Integration

AI Integration for Kong Plugins

A developer-centric guide to building custom Kong plugins that call LLMs or AI services for use cases like JWT claim generation, request summarization, or PII redaction.

Get in touch Learn more

Strategy consultant facilitating AI use case discovery workshop, sticky notes on glass wall, casual corporate meeting.

A BLUEPRINT FOR INTELLIGENT API ORCHESTRATION

Where AI Fits in Kong's Plugin Architecture

Embed AI logic directly into API request/response flows using Kong's extensible plugin system for dynamic routing, content transformation, and security.

Kong's plugin architecture provides a native extension point to inject AI-powered logic at key stages of the API lifecycle. Instead of treating AI as a separate service, you can build custom Lua plugins that call external LLM APIs (like OpenAI or Anthropic) or internal model endpoints to perform tasks such as JWT claim generation, request/response summarization, PII redaction, or dynamic routing decisions. These plugins execute within Kong's high-performance runtime, allowing AI to act on live traffic with minimal latency, applying logic during the access, header_filter, body_filter, or log phases.

For production, this means deploying AI as a policy layer. For example, a custom ai-enrichment plugin could intercept a request to a customer service endpoint, call an LLM to extract key entities from the payload, and append them as headers for downstream microservices. Another plugin, ai-rate-limiting, could analyze request patterns in real-time using a lightweight model to dynamically adjust rate limits for specific API consumers, moving beyond static quotas. The implementation involves managing plugin configuration via Kong's Admin API or declarative YAML, ensuring AI logic is versioned, auditable, and can be rolled back like any other gateway policy.

Governance is critical. AI plugins should be designed with idempotency, fallback logic, and circuit breakers to handle model latency or failure. Use Kong's built-in capabilities for prometheus metrics, distributed tracing, and audit logs to monitor AI inference costs, latency, and accuracy. Roll out new AI plugins using Kong's canary release features via the proxy-cache or request-transformer plugins to split traffic, or use Kong Mesh for service-level deployment control. This turns your API gateway into an intelligent orchestration layer, where AI enhances existing workflows without requiring changes to your backend services.

A DEVELOPER'S GUIDE TO INJECTING LLM LOGIC

Kong Plugin Phases for AI Integration

Inject AI Logic Before Authentication

The access phase executes before the request is authenticated and forwarded upstream. This is the ideal place for AI-driven security and routing decisions that don't require full request context.

Key Use Cases:

Dynamic Authentication: Call an LLM to analyze request metadata (IP, headers, user-agent) and assign a risk score, dynamically choosing between standard OAuth and step-up MFA.
Intelligent Routing: Use a lightweight model to classify the intent of an incoming request (e.g., 'customer support query' vs. 'sales inquiry') and route it to different upstream services or model endpoints.
Bot Detection: Analyze request patterns in real-time against an AI model to identify and throttle non-human traffic before it consumes backend resources.

Implementation Note: Keep AI calls in this phase fast and stateless. Use caching for model responses to maintain low latency.

DEVELOPER-CENTRIC PATTERNS

High-Value AI Use Cases for Kong Plugins

Extend Kong's API gateway with custom plugins that inject AI logic directly into the request/response lifecycle. These patterns add intelligence without rebuilding your backend, enabling dynamic, context-aware API behavior.

Dynamic JWT Claim Generation

Inject a plugin that calls an LLM to analyze request context (IP, user-agent, payload) and generate custom JWT claims before the authentication policy executes. Use for risk-based access, tiered entitlements, or geo-specific permissions without modifying your identity provider.

Static → Contextual

Authorization model

Real-Time PII Redaction & Masking

Intercept outbound API responses, use an AI model to detect and redact Personally Identifiable Information (PII) based on the consumer's role and data privacy regulations. Maintain a single API endpoint while dynamically masking fields like SSN, email, or addresses for different downstream clients.

