Portkey adds guardrail checks

Portkey said on May 19 it had added new guardrail checks to its AI gateway, expanding the set of controls customers can apply before requests reach a model. The company described the update as a way to control model access, enforce request parameters and keep audit records at the gateway layer, according to its post and product documentation. Portkey sells infrastructure for routing, observability and governance across large language model deployments. Its gateway documentation says the product sits in front of model providers and applies routing and guardrail policies to inbound traffic. ### Which new checks did Portkey point to? Portkey’s May 19 post highlighted three controls: model access controls, parameter checks and audit logging. The company did not frame them as a new standalone product. It presented them as gateway-level governance features for teams that want tighter control over which models can be called and how requests are formed. The documentation closest to that description includes “Model Rules,” which checks the requested model before the request is sent upstream, and “Request Parameters Check,” which inspects the request body and enforces allow-or-block rules on tools, top-level request keys and specific parameter values. (docs.portkey.ai) Portkey says a failed rule can cause the gateway to deny or flag the request, depending on configuration. (docs.portkey.ai) ### What does “model access control” mean in practice? Portkey’s “Model Rules” documentation says administrators can define an allowed model list and block requests for models outside that list. The company also says those rules can be mapped dynamically using metadata such as customer tier, team or workspace, which lets organizations expose different model options to different groups. (docs.portkey.ai) That means a company using one gateway across multiple internal teams can set access policies without changing each application separately. Portkey’s gateway repository and product pages describe the gateway as a central layer for routing and governance across many model providers. ### What does the parameter check actually enforce? Portkey’s request-parameters documentation says the check can inspect declared tools, top-level parameter keys such as `temperature`, `stream`, `tools` and `logprobs`, and specific parameter values such as a named model or whether streaming is enabled. (docs.portkey.ai) The company says the check runs on input, before the request is sent, and returns a structured explanation if a rule is violated. (github.com) That gives platform teams a way to stop requests that do not match approved settings. In Portkey’s description, the control is deterministic rather than advisory: the gateway can block or flag the request based on the configured action. ### Where does audit logging fit into this? Portkey’s audit-log documentation says the feature records administrative activity across an organization, including who performed an action, on which resource and when. (docs.portkey.ai) The company lists security monitoring, compliance and troubleshooting as the main uses for those records. Audit logging is listed as an enterprise-plan feature in Portkey’s docs. (docs.portkey.ai) The company’s broader guardrails materials say customers can combine multiple checks across input and output traffic, though the request-parameter control described in this update is an input-only check. ### How does this fit into Portkey’s broader product? Portkey’s product pages say its AI gateway includes integrated guardrails and supports a large number of language, vision, audio and image models. (docs.portkey.ai) Its guardrails documentation says users can create checks for either prompts or model outputs and combine them into broader policies. The company’s changelog and MCP gateway documentation also show it is extending policy controls across adjacent parts of its platform. (docs.portkey.ai) One page says guardrails for Portkey’s MCP Gateway are “coming soon,” while the enterprise changelog lists recent work on output-guardrail execution and authorization checks. Portkey’s latest public documentation points users to its guardrails pages for setup and configuration, including the model-rules, request-parameters and audit-log sections cited in the May 19 announcement. (github.com) As of May 20, those pages were live in Portkey’s docs and product site. (docs.portkey.ai 1) (docs.portkey.ai 2)