Alternatives guidePublished July 2, 2026· Last verified July 15, 2026

Cloudflare AI Gateway Alternatives (2026): 6 Options

Cloudflare AI Gateway is the easiest way to put a gateway in front of AI providers: free, fast, zero-ops. Six alternatives cover what it trades away — self-hosting, data residency, MCP and agent governance, and compliance evidence.

Cloudflare AI Gateway is the lowest-friction gateway in the market: an edge proxy that adds caching, rate limiting, spend limits, logging, dynamic routing with fallbacks and Llama-Guard-based guardrails on Cloudflare's global network, free on every plan. For a team that wants routing and cost control with nothing to run, it is often the right first choice.

The reasons to look elsewhere are structural, not quality complaints. The gateway runs only on Cloudflare's edge — there is no self-hosted or VPC option — so every prompt transits Cloudflare, and the product is documented as incompatible with Cloudflare's own Regional Services for data localization. It also stops at the LLM layer: no MCP or agent gateway, no RBAC hierarchy, no AI inventory or compliance evidence. This page maps six alternatives for teams that hit one of those walls, with every claim cited as of July 15, 2026.


Why teams look beyond Cloudflare AI Gateway

Credit first. Cloudflare AI Gateway is genuinely excellent at what it does: free core features, an edge network no self-hosted product can match on latency, unified request logging, dynamic routing with automatic fallbacks and retries, and — since June 2026 — enforced dollar spend limits scoped by metadata. As a public company (NYSE: NET), it is also a low-risk vendor bet. For zero-ops routing and cost control, staying put is often the honest recommendation.

The first switch driver is data residency and sovereignty. The gateway is SaaS-only and runs on Cloudflare's edge; AI traffic transits Cloudflare's network, and the product is documented as incompatible with Regional Services. Regulated organizations that must keep the AI data path inside their own infrastructure — or air-gapped — cannot meet that requirement with an edge service.

The second is scope. Cloudflare governs LLM traffic. It does not provide an MCP gateway, an agent gateway, an RBAC hierarchy, prompt management, an AI inventory, or compliance evidence. Teams that need those reach for a fuller platform.

The third is policy depth. Guardrails are a single moderation model rather than multi-engine orchestration, and there is no agent containment. Buyers who need PII redaction, prompt-injection defense from multiple engines, or a runtime sandbox for autonomous agents need more than the edge gateway offers.

How we chose the alternatives

  • Runtime enforcement required: every entry proxies and applies policy to live AI traffic.
  • Deployment model stated plainly — the alternatives are chosen partly because they offer self-hosting or residency options Cloudflare does not.
  • Documented capabilities only, checked against vendor sources as of July 15, 2026.
  • Scope fit: entries are graded on the AI-gateway job, with broader platform capabilities treated as adjacent.
  • Migration friction: all entries expose an OpenAI-compatible surface, so applications move by changing a base URL.

The alternatives at a glance

ProductBest forDeploymentOpen sourcePricing model
PortkeyPlatform teams standardizing LLM traffic, cost tracking and guardrails across many product teams.SaaS, hybrid (data plane in your VPC) or air-gapped (enterprise)MIT (gateway core); platform proprietaryFree dev tier; Pro from $49/mo; enterprise by quote
KosmoyRegulated enterprises that need governance enforced in the runtime path, in their own infrastructure.Self-hosted — single-tenant, your own Kubernetes (air-gap capable)ProprietaryEnterprise subscription; no self-service tier.
LiteLLMPlatform teams standardizing LLM access on a self-hosted, OSS-first gateway — with the engineers to run it.Self-hosted (Docker, Kubernetes, Helm, Terraform) — air-gap supportedMIT core; enterprise/ directory under a commercial licenseOSS core free; enterprise license by quote (contact sales), with a free 7-day trial
Kong AI GatewayPlatform and API teams — especially existing Kong customers — extending proven gateway governance to LLM, MCP and agent traffic.Konnect (SaaS control plane, customer-hosted data planes) or fully self-managed; air-gap marketed for EnterpriseApache-2.0 core (incl. ai-proxy); many AI plugins Enterprise/Konnect-onlyOSS gateway free; Konnect has free and self-serve tiers; Enterprise by quote — AI Gateway is not sold separately
HeliconeExisting Helicone users who need continuity; the maintenance-mode status makes it hard to recommend for new adoption in 2026.SaaS; full platform self-hostable (Docker Compose, Helm); no air-gapped option documentedApache-2.0 (main platform repo, ~5.9k stars)Free Hobby tier (10k requests/month); Pro from $79/mo; Team $799/mo adds SOC 2 and HIPAA; gateway usage billed at provider cost (zero markup).
OpenRouterDevelopers, AI startups and engineering teams that want one API to many models — with routing, failover and data-policy controls — without running any gateway infrastructure.SaaS only; EU in-region routing (eu.openrouter.ai) is the residency optionProprietaryPass-through provider token prices with no per-token markup; 5.5% fee on credit purchases and a 5% BYOK fee after a free monthly allowance; enterprise by sales contact.

