Portkey AI Gateway: Features, Pricing, and Review
Portkey AI is an end-to-end LLM orchestration platform: a control plane that sits between your application and the dozens of model providers you might call. Instead of wiring up separate SDKs, auth schemes, and error handling for each provider, you route everything through one interface and add the production controls that real deployments need: routing, fallbacks, caching, observability, and guardrails. Portkey reports coverage of 1,600+ models across 40-45+ providers, though as you will see, that figure deserves a footnote.
This review covers what Portkey actually does, what its open-source gateway claims on performance, how its five product pillars fit together, what the guardrails and compliance posture look like, and what it costs as of June 2026. It also covers a piece of news that changes the calculus for any team evaluating Portkey today: the company has been acquired by Palo Alto Networks.
What Is Portkey?
Portkey is an LLM gateway, also called an AI gateway or a control plane. A gateway is a proxy layer that sits between your applications and many model provider APIs, exposing a single unified endpoint with AI-specific controls bolted on. Instead of talking directly to OpenAI, Anthropic, Google, and a dozen others through their individual SDKs, you point your code at Portkey and let it handle the differences in request formats, authentication, and error types behind the scenes.
Where Portkey positions itself is at the production-ready end of that category. The vendor describes it as an end-to-end LLM orchestration platform rather than just a router. The unified endpoint is the foundation, but the pitch is everything layered on top of it: visibility into what your models are doing, controls on what they are allowed to output, governance over who can spend what, and a place to manage prompts as versioned assets. That is the difference between a thin proxy and a control plane.
Practitioner note: The reason gateways exist is provider churn. Models, prices, and rate limits change constantly. A gateway centralizes your credentials, retries, and billing in one place so that switching a model is a config change, not a code rewrite. The tradeoff is that you are now routing every request through one more system, so its uptime, latency, and security posture become yours to worry about.
Model Coverage
The headline number Portkey leads with is 1,600+ models spanning language, vision, audio, and image generation, sourced from 40 to 45 or more providers. That breadth is the core selling point of any gateway: the more providers you can reach through one interface, the less switching cost you carry when a better or cheaper model appears.
Here is the footnote that figure deserves, and it is the kind of thing a careful buyer should know. Portkey's own documentation is not internally consistent on the count. The gateway repository and product pages cite 1,600+ models, but the introductory documentation in other places says "over 250 AI models." Both numbers come from Portkey's own materials. We are reporting the discrepancy rather than papering over it, because it tells you something useful: the precise model count is approximate and changes as providers are added or recategorized. Treat it as "very many, growing" rather than an exact, auditable total.
For most teams the exact number matters less than whether the specific providers and models you depend on are covered. Before committing, check that your current and likely-next models are in the catalog, and confirm whether each is reachable through the open-source gateway or only through the hosted control plane.
Practitioner note: A large model count is a convenience, not a guarantee of quality or stability for any single model. Routing breadth solves portability. It does not solve the reliability of the underlying provider, which is still subject to that provider's own rate limits, outages, and policy changes.
The Open-Source Gateway
The piece of Portkey that earns the most attention from engineers is the open-source gateway, published in the Portkey-AI/gateway repository. This is the routing engine that the hosted product is built on, and you can run it yourself. For teams that want the unified-endpoint, fallback, and routing behavior of a gateway without sending traffic through a third party, a self-hostable core matters.
Portkey publishes a set of performance numbers for that gateway. The vendor reports sub-1ms latency added by the gateway, a 122kb footprint, and throughput of 10 billion or more tokens per day. Read those as vendor-reported figures: they describe the proxy's own overhead under Portkey's testing conditions, not the end-to-end latency you will see, which is dominated by the model provider you call.
There is one moving part to track here. Portkey has stated that its core enterprise gateway is merging into the open-source project as part of Gateway 2.0. That release is pre-release at the time of writing. The practical implication: do not plan around Gateway 2.0 capabilities as if they are shipped and stable. Build against what the current open-source gateway does today, and treat the merged enterprise features as a roadmap item to confirm before you depend on them.
The Five Product Pillars
Portkey organizes its platform around five pillars. The AI Gateway is the foundation; the other four are the production layer that distinguishes a control plane from a plain router. Understanding how they fit together is the fastest way to judge whether Portkey matches your needs or overshoots them.
The honest read: if all you want is provider portability and fallbacks, the gateway pillar alone, self-hosted, may be enough. The other four pillars earn their cost when you have multiple teams, real compliance obligations, and a need to see and govern what your models do. Match the pillars you pay for to the problems you actually have.
Guardrails & Compliance
Guardrails are checks that sit on the request path to enforce what goes into and comes out of a model. In Portkey's framing, that means catching sensitive data before it leaves your environment, filtering disallowed content, and applying policy rules consistently across every provider you call. Portkey reports 50 or more pre-built guardrails, so you compose from a library rather than writing each check from scratch.
