Kosmoy
AI management platformA self-hosted control plane for enterprise AI: one inventory, one policy gateway, one audit trail and a containment sandbox for every model, agent and MCP server a company runs.
The sovereignty-and-governance answer. Where Cloudflare is edge-only, Kosmoy runs entirely in your own Kubernetes — single-tenant, air-gap capable — and adds the inventory, compliance evidence and agent containment an edge gateway does not attempt.
Where it beats Cloudflare AI Gateway
- Deployment sovereignty is the widest gap on any comparison: Kosmoy's data path never leaves your infrastructure, versus Cloudflare's SaaS-only edge that is incompatible with Regional Services.
- Compliance evidence: EU AI Act, ISO 42001 (aligned) and NIST AI RMF bundles from registry state plus gateway logs — Cloudflare documents none.
- Inventory and containment: a master agent registry and kernel-enforced Action Capsule sandboxes, well beyond a routing proxy.
Where it falls short
- Not free and not zero-ops: Kosmoy is enterprise-quoted software you run, versus Cloudflare's free managed edge.
- No global edge network — latency depends on where you deploy it, not on 300+ Cloudflare data centers.
- Overkill for a team that only needs basic routing and a spend cap.
LiteLLM
Open-source LLM proxy & AI gatewayLiteLLM is BerriAI's open-source proxy and Python SDK that puts 100+ LLM providers behind one OpenAI-compatible API — with spend tracking, guardrails, MCP and A2A gateways, and an enterprise license that adds SSO, RBAC and audit logs on the same self-hosted deployment.
The open-source, self-hosted swap. LiteLLM gives you a gateway you control — 100+ providers, budgets, MCP and A2A gateways, air-gap support — as MIT-licensed software, the opposite of an edge SaaS.
Where it beats Cloudflare AI Gateway
- Self-hosted anywhere, including air-gapped, so the data path stays in your infrastructure.
- Free and open source (MIT), with a 53.6k-star community and weekly releases.
- Broader provider coverage and MCP/A2A gateways Cloudflare does not offer.
Where it falls short
- You operate it — no managed edge, no global network, no zero-ops story.
- No AI inventory or compliance-evidence generation.
- Enterprise features (SSO, RBAC, audit logs) require a quote-based license.
Kong AI Gateway
AI gateway on the Kong API platformKong AI Gateway is the AI extension of Kong's API gateway: a plugin-based data path that proxies, secures, rate-limits, caches and observes LLM, MCP and agent-to-agent traffic — self-managed or via the Konnect SaaS control plane.
The API-platform consolidation. If AI traffic should ride the same self-managed gateway as your REST APIs, Kong governs LLM, MCP and A2A traffic on infrastructure you control.
Where it beats Cloudflare AI Gateway
- Self-managed and air-gap-marketed deployment, versus Cloudflare's edge-only model.
- MCP registry and GA agent-to-agent governance (3.14, April 2026) that Cloudflare has no equivalent for.
- One operating model for REST and AI traffic if you already run Kong.
Where it falls short
- Far more to operate than a free edge service — an API-platform product, not a zero-ops proxy.
- Advanced AI plugins are Enterprise/Konnect-gated.
- No AI inventory, compliance evidence or agent sandboxing.
Helicone
LLM observability platform with an AI gatewayHelicone is an open-source, developer-first LLM observability platform (traces, costs, prompts, experiments) with a lightweight Rust AI gateway and zero-markup cloud gateway — in maintenance mode since Mintlify acquired the company in March 2026, with feature development ended.
The observability-led option — but proceed with caution. Helicone pairs a lightweight Rust AI gateway with strong LLM observability and can be self-hosted, though it has been in maintenance mode since Mintlify acquired the company in March 2026, with feature development ended.
Where it beats Cloudflare AI Gateway
- Self-hostable (Docker Compose, Helm), so the data path can stay in your infrastructure.