Last verified July 15, 2026 against each vendor's public documentation.

Capability shape vs Cloudflare AI Gateway

Each panel shows one alternative across the same ten capability axes (0–10); the dashed outline is Cloudflare AI Gateway for reference. The further a shape reaches on a spoke, the stronger that capability.

Portkey
INVSECOBSGWGRDCTNCMPEVLBLDSOV
Kosmoy
INVSECOBSGWGRDCTNCMPEVLBLDSOV
LiteLLM
INVSECOBSGWGRDCTNCMPEVLBLDSOV
Kong AI Gateway
INVSECOBSGWGRDCTNCMPEVLBLDSOV
Helicone
INVSECOBSGWGRDCTNCMPEVLBLDSOV
OpenRouter
INVSECOBSGWGRDCTNCMPEVLBLDSOV
dashed = Cloudflare AI GatewayINV AI Inventory & Discovery · SEC Security & Shadow AI · OBS Observability & FinOps · GW Gateway & Policy Control · GRD Guardrails & Runtime Safety · CTN Agent Containment · CMP Compliance & Audit · EVL Testing, Evals & Red-teaming · BLD Agent Building · SOV Deployment Sovereignty

The alternatives, one by one

01

Portkey

AI gateway & LLM-ops control plane

Portkey is an AI gateway and control plane for production AI — one API to 1,600+ models across 45+ providers, with observability, guardrails, prompt management and MCP/agent access control — acquired by Palo Alto Networks in May 2026.

The feature-rich upgrade. Portkey keeps the managed convenience but adds the depth Cloudflare lacks — 1,600+ models, 21+ observability metrics, prompt management, multi-engine guardrails, MCP and agent gateways — with SaaS, hybrid and air-gapped tiers.

Where it beats Cloudflare AI Gateway

  • A hybrid data-plane and a documented air-gapped tier, so the AI path can stay in your VPC or network — impossible on Cloudflare's edge.
  • MCP and agent gateways, RBAC, prompt management and far deeper observability than Cloudflare's analytics.
  • Model breadth (1,600+ across 45+ providers) versus Cloudflare's fixed provider integrations.

Where it falls short

  • Not free at scale: Cloudflare's core gateway is free, Portkey meters logged requests beyond the dev tier.
  • More to configure than Cloudflare's near-zero setup.
  • Post-acquisition roadmap uncertainty under Palo Alto Networks (public docs changelog stops April 2026, as of July 15, 2026).
Deployment: SaaS, hybrid (data plane in your VPC) or air-gapped (enterprise)Open source: MIT (gateway core); platform proprietaryPricing: Free dev tier; Pro from $49/mo; enterprise by quote
02

Kosmoy

AI management platform

A self-hosted control plane for enterprise AI: one inventory, one policy gateway, one audit trail and a containment sandbox for every model, agent and MCP server a company runs.

The sovereignty-and-governance answer. Where Cloudflare is edge-only, Kosmoy runs entirely in your own Kubernetes — single-tenant, air-gap capable — and adds the inventory, compliance evidence and agent containment an edge gateway does not attempt.

Where it beats Cloudflare AI Gateway

  • Deployment sovereignty is the widest gap on any comparison: Kosmoy's data path never leaves your infrastructure, versus Cloudflare's SaaS-only edge that is incompatible with Regional Services.
  • Compliance evidence: EU AI Act, ISO 42001 (aligned) and NIST AI RMF bundles from registry state plus gateway logs — Cloudflare documents none.
  • Inventory and containment: a master agent registry and kernel-enforced Action Capsule sandboxes, well beyond a routing proxy.