Compliance at the Edge

Data governance

Request Summarization for Audit Logs

Reduce log storage costs and improve analyst efficiency. A post-log plugin condenses verbose JSON/XML payloads into a natural-language summary before writing to your SIEM or audit trail. Capture intent ("User updated invoice #INV-1001 status to 'paid'") instead of raw data blobs.

80% smaller logs

Typical compression

AI-Powered Rate Limiting & Quotas

Move beyond static rate limits. A plugin analyzes real-time traffic patterns, user behavior, and upstream service health to dynamically adjust rate limits or queue priorities. Throttle suspected bots aggressively while allowing legitimate traffic spikes for trusted partners.

Adaptive Policies

Traffic management

Schema Validation & Intelligent Coercion

Enhance standard JSON schema validation. When a request fails validation, a plugin can call an LLM to suggest corrections, infer missing fields, or coerce malformed data into the expected format. Drastically reduce 400 Bad Request errors for partner integrations with loose standards.

Fewer support tickets

Developer experience

Content-Based Routing & A/B Testing

Route requests to different backend services (or AI model versions) based on an analysis of the request content. For example, route complex natural language queries to a premium LLM endpoint and simple lookups to a faster, cheaper model. Enable canary releases for AI services with Kong's traffic-splitting.

Intelligent Load Balancing

Traffic orchestration

KONG PLUGIN PATTERNS

Example AI-Enhanced API Workflows

These workflows demonstrate how custom Kong plugins can embed AI logic directly into the API request/response lifecycle. Each pattern is a production-ready blueprint for adding intelligence without rebuilding your API infrastructure.

Trigger: An incoming API request with a valid but basic JWT.

Plugin Action:

The plugin extracts the user's identity (e.g., user_id, email) from the existing JWT claims.
It calls an internal or external AI service (via a dedicated upstream) with the user context and the requested API endpoint.
The AI model analyzes the user's historical behavior, role, and the specific resource being accessed.
The model returns a set of dynamic claims (e.g., risk_score: 0.2, tier: "premium", allowed_operations: ["read", "write"]).

System Update:

The plugin injects these new claims into the JWT (or adds them as headers like X-AI-Context-Tier).
The enriched request is forwarded to the upstream service, which can now make fine-grained authorization decisions without additional database lookups.

Example Lua Snippet (Conceptual):

lua
-- In access phase
local user_id = kong.request.get_header("X-Authenticated-User-Id")
local ai_response, err = kong.http.client.post(
  "http://ai-enrichment-service/predict",
  { user_id = user_id, path = ngx.var.request_uri },
  { headers = { ["Content-Type"] = "application/json" } }
)
if ai_response then
  local claims = cjson.decode(ai_response.body)
  kong.service.request.set_header("X-AI-Risk-Score", claims.risk_score)
end

PLUGIN-BASED AI ORCHESTRATION

Implementation Architecture: Wiring AI into Kong

A production-ready pattern for embedding AI logic directly into Kong's request/response lifecycle using custom Lua plugins.

A Kong plugin is the primary extension point for AI integration, executing as a phase in the Kong Gateway's lifecycle (access, header_filter, body_filter, log). You deploy a custom Lua plugin that makes HTTP calls to an external AI inference endpoint (e.g., OpenAI, Azure AI, a private model). The plugin receives the current request context—headers, query parameters, and the request body—and can pass a transformed version to the AI service. The AI's response is then used to modify the upstream request, transform the downstream response, or trigger side effects like logging or alerting. This keeps AI logic co-located with your API gateway's routing, authentication, and rate-limiting policies.

Common implementation patterns include:

JWT Claim Generation: A plugin calls an LLM to analyze request context (IP, user-agent, payload) and dynamically inject custom claims into a JWT before the request is forwarded upstream.
PII Redaction: In the body_filter phase, a plugin streams the response body through an AI model to detect and mask sensitive data (names, account numbers) before the response is sent to the client.
Request Summarization: For audit logging, a plugin in the log phase sends a condensed summary of high-volume API traffic (e.g., IoT sensor data) to an LLM, writing only the insights to your logging system.
Dynamic Routing: A plugin uses an AI classifier on the request payload to determine the optimal upstream service or model version (e.g., routing to a fraud-detection-v2 service if the AI scores a transaction as high-risk).

