Kong Inc. has extended the ability of an artificial intelligence (AI) gateway it provides to centralize the management of Model Context Protocol (MCP) servers to now include additional governance, security and observability capabilities along with unveiling a developer portal through which developers can build, run, discover, and govern tools and applications based on MCP servers that are generated from application programming interfaces (APIs).
Additionally, Kong has added Volcano, an open-source software development kit (SDK), to simplify and accelerate the development of artificial intelligence (AI) agents based on MCP servers that are integrated via the Kong Konnect application connectivity platform. IT teams can also use an AI Integration Composer tool to discover, compose, and map API endpoints for MCP servers.
At the same time, Kong is also making it simpler to build APIs and manage connectivity using a KAi copilot it has added to Kong Konnect. That tool makes it simpler to, for example, proactively scan for policy violations and suggest automated remediations in addition to analyzing traffic to surface patterns, issues, and remediation recommendations.
Kong also announced that Kong Identity for securing APIs using Kong Konnect is available and that later this quarter it will add a Kong Event Gateway to manage real-time event streams to Kong Konnect.
Finally, Kong revealed that Konnect Service Catalog, now generally available, has been integrated with the API Gateway from Amazon Web Services (AWS) and Konnect Metering & Billing, powered by OpenMeter, is now available. Kong acquired OpenMeter earlier this year.
The overall goal is to provide organizations with a comprehensive approach to managing both API and AI agents, says Kong’s Marco Palladino. That’s critical because of the inherent interdependencies that exist between AI agents and the APIs they rely on to access data, he adds. “There is no AI without APIs,” says Palladino. “An agent without APIs is useless.”
Just as importantly, Kong Konnect provides an integrated framework for governing access to APIs and MCP servers. IT teams can centrally secure all MCP servers using a dedicated MCP OAuth 2.1 authentication plugin to validate tokens and apply consistent security policies, says Palladino.
Originally developed by Anthropic, MCP has emerged as a de facto standard for providing AI agents and applications access to data. Less clear is to what degree MCP servers might supplant legacy APIs, but for now MCP servers are relying on those APIs to surface data to AI agents. Kong is making a case for unifying the management of APIs and MCP servers to facilitate integration of agentic AI and legacy applications. That capability can then be extended to other emerging AI protocols, such as the Agent-2-Agent (A2A) protocol that is now being advanced under the auspices of the Linux Foundation.
Regardless of approach, the need for a more holistic approach to managing connectivity at the application layer is becoming apparent. In fact, organizations that approach that issue as a strategic imperative are much more likely to successfully deploy agentic applications, said Palladino. The challenge and the opportunity now is to determine how best to achieve that goal before thousands of AI agents are actually deployed in production environments.