Where it falls short

  • Not free and not zero-ops: Kosmoy is enterprise-quoted software you run, versus Cloudflare's free managed edge.
  • No global edge network — latency depends on where you deploy it, not on 300+ Cloudflare data centers.
  • Overkill for a team that only needs basic routing and a spend cap.
Deployment: Self-hosted — single-tenant, your own Kubernetes (air-gap capable)Open source: ProprietaryPricing: Enterprise subscription; no self-service tier.
03

LiteLLM

Open-source LLM proxy & AI gateway

LiteLLM is BerriAI's open-source proxy and Python SDK that puts 100+ LLM providers behind one OpenAI-compatible API — with spend tracking, guardrails, MCP and A2A gateways, and an enterprise license that adds SSO, RBAC and audit logs on the same self-hosted deployment.

The open-source, self-hosted swap. LiteLLM gives you a gateway you control — 100+ providers, budgets, MCP and A2A gateways, air-gap support — as MIT-licensed software, the opposite of an edge SaaS.

Where it beats Cloudflare AI Gateway

  • Self-hosted anywhere, including air-gapped, so the data path stays in your infrastructure.
  • Free and open source (MIT), with a 53.6k-star community and weekly releases.
  • Broader provider coverage and MCP/A2A gateways Cloudflare does not offer.

Where it falls short

  • You operate it — no managed edge, no global network, no zero-ops story.
  • No AI inventory or compliance-evidence generation.
  • Enterprise features (SSO, RBAC, audit logs) require a quote-based license.
Deployment: Self-hosted (Docker, Kubernetes, Helm, Terraform) — air-gap supportedOpen source: MIT core; enterprise/ directory under a commercial licensePricing: OSS core free; enterprise license by quote (contact sales), with a free 7-day trial
04

Kong AI Gateway

AI gateway on the Kong API platform

Kong AI Gateway is the AI extension of Kong's API gateway: a plugin-based data path that proxies, secures, rate-limits, caches and observes LLM, MCP and agent-to-agent traffic — self-managed or via the Konnect SaaS control plane.

The API-platform consolidation. If AI traffic should ride the same self-managed gateway as your REST APIs, Kong governs LLM, MCP and A2A traffic on infrastructure you control.

Where it beats Cloudflare AI Gateway

  • Self-managed and air-gap-marketed deployment, versus Cloudflare's edge-only model.
  • MCP registry and GA agent-to-agent governance (3.14, April 2026) that Cloudflare has no equivalent for.
  • One operating model for REST and AI traffic if you already run Kong.

Where it falls short

  • Far more to operate than a free edge service — an API-platform product, not a zero-ops proxy.
  • Advanced AI plugins are Enterprise/Konnect-gated.
  • No AI inventory, compliance evidence or agent sandboxing.
Deployment: Konnect (SaaS control plane, customer-hosted data planes) or fully self-managed; air-gap marketed for EnterpriseOpen source: Apache-2.0 core (incl. ai-proxy); many AI plugins Enterprise/Konnect-onlyPricing: OSS gateway free; Konnect has free and self-serve tiers; Enterprise by quote — AI Gateway is not sold separately
05

Helicone

LLM observability platform with an AI gateway

Helicone is an open-source, developer-first LLM observability platform (traces, costs, prompts, experiments) with a lightweight Rust AI gateway and zero-markup cloud gateway — in maintenance mode since Mintlify acquired the company in March 2026, with feature development ended.

The observability-led option — but proceed with caution. Helicone pairs a lightweight Rust AI gateway with strong LLM observability and can be self-hosted, though it has been in maintenance mode since Mintlify acquired the company in March 2026, with feature development ended.

Where it beats Cloudflare AI Gateway

  • Self-hostable (Docker Compose, Helm), so the data path can stay in your infrastructure.
  • Deeper observability — traces, costs, prompts, experiments — than Cloudflare's analytics.
  • Open-source core (Apache-2.0) versus Cloudflare's proprietary edge.

Where it falls short

  • Maintenance mode since March 2026: fine for existing users, a real risk for new adoption — a bigger caveat than any Cloudflare limitation.
  • No air-gapped option documented, no MCP/agent gateway, no compliance evidence.
  • Smaller ecosystem and an uncertain future under new ownership.
Deployment: SaaS; full platform self-hostable (Docker Compose, Helm); no air-gapped option documentedOpen source: Apache-2.0 (main platform repo, ~5.9k stars)Pricing: Free Hobby tier (10k requests/month); Pro from $79/mo; Team $799/mo adds SOC 2 and HIPAA; gateway usage billed at provider cost (zero markup).
06

OpenRouter

Multi-model API marketplace / hosted LLM router

OpenRouter is a hosted API marketplace exposing 400+ models from dozens of providers behind one OpenAI-compatible endpoint, with provider routing and failover, data-policy controls (ZDR, no-training routing) and, since 2026, organization-level Workspaces and Guardrails.

