v1.0 Feature catalog

Everything in the box.

The full feature surface of PromptGate v1.0 — Community Edition. No paywalls, no feature gates.

Coming soonComing soon Documentation ↗

ROUTING & RUNTIME

Smart routing across every model

Keep client code simple. Make the gateway smart.

OpenAI-compatible wrapper

Drop-in /v1/chat/completions, /v1/models, /v1/embeddings. Use any OpenAI SDK; route by `provider:model`.

Anthropic Messages API

Native /v1/messages so Claude Code and Anthropic SDKs route through PromptGate via ANTHROPIC_BASE_URL.

OpenAI Responses API

Native /v1/responses for Codex CLI and the agentic OpenAI surface. All four input forms supported.

YAML routing rules

Per-endpoint rules pick provider/model based on input_tokens, schema presence, monthly_spend_pct, time_of_day. First-match wins; no match → endpoint default.

API Gateway proxy

Proxy any HTTP API behind a PromptGate token — method allowlist, header injection, OAuth-token injection, SSRF guard, audit. The upstream credential never leaves the gateway.

Wrapper aliases & presets

`model: "smart"` → whatever you decide. Aliases carry their own system prompts, temperature, top_p, max_tokens — OpenRouter-style presets.

Failover chain

Per-endpoint secondary credentials kick in on 5xx or rate-limit. Transparent to the client; logged with the routing decision.

OBSERVABILITY

See every request, every dollar

Live logs

Real-time stream with filters (`status:error provider:openai model:"gpt-4o"`). Replay any logged request through the current endpoint config.

Metrics dashboard

KPIs (req/sec, p95, error rate), per-provider traffic, top endpoints, daily token charts.

Cost dashboard

$ spend by provider / endpoint / token, 30-day trend, "saved by cache" block, cache hit %. Driver-aware SQL works on SQLite + Postgres.

Anomaly alerts

Every 5 min, MAD-based detector watches error_rate / p95 latency / spend. Webhook fires when current > median + 3.5×MAD.

Audit log

Every admin action recorded with actor, target, severity, IP, metadata. Daily prune by edition retention policy.

Endpoint evals + diff

JSON goldensets attached to endpoints. Run after every config change; diff shows regressed / fixed items vs the previous run.

SECURITY & GUARDRAILS

Keep sensitive data on your side

Reversible PII redaction

Tokenize emails / phones / IBANs / SSNs / IPs / custom regex before the LLM call. Restore on response. The LLM sees `[[EMAIL_001]]`; your user sees the real value.

Secret scanner

18 well-known credential patterns (AWS, GitHub, Slack, OpenAI, Stripe, JWT, private keys, …). Block-mode rejects; redact-mode tokenizes.

Connect GitHub, Linear, Stripe, Slack, Notion, or any OIDC provider once — PromptGate stores the encrypted tokens, refreshes them before they expire, and injects the right `Authorization` header on every proxied request. Apps never see access_token.

No default credentials

Fresh installs ship with no admin account. The first browser visit hits a setup wizard that creates the operator with their chosen email and a 12-character minimum password. Zero-day-CVE class of "default admin/admin" gone by design.

API token lifetimes

Every minted token gets an `expires_at` — defaults are 365d for live tokens, 90d for test. Expired tokens are rejected at the auth layer; the rotation flow takes one API call.

PII filter

Regex + LLM-contextual detection. Mask or block per project. 14 detector types with custom-pattern slots.

Prompt injection filter

Built-in patterns catch jailbreak attempts in the user content. Block at the gateway before the LLM sees them.

SSRF guard

Upstream URL validator on API Gateway proxies AND webhook delivery, MCP gateway, OAuth token URLs. Blocks loopback, RFC1918, link-local, cloud metadata.

Encrypted credentials at rest

Provider API keys, OAuth tokens, MCP server tokens, webhook signing secrets — all encrypted with the Laravel APP_KEY you control.

EGRESS / AGENT PROXY

Coding agents, behind one gate

Agent Proxy project type

A wrapper-style project framed for Claude Code / Codex / Cursor / Aider. Setup wizard renders env-var snippets per tool.

Connected-agents detection

Inferred from gateway_logs request bodies. The Setup page shows "12 Cursor / 8 Claude Code / 4 Aider" without manual instrumentation.

Per-developer tokens

Mint pg_live_* tokens per user via the Management API; each carries its own scopes, budgets, rate limits.

Streaming on every shape

stream:true returns native SSE — Anthropic events for /v1/messages, Responses events for /v1/responses, Chat Completions chunks for /v1/chat/completions.

DEVELOPER SURFACE

Talk to it the way you already do

Tool / function calling

Pass `tools` + `tool_choice`; get a normalized tool_calls array regardless of provider. OpenAI ↔ Anthropic shape translation built in.

Embeddings

OpenAI-compatible /v1/embeddings on the wrapper. OpenAI / Mistral / Groq / Together / Ollama / Cohere supported; rest return clean 400.

Sessions

Server-side conversation state with TTL, max-messages, max-tokens. Session UUID flows transparently through the gateway.

JSON Schema validation

Optional input + output schemas per AI Gateway endpoint, enforced via justinrainbow/json-schema. 422 on invalid output.

MCP Server bridge

Expose any AI Gateway endpoint as an MCP tool — agents call your endpoints via JSON-RPC at `POST /api/{uuid}/mcp`.

MCP Gateway aggregator

Aggregate every upstream MCP server your team uses behind one JSON-RPC endpoint. Tool names are namespaced per upstream; auth and SSRF guard apply once at the gateway.

Replay from logs

Click any logged request, edit the body, run again through the current config. Linked via parent_request_id; audited.

OPERATIONS

Built to run, not to tinker

Endpoint versioning

Every endpoint save snapshots the config. Diff against any previous version; restore creates a new version (append-only history).

Response cache

Per-endpoint exact-match cache with TTL. sha256 over messages + options + provider. Auto-invalidates when config changes the key.

Budgets

Per-endpoint per-request token cap + monthly USD budget. 422 before the provider call; null = unlimited.

Rate limits

Per-endpoint per-minute and per-hour caps. 429 + Retry-After header on breach. Cache-driver agnostic.

Webhooks

HMAC-SHA256 signed delivery for 24 events (token.created, endpoint.anomaly, etc.). Per-event subscription; delivery log.

Backup & restore

One-click ZIP with manifest.json + per-table JSON dumps. Encrypted columns export as ciphertext; restore with the same APP_KEY.

Still missing something?

Open an issue on GitHub or drop us a line. We're shipping fast.

Coming soonComing soon Contact us