- Deeper observability — traces, costs, prompts, experiments — than Cloudflare's analytics.
- Open-source core (Apache-2.0) versus Cloudflare's proprietary edge.
Where it falls short
- Maintenance mode since March 2026: fine for existing users, a real risk for new adoption — a bigger caveat than any Cloudflare limitation.
- No air-gapped option documented, no MCP/agent gateway, no compliance evidence.
- Smaller ecosystem and an uncertain future under new ownership.
OpenRouter
Multi-model API marketplace / hosted LLM routerOpenRouter is a hosted API marketplace exposing 400+ models from dozens of providers behind one OpenAI-compatible endpoint, with provider routing and failover, data-policy controls (ZDR, no-training routing) and, since 2026, organization-level Workspaces and Guardrails.
The model-marketplace router. OpenRouter exposes 400+ models behind one endpoint with provider routing, failover and data-policy controls — a breadth play, still SaaS like Cloudflare.
Where it beats Cloudflare AI Gateway
- Unmatched model breadth (400+) and provider optionality behind a single OpenAI-compatible API.
- Data-policy controls (zero-data-retention and no-training routing) and organization Workspaces and Guardrails added in 2026.
- EU in-region routing (eu.openrouter.ai) as a residency option.
Where it falls short
- SaaS-only, like Cloudflare — no self-hosted or air-gapped deployment, so it does not solve the sovereignty problem.
- No AI inventory, compliance evidence or agent containment.
- A pass-through credit fee applies, where Cloudflare's core gateway is free.
Decision guide
Questions buyers ask
Is Cloudflare AI Gateway good enough, or should I switch?
For zero-ops routing, caching, retries and spend control, it is genuinely one of the best options — free, fast, and backed by a public company. You should switch only when you hit one of its structural limits: you need the AI data path inside your own infrastructure (it is edge-only and incompatible with Regional Services), you need MCP/agent governance or an RBAC hierarchy, or you need AI inventory and compliance evidence. If none of those apply, staying put is the honest choice.
What is the best self-hosted alternative to Cloudflare AI Gateway?
For an open-source gateway you run yourself, LiteLLM (MIT, air-gap capable) is the most direct swap. For a governed, self-hosted platform in a regulated environment, Kosmoy runs single-tenant in your own Kubernetes — including air-gapped — and adds inventory, compliance evidence and agent containment. Kong and Portkey also offer self-managed or air-gapped deployments. All of these keep AI traffic off a third-party edge, which is the main reason teams leave Cloudflare.
Does Cloudflare AI Gateway keep my data in a specific region?
Not in the way regulated buyers usually mean. Cloudflare's own documentation notes that AI Gateway is incompatible with Regional Services, and the gateway runs on Cloudflare's global edge, so AI traffic transits Cloudflare's network rather than staying in a region or in your infrastructure. Teams with strict data-residency or sovereignty requirements typically choose a self-hosted gateway (Kosmoy, LiteLLM, Kong) or a SaaS with in-region routing (OpenRouter's EU endpoint).
Can Cloudflare AI Gateway help with EU AI Act compliance?
Only indirectly. Its logs and analytics are useful inputs, but it does not document EU AI Act, ISO 42001 or NIST AI RMF mapping, risk classification or evidence packs as of July 15, 2026, and its SaaS-edge model complicates data-residency arguments. Kosmoy generates those artifacts from its registries and gateway logs; on the current post-Digital-Omnibus timeline, high-risk obligations land December 2027 and August 2028, with Article 50 transparency from August 2, 2026.
Can I run Kosmoy and Cloudflare together?
Yes — they solve different problems. Some teams keep Cloudflare at the edge for caching and DDoS-resilient routing while Kosmoy provides the governance layer in their own infrastructure: inventory with risk tiers, compliance evidence, and containment for autonomous agents. Both are OpenAI-compatible, so applications can route through either surface depending on what each request needs.
Sources
Every factual claim about another vendor on this page traces to that vendor's own published material or a named third-party source below.