The model-marketplace router. OpenRouter exposes 400+ models behind one endpoint with provider routing, failover and data-policy controls — a breadth play, still SaaS like Cloudflare.

Where it beats Cloudflare AI Gateway

  • Unmatched model breadth (400+) and provider optionality behind a single OpenAI-compatible API.
  • Data-policy controls (zero-data-retention and no-training routing) and organization Workspaces and Guardrails added in 2026.
  • EU in-region routing (eu.openrouter.ai) as a residency option.

Where it falls short

  • SaaS-only, like Cloudflare — no self-hosted or air-gapped deployment, so it does not solve the sovereignty problem.
  • No AI inventory, compliance evidence or agent containment.
  • A pass-through credit fee applies, where Cloudflare's core gateway is free.
Deployment: SaaS only; EU in-region routing (eu.openrouter.ai) is the residency optionOpen source: ProprietaryPricing: Pass-through provider token prices with no per-token markup; 5.5% fee on credit purchases and a 5% BYOK fee after a free monthly allowance; enterprise by sales contact.

Decision guide

You need the AI data path in your own infrastructureKosmoy or LiteLLM — self-hosted, air-gap capable
You want more gateway features but still managedPortkey — MCP/agent gateways, RBAC, deep observability, hybrid or air-gapped
Audit evidence (EU AI Act, ISO 42001) is the requirementKosmoy — inventory, compliance bundles and agent containment
You already run Kong for APIsKong AI Gateway — self-managed LLM/MCP/A2A on your own infrastructure
You want maximum model choice and can stay on SaaSOpenRouter — 400+ models, EU in-region routing option
Zero-ops routing and a spend cap are all you needStay on Cloudflare AI Gateway — free, fast, nothing to run

Questions buyers ask

Is Cloudflare AI Gateway good enough, or should I switch?

For zero-ops routing, caching, retries and spend control, it is genuinely one of the best options — free, fast, and backed by a public company. You should switch only when you hit one of its structural limits: you need the AI data path inside your own infrastructure (it is edge-only and incompatible with Regional Services), you need MCP/agent governance or an RBAC hierarchy, or you need AI inventory and compliance evidence. If none of those apply, staying put is the honest choice.

What is the best self-hosted alternative to Cloudflare AI Gateway?

For an open-source gateway you run yourself, LiteLLM (MIT, air-gap capable) is the most direct swap. For a governed, self-hosted platform in a regulated environment, Kosmoy runs single-tenant in your own Kubernetes — including air-gapped — and adds inventory, compliance evidence and agent containment. Kong and Portkey also offer self-managed or air-gapped deployments. All of these keep AI traffic off a third-party edge, which is the main reason teams leave Cloudflare.

Does Cloudflare AI Gateway keep my data in a specific region?

Not in the way regulated buyers usually mean. Cloudflare's own documentation notes that AI Gateway is incompatible with Regional Services, and the gateway runs on Cloudflare's global edge, so AI traffic transits Cloudflare's network rather than staying in a region or in your infrastructure. Teams with strict data-residency or sovereignty requirements typically choose a self-hosted gateway (Kosmoy, LiteLLM, Kong) or a SaaS with in-region routing (OpenRouter's EU endpoint).

Can Cloudflare AI Gateway help with EU AI Act compliance?

Only indirectly. Its logs and analytics are useful inputs, but it does not document EU AI Act, ISO 42001 or NIST AI RMF mapping, risk classification or evidence packs as of July 15, 2026, and its SaaS-edge model complicates data-residency arguments. Kosmoy generates those artifacts from its registries and gateway logs; on the current post-Digital-Omnibus timeline, high-risk obligations land December 2027 and August 2028, with Article 50 transparency from August 2, 2026.

Can I run Kosmoy and Cloudflare together?

Yes — they solve different problems. Some teams keep Cloudflare at the edge for caching and DDoS-resilient routing while Kosmoy provides the governance layer in their own infrastructure: inventory with risk tiers, compliance evidence, and containment for autonomous agents. Both are OpenAI-compatible, so applications can route through either surface depending on what each request needs.


