AI Governance & Provisioning Portal

A unified portal to assess compliance, explore controls, and deploy your AI Gateway.

Real product. Real API. Sample story. This portal runs top to bottom: Step 1 opens on a fictional company (“Northwind Retail”) so you can see what good AI governance looks like, Step 2 walks you through pixel-perfect snapshots of the actual dashboard, and Step 3 is where it gets real, connect your own account (or spin up a fresh preview account) and deploy the entire governance stack in about a minute. Everything on display is a shipping Cloudflare AI Gateway feature, not vaporware. Once you’re connected, a Your Connected Account switch lights up in Step 1, flip it and the sample numbers are instantly replaced by your own live telemetry, straight from the API.
Step 1 · AI Portfolio Governance (Q&A)

These are illustrative sample figures. Connect your account in Step 3 and a live-data switch appears right here.

How many sensitive-data leaks were blocked this month?
3,687 confidential exposures prevented

DLP policy logs show 3,687 attempts to upload credentials, source code, financial figures, and PII to external models were blocked. Hitting any unmonitored endpoint risks significant compliance liability.

How many unsafe prompts were stopped?
1,182 unsafe prompts blocked

Guardrails scanned all prompts, blocking 1,182 requests targeting jailbreaks (558), PII (376), hate speech (133), and violence (97) before they reached the model.

What is our overall policy coverage and risk?
29% of active AI apps fully governed

Only 2 of our 7 sanctioned AI applications have all security controls active. We've identified 2 High-risk applications (including our HR resume screener) running with Logging, Auth, and DLP completely disabled.

ApplicationRiskDLPGuardrailsAuthLogging
northwind-support-copilotLimited
checkout-rag-assistantLimited
hr-resume-screenerHigh
How much AI spend was avoided?
$890.82 saved via automated caching

Our support copilot served 37.7% of its total requests directly from the edge cache, avoiding $890 in billing. One team (Returns) has reached 95% of its monthly budget, triggering a predictive threshold alert.

How do we prevent model downtime or split traffic intelligently?
100% active fallback resilience

Using Dynamic Routing, we split traffic based on user context (e.g. sending C-Level users to Claude 3.5 Sonnet and routing standard queries to Workers AI). If the primary provider experiences an outage, AI Gateway automatically fails over to an active fallback, preserving 100% uptime for end-user applications.

Are we monitoring the quality of our AI responses?
91.4% average response score (evaluated)

By leveraging the evaluations API (patchLog()), our applications capture thumbs up/down feedback and model-as-a-judge score ratings (0–100) directly on our gateway logs. This helps us track prompt drift, monitor response degradation, and build evidence for model selection decisions.

Can we audit connected servers and agentic tools?
Active MCP Server Portal logging

Every tool called by an autonomous AI agent is logged in our Model Context Protocol (MCP) Server Portal, attributing activity to specific user email identities. Failed calls, schema syncs, and upstream latencies are fully logged, and outbound agentic requests are scanned by Cloudflare Gateway and DLP to prevent data exfiltration via third-party tools.

Step 2 · Interactive Product Walkthrough

Explore the real dashboard

Step through the actual Cloudflare AI Gateway interface. See how logs, analytics, guardrails, and dynamic routing work in a structured, guided walkthrough over realistic snapshots.

Step 3 · Instant Self-Provisioning
3

Deploy AI Gateway on your account Disconnected

Deploy a live AI Gateway (ai-control-plane-demo) directly on your account. Includes pre-configured budgets, caching, and safety rules.

Don't have a Cloudflare account? You'll need one either way, even the temporary sandbox must be claimed into a Cloudflare login. Sign up in 30 seconds; AI Gateway and Workers AI are enabled by default, no card required.
Opens Cloudflare with permissions and a 24h expiry pre-filled.
API Token permissions pre-filled:
AI Gateway: Edit · Workers AI: Edit · Zone: Read · Account Settings: Read · Expires: 24h
Your token stays private. It is held only in this browser tab's memory and sent over HTTPS solely to run the Cloudflare actions you trigger here. It is never written to disk, never logged, and never stored on our servers. Close or reload the tab and it is gone.

Prefer not to paste a key into someone else's site? This portal is fully open source. Run it yourself from github.com/kai-cloudflare/ai-control-plane-demo — run it locally, deploy it as a Worker on your own account, or spin up a fresh preview account, all from the repo. When you run it locally your token never leaves your machine.