Capabilities
Use this section to understand what OngoingAI Gateway can enforce and observe in production traffic. You can use these pages to plan rollout order, configuration, and verification.
Use this section when
- You are planning a production gateway deployment.
- You need to map controls to security, reliability, and cost goals.
- You want a page-by-page path from capability overview to implementation.
Read in this order
- Gateway auth, RBAC, and key lifecycle for tenant access control.
- Routing and provider support for upstream path and provider behavior.
- Tracing and audit logs for request visibility and audit events.
- Analytics, cost, and token accounting for usage and spend reporting.
- Rate limiting and quotas for guardrails and abuse control.
- Storage backends and migrations for runtime persistence and upgrade safety.
- Streaming and reliability for low-latency stream behavior and failure semantics.
- Privacy and sensitive data handling for redaction and payload-risk controls.
- Integrations and exporters for integration planning.
Available capability areas
- Gateway authentication and authorization enforcement.
- Provider routing across OpenAI-compatible and Anthropic paths.
- Trace capture, audit events, and analytics endpoints.
- Request limits and daily usage quotas.
- SQLite and Postgres storage with startup migration behavior.
- Streaming pass-through with async trace-write isolation.
Expanding capability areas
- Privacy and sensitive-data handling policy depth.
- External integrations and exporter surfaces.
What you should understand after reading
- Which controls enforce access and tenant boundaries.
- Which controls affect latency and streaming behavior.
- Which controls govern storage, migrations, and operational risk.
- Which capability pages are implementation-ready versus planning-oriented.