For rollout, we recommend starting with a canary deployment using Kong's plugin precedence and consumer groups. Attach the AI plugin to a specific API route or a subset of API consumers (e.g., internal beta testers) and use Kong's built-in metrics and tracing to monitor latency added by the AI call and error rates. Governance is critical: ensure your plugin includes circuit breakers, timeouts, and fallback logic so API traffic continues to flow if the AI service is degraded. All AI-enhanced decisions should be logged with a correlation ID to Kong's audit trail, enabling explainability and compliance reviews. For managing multiple AI models, consider using Kong's service mesh capabilities (Kong Mesh) to deploy AI inference as a separate sidecar service, allowing for independent scaling and versioning.

AI-ENHANCED KONG PLUGINS

Code Examples: Lua Plugin Snippets

Dynamic JWT Claims with LLM Context

Inject AI-generated claims into JWTs based on request context, user behavior, or external data. This pattern is useful for adding fine-grained, context-aware authorization data without modifying upstream services.

Use Cases:

Adding risk scores from user session analysis.
Enriching tokens with user segmentation from CRM data.
Generating temporary, purpose-bound scopes for sensitive operations.

Example Lua Snippet:

lua
local http = require "resty.http"
local cjson = require "cjson"

local function add_ai_claims(conf)
  local ctx = ngx.ctx
  -- Extract relevant data from request
  local user_agent = ngx.var.http_user_agent
  local path = ngx.var.request_uri
  
  -- Call AI service (e.g., hosted LLM endpoint)
  local httpc = http.new()
  local res, err = httpc:request_uri(conf.ai_service_url, {
    method = "POST",
    body = cjson.encode({
      context = { user_agent = user_agent, path = path },
      task = "generate_jwt_claims"
    }),
    headers = { ["Content-Type"] = "application/json", ["Authorization"] = "Bearer " .. conf.api_key }
  })
  
  if not res then
    kong.log.err("AI service call failed: ", err)
    return nil
  end
  
  local claims = cjson.decode(res.body)
  -- Merge AI-generated claims into existing JWT payload
  ctx.authenticated_jwt.payload["ai_claims"] = claims
  return true
end

DEVELOPER WORKFLOW COMPARISON

Realistic Time Savings and Operational Impact

How custom AI plugins transform Kong gateway development and operations, from initial build to runtime management.

Metric	Before AI	After AI	Notes
Custom plugin development for JWT claim generation	Days of manual logic and testing	Hours of prompt engineering and validation	Replaces complex code with declarative AI calls
Request/response payload summarization for logging	Manual log parsing or custom summarizers	Dynamic summarization via plugin with configurable detail	Reduces log storage costs and accelerates debugging
PII detection and redaction in transit	Static regex patterns requiring constant updates	Context-aware detection using NLP models	Improves compliance coverage and reduces false positives
Dynamic routing decision based on content	Hard-coded rules or external service calls	In-gateway AI analysis for instant routing logic	Lowers latency and external dependencies
Plugin configuration and testing cycle	Manual unit and integration test suites	AI-assisted test generation and scenario validation	Accelerates deployment and improves test coverage
Runtime anomaly detection in API traffic	Post-hoc analytics dashboards	Real-time scoring and alerting within the data path	Enables proactive mitigation instead of reactive analysis
Operational support for plugin behavior	Manual log review and hypothesis testing	AI-generated explanations for plugin decisions	Reduces mean time to resolution (MTTR) for issues

OPERATIONALIZING AI AT THE API LAYER

Governance, Security, and Phased Rollout

Deploying AI logic within Kong requires the same operational rigor as any core business service.

Treat AI plugins as first-class API policies. This means managing them through your existing Kong configuration pipelines—whether using declarative config in YAML, the Admin API, or a GitOps workflow. Each plugin's configuration (e.g., the LLM endpoint, API key reference, prompt template, and temperature settings) should be version-controlled and deployed through your CI/CD system. For sensitive operations like generating JWT claims or redacting PII, implement strict RBAC on the Kong Admin API to control who can deploy or modify these plugins.

