Post

Kong A2A Agent Gateway

Kong extends its gateway to agent-to-agent traffic with the AI A2A Proxy plugin -- if you already run Kong for APIs, LLMs, and MCP, adding A2A routing keeps all traffic governance in one place.

Posted
By
2 min read
Kong A2A Agent Gateway

Kong extends its gateway to agent-to-agent traffic with the AI A2A Proxy plugin – if you already run Kong for APIs, LLMs, and MCP, adding A2A routing keeps all traffic governance in one place.

What It Is

Kong’s AI A2A Proxy plugin adds Agent-to-Agent (A2A) protocol awareness to Kong Gateway Enterprise. It detects A2A traffic, inspects it, and applies Kong’s full policy stack (auth, rate limiting, logging, guardrails) to agent-to-agent communication – the same way Kong handles REST, gRPC, and MCP traffic.

This is not a standalone agent gateway product. It is a plugin on the same Kong Gateway that handles your API, LLM, and MCP traffic.

Key Features

A2A Protocol Detection

Automatically detects A2A traffic via two methods:

  • REST binding: Detects A2A endpoints by path suffix and HTTP method
  • JSON-RPC binding: Detects by jsonrpc field in request body or A2A-Version request header

Non-A2A traffic passes through without overhead – no performance penalty for mixed traffic.

Agent Discovery & Routing

Route agent-to-agent requests to the correct target agent based on:

  • Agent Card metadata (capabilities, version)
  • Path-based routing
  • Header-based routing
  • Load balancing across agent replicas

Authentication & Security

Apply Kong’s full auth stack to A2A traffic:

  • Key authentication for A2A endpoints
  • JWT/OIDC validation
  • mTLS between agents
  • ACL-based access control (which agents can call which)

Observability

Full visibility into agent-to-agent communication:

  • Request/response logging for every A2A interaction
  • Prometheus metrics for A2A traffic
  • Distributed tracing (OpenTelemetry)
  • Cost and latency tracking per agent pair

Rate Limiting

Token-based and request-based rate limiting per agent, preventing runaway agent loops or cascade failures.

Architecture

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

Agent A
    |
    v (A2A protocol)
+--------------------------------------+
| Kong Gateway (Enterprise)             |
|                                       |
|  [AI A2A Proxy Plugin]              |
|    Protocol detection (REST/JSON-RPC)|
|       |                               |
|  [Authentication]                    |
|       |                               |
|  [Rate Limiting]                     |
|       |                               |
|  [Route to Target Agent]            |
|       |                               |
|  [Logging / Metrics]                |
+--------------------------------------+
    |
    v
Agent B (target)

Self-Hosting & Pricing

Same as all Kong AI features: enterprise license required. The A2A Proxy plugin is enterprise-only. If you already have Kong Enterprise, it’s included at no extra cost.

When to Use

Strong fit:

  • Already run Kong for API/LLM/MCP gateway – unified governance across all traffic
  • Need enterprise auth and rate limiting on agent-to-agent calls
  • Running multi-agent systems where agents communicate via A2A protocol

Weak fit:

  • No existing Kong deployment – too heavy for agent routing alone
  • Need open-source agent gateway without licensing cost – use agentgateway (Solo.io/LF)
  • Early experimentation with few agents – premature infrastructure

References

AI & Agents, AI Ops
agent-frameworks
This post is licensed under CC BY 4.0 by the author.