- Cloudflare AI Gateway documentation — accessed July 15, 2026
- Cloudflare Data Localization Suite — compatibility — accessed July 15, 2026
- Kosmoy AI Gateway — accessed July 15, 2026
- Kosmoy AI Compliance — accessed July 15, 2026
- AI Gateway pricing — accessed July 15, 2026
- Guardrails feature docs — accessed July 15, 2026
- Changelog — spend limits (June 5, 2026) — accessed July 15, 2026
- Changelog — unified REST API (May 21, 2026) — accessed July 15, 2026
- Blog — scaling AI Gateway to billions of logs — accessed July 15, 2026
- Blog — AI Security for Apps GA — accessed July 15, 2026
- Portkey open-source gateway repository — accessed July 15, 2026
- Portkey docs — what is Portkey — accessed July 15, 2026
- Portkey docs — plan & feature comparison (SaaS / hybrid / air-gapped) — accessed July 15, 2026
- Portkey docs — observability — accessed July 15, 2026
- Portkey docs — guardrails — accessed July 15, 2026
- Portkey docs — MCP gateway — accessed July 15, 2026
- Portkey pricing — accessed July 15, 2026
- Palo Alto Networks press release — Portkey acquisition completed (May 29, 2026) — accessed July 15, 2026
- Kosmoy Platform — accessed July 15, 2026
- Kosmoy Action Capsule — accessed July 15, 2026
- LiteLLM GitHub repository (stars, license, activity) — accessed July 15, 2026
- LiteLLM README (100+ providers, MCP/A2A, performance claims) — accessed July 15, 2026
- LiteLLM enterprise docs (features, SLAs, air-gap, pricing by quote) — accessed July 15, 2026
- LiteLLM release notes index (2026 releases) — accessed July 15, 2026
- Rust migration announcement (issue #31263, June 25, 2026) — accessed July 15, 2026
- Guardrail policy templates (incl. offline/air-gapped mode) — accessed July 15, 2026
- MCP deployment docs (registry, exposure controls, air-gap guidance) — accessed July 15, 2026
- litellm-agent-runtime (per-session VM coding-agent runtime) — accessed July 15, 2026
- Kong AI Gateway product page — accessed July 15, 2026
- Kong AI Gateway 3.14 release blog (Agent Gateway GA, A2A) — accessed July 15, 2026
- A2A support press release (PR Newswire, April 2026) — accessed July 15, 2026
- MCP Tool ACLs announcement (AI Gateway 3.13, January 2026) — accessed July 15, 2026
- Kong MCP Registry press release (February 2026) — accessed July 15, 2026
- Konnect LLM usage reporting docs — accessed July 15, 2026
- Kong EU AI Act positioning blog — accessed July 15, 2026
- Kong/kong GitHub repository — accessed July 15, 2026
- Kong pricing — accessed July 15, 2026
- Helicone main GitHub repo — accessed July 15, 2026
- Helicone AI Gateway repo (Rust) — accessed July 15, 2026
- Helicone pricing — accessed July 15, 2026
- Helicone — joining Mintlify (March 2026) — accessed July 15, 2026
- Mintlify acquires Helicone (March 2026) — accessed July 15, 2026
- Helicone cloud gateway / passthrough billing launch — accessed July 15, 2026
- OpenRouter FAQ (fees, data retention) — accessed July 15, 2026
- Provider routing docs — accessed July 15, 2026
- Guardrails announcement — accessed July 15, 2026
- Introducing Workspaces — accessed July 15, 2026
- Business Wire — $113M Series B, 25T tokens/week (May 26, 2026) — accessed July 15, 2026
- TechCrunch — OpenRouter valuation to $1.3B — accessed July 15, 2026
Need governance, not just a swap?
Kosmoy puts an inventory, a policy gateway and a containment sandbox around every AI your teams run — in your own Kubernetes.
Or email sales@kosmoy.com.