LangChain Launches LLM Gateway for Agent Runtime Governance

LangChain

Jun 7, 2026

LangChain launched LangSmith LLM Gateway, a runtime governance layer for AI agents. This gateway enforces cost limits and redacts sensitive data before requests reach LLM providers, integrating policy violations as traceable events directly within LangSmith for unified management.

LangChain introduced LangSmith LLM Gateway, a new runtime governance layer that sits between AI agents and the LLM providers they call. It enforces spend limits and redacts sensitive data like PII (Personally Identifiable Information) and secrets before requests reach the model. When a policy is triggered, such as a blocked request or redacted information, these events appear as traceable records within LangSmith.

Spend limit levels: Organization, workspace, user, API key
PII redaction types: Names, places, nationality, religion, political affiliation, ages
Secrets redaction types: US phone numbers, US SSNs, API keys, tokens, credentials
Setup: One-line base_url change
Supported providers: Anthropic, AWS Bedrock, Google Gemini, and others
Availability: Private beta

Running autonomous agents in production often leads to challenges like unexpected costs from runaway loops or the exposure of sensitive data to LLM providers. Existing solutions typically require integrating separate gateways and guardrails platforms, making it difficult to correlate policy enforcement with agent behavior. This update unifies governance with the