Security is multi-layered. At the network level, ensure your AI service calls (e.g., to OpenAI, Azure AI, or a private model endpoint) are routed through Kong's own egress controls and service mesh policies. At the credential level, never hardcode API keys in plugin configs; use Kong's vault integration or environment variables. For data privacy, implement a clear data flow: use plugins for orchestration (calling the AI service) but keep sensitive payload logging disabled at the Kong proxy level, relying instead on the AI service's own audit trails. Consider a pattern where a plugin first hashes or tokenizes sensitive fields before sending data to an external LLM.

Roll out in phases, starting with observability. Deploy a new AI plugin in a log-only mode first, where it executes the LLM call and logs the result but does not modify the request/response. This validates latency, cost, and output quality without impacting traffic. Next, move to a shadow mode on a canary route, comparing AI-generated outputs (like a request summary) against a control group. Finally, implement human-in-the-loop approval gates for high-stakes workflows; a plugin can be configured to route certain outputs to a review queue (via a webhook to Slack or ServiceNow) before the final API response is sent. This phased approach de-risks the integration and builds operational confidence.

Governance extends to cost and performance. Use Kong's built-in prometheus metrics or custom logging to track plugin execution time, token usage per API route, and error rates from the AI service. Set up alerts for latency spikes or quota exhaustion. For multi-tenant scenarios, use Kong's consumer groups and rate-limiting plugins to enforce fair usage and prevent a single client from incurring excessive AI inference costs. This operational model ensures your AI-enhanced Kong gateway remains reliable, secure, and cost-effective.

Enabling Efficiency, Speed & Accuracy

Intelligent Analysis, Decision & Execution

We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.

Talk to Us

Search across company data

Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.

Useful when people spend too long searching or get different answers from different systems.

Enterprise searchRAGPermissions

Automate internal workflows

Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.

Useful when repetitive work moves across multiple tools and teams.

AI agentsWorkflow automationGovernance

Add AI to products and internal tools

Build assistants, guided actions, or decision support into the software your team or customers already use.

Useful when AI needs to be part of the product, not a separate tool.

AI integrationDecision supportModel routing

AI INTEGRATION FOR KONG PLUGINS

FAQ: Technical and Commercial Questions

Practical answers for developers and architects building custom Kong plugins that call AI services. Covers implementation patterns, security, cost, and production rollout.

A production-ready plugin follows a stateless, resilient pattern:

Plugin Trigger: The plugin executes on a Kong phase (e.g., access, header_filter, log).
Context Extraction: The plugin pulls relevant data from the request/response (headers, body, JWT claims, URI path) using Kong PDK methods like kong.request.get_body().
AI Service Call: The plugin makes an HTTP call to an external AI service (OpenAI, Azure AI, Anthropic, or a private model endpoint). Crucially, this call should be non-blocking or have a strict timeout using kong.service.request or a coroutine-aware HTTP client to avoid gateway latency spikes.
Response Handling & Transformation: The AI response is parsed, validated, and used to modify the request (e.g., inject a synthesized JWT claim), transform the response body, or add diagnostic headers.
Error & Fallback Logic: The plugin must gracefully handle AI service timeouts, rate limits, or errors, often by skipping the AI step, using a cached value, or logging the issue for later analysis via Kong's logging plugins.

Example Payload to an LLM for Summarization:

lua
local body = kong.request.get_body()
local prompt = "Summarize the following API request payload for logging in one sentence: " .. body

local ai_response, err = kong.http.client.post("https://api.openai.com/v1/chat/completions", {
    headers = { ["Authorization"] = "Bearer " .. kong.vault.get("openai-key") },
    body = { model = "gpt-4o-mini", messages = {{ role = "user", content = prompt }} }
})

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.

Limited slotsGet a Free AI Consultation

How We Work

Custom AI workflows for your Business

One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.