Sources

Every factual claim about another vendor on this page traces to that vendor's own published material or a named third-party source below.

  1. Cloudflare AI Gateway documentation — accessed July 15, 2026
  2. Cloudflare Data Localization Suite — compatibility — accessed July 15, 2026
  3. Kosmoy AI Gateway — accessed July 15, 2026
  4. Kosmoy AI Compliance — accessed July 15, 2026
  5. AI Gateway pricing — accessed July 15, 2026
  6. Guardrails feature docs — accessed July 15, 2026
  7. Changelog — spend limits (June 5, 2026) — accessed July 15, 2026
  8. Changelog — unified REST API (May 21, 2026) — accessed July 15, 2026
  9. Blog — scaling AI Gateway to billions of logs — accessed July 15, 2026
  10. Blog — AI Security for Apps GA — accessed July 15, 2026
  11. Portkey open-source gateway repository — accessed July 15, 2026
  12. Portkey docs — what is Portkey — accessed July 15, 2026
  13. Portkey docs — plan & feature comparison (SaaS / hybrid / air-gapped) — accessed July 15, 2026
  14. Portkey docs — observability — accessed July 15, 2026
  15. Portkey docs — guardrails — accessed July 15, 2026
  16. Portkey docs — MCP gateway — accessed July 15, 2026
  17. Portkey pricing — accessed July 15, 2026
  18. Palo Alto Networks press release — Portkey acquisition completed (May 29, 2026) — accessed July 15, 2026
  19. Kosmoy Platform — accessed July 15, 2026
  20. Kosmoy Action Capsule — accessed July 15, 2026
  21. LiteLLM GitHub repository (stars, license, activity) — accessed July 15, 2026
  22. LiteLLM README (100+ providers, MCP/A2A, performance claims) — accessed July 15, 2026
  23. LiteLLM enterprise docs (features, SLAs, air-gap, pricing by quote) — accessed July 15, 2026
  24. LiteLLM release notes index (2026 releases) — accessed July 15, 2026
  25. Rust migration announcement (issue #31263, June 25, 2026) — accessed July 15, 2026
  26. Guardrail policy templates (incl. offline/air-gapped mode) — accessed July 15, 2026
  27. MCP deployment docs (registry, exposure controls, air-gap guidance) — accessed July 15, 2026
  28. litellm-agent-runtime (per-session VM coding-agent runtime) — accessed July 15, 2026
  29. Kong AI Gateway product page — accessed July 15, 2026
  30. Kong AI Gateway 3.14 release blog (Agent Gateway GA, A2A) — accessed July 15, 2026
  31. A2A support press release (PR Newswire, April 2026) — accessed July 15, 2026
  32. MCP Tool ACLs announcement (AI Gateway 3.13, January 2026) — accessed July 15, 2026
  33. Kong MCP Registry press release (February 2026) — accessed July 15, 2026
  34. Konnect LLM usage reporting docs — accessed July 15, 2026
  35. Kong EU AI Act positioning blog — accessed July 15, 2026
  36. Kong/kong GitHub repository — accessed July 15, 2026
  37. Kong pricing — accessed July 15, 2026
  38. Helicone main GitHub repo — accessed July 15, 2026
  39. Helicone AI Gateway repo (Rust) — accessed July 15, 2026
  40. Helicone pricing — accessed July 15, 2026
  41. Helicone — joining Mintlify (March 2026) — accessed July 15, 2026
  42. Mintlify acquires Helicone (March 2026) — accessed July 15, 2026
  43. Helicone cloud gateway / passthrough billing launch — accessed July 15, 2026
  44. OpenRouter FAQ (fees, data retention) — accessed July 15, 2026
  45. Provider routing docs — accessed July 15, 2026
  46. Guardrails announcement — accessed July 15, 2026
  47. Introducing Workspaces — accessed July 15, 2026
  48. Business Wire — $113M Series B, 25T tokens/week (May 26, 2026) — accessed July 15, 2026
  49. TechCrunch — OpenRouter valuation to $1.3B — accessed July 15, 2026

Need governance, not just a swap?

Kosmoy puts an inventory, a policy gateway and a containment sandbox around every AI your teams run — in your own Kubernetes.

Or email sales@kosmoy.com.