One honest caveat on that number: Portkey's gateway repository describes the count as 40 or more in places, while the product site cites 50 or more. The spread is small and the figure is vendor-reported, so read it as "several dozen, expanding" and verify which specific guardrails you need are present rather than anchoring on the exact total.
On the compliance side, Portkey claims SOC2, HIPAA, GDPR, and CCPA alignment. These are meaningful signals for regulated buyers, but treat them as claims to verify, not as a substitute for your own due diligence:
- SOC2 and HIPAA typically apply to specific product configurations, most often the Enterprise tier with VPC hosting. Confirm which tier and deployment model the attestation covers before assuming your setup qualifies.
- GDPR and CCPA are about how data is handled and what rights you and your users retain. A gateway processes prompts and responses, so where logs live and how long they are retained directly affects your obligations.
Practitioner note: A gateway is a high-value chokepoint by design. It brokers your provider credentials and sees every prompt and response. That is exactly why guardrails and compliance posture matter here more than in a typical application component: a misconfiguration or compromise at this layer has broad blast radius. Request the current compliance documentation directly and map it to your own controls before routing regulated data.
Pricing
Portkey lists three tiers. The figures below are vendor-reported and verified on 2026-06-09. Gateway pricing moves quickly, so confirm current rates on Portkey's pricing page before you budget against them. The thing to notice across the tiers is that what you pay for is mostly log volume and retention, not raw request throughput.
A detail worth flagging on the free tier: logging stops once you pass the 10,000-log limit, but your requests are not blocked. You keep routing; you just lose the observability records beyond the cap. That is a reasonable default for evaluation, but it means the free tier is best understood as "full gateway, limited visibility" rather than a hard request ceiling. The Developer tier also keeps metrics for 30 days even though full logs are retained for only 3, and the Production tier extends those to 90-day metrics and 30-day logs.
The Palo Alto Networks Acquisition
The most consequential thing to know about Portkey right now is not a feature. It is ownership. Portkey's own site states that Palo Alto Networks has completed the acquisition of Portkey. For anyone evaluating the product, that changes the question from "is this a good gateway?" to "is this a good gateway, and where is it heading under a large security vendor?"
An acquisition like this cuts both ways, and an honest review should name both directions rather than spin one of them:
The practical advice is the same advice that applies to any gateway evaluation, just with more weight here: confirm the current pricing, the licensing of the open-source gateway, and the product direction directly with the vendor before you build a dependency on it. The acquisition is a reason to verify, not a reason to dismiss. Portkey's technical fundamentals, the unified endpoint, the routing, and the guardrails, are unchanged by who owns the company.
Frequently Asked Questions
What is Portkey AI Gateway used for?
Portkey is used to route, observe, and govern traffic to many LLM providers through one interface. Teams use it to add fallbacks and caching, to log and trace every request, to apply guardrails such as content filtering and data masking, and to enforce budgets and access controls across multiple teams. It is the production layer that sits between your application and the models you call.
How much does Portkey cost?
As of June 2026, Portkey lists a free Developer tier (10,000 logs per month, 3-day log retention), a Production tier at $49 per month (100,000 logs per month, 30-day log retention, plus $9 per additional 100,000 requests), and a custom-priced Enterprise tier that adds SSO, VPC hosting, custom retention, HIPAA and SOC2, and RBAC. Pricing changes often, so confirm current rates on Portkey's pricing page.
How many models does Portkey support?
Portkey reports 1,600+ models across 40 to 45 or more providers, covering text, vision, audio, and image. Note that its introductory documentation elsewhere says over 250 AI models. Both figures come from Portkey's own materials, so treat the count as vendor-reported and approximate, and check the live catalog for the specific models you need.
Is there an open-source version of Portkey?
Yes. The core routing engine is published as an open-source gateway in the Portkey-AI/gateway repository, and Portkey reports sub-1ms added latency, a 122kb footprint, and 10 billion or more tokens per day in throughput for it (vendor-reported figures). Portkey has also said its enterprise gateway is merging into the open-source project in Gateway 2.0, which is pre-release, so confirm what is shipping before depending on it.
Who owns Portkey?
Portkey's own site states that Palo Alto Networks has completed its acquisition of the company. For buyers, the practical implication is to verify current pricing, open-source licensing, and product roadmap directly with the vendor, since acquisitions can reshape all three over time.
Video Resources
Go Deeper
Resources from across Tech Jacks Solutions
LLM Gateways Hub
Compare every gateway: Portkey, LiteLLM, OpenRouter, and more
AI Threat Landscape
Why a credential-brokering layer is a high-value target
FREEAgentic AI Compliance Assessment
Compliance checklist for autonomous agent deployments
PREMIUMPre-Deployment Safety Gate
27-point checklist before any AI tool goes live
IAPP AIGP Certification
The AI governance certification for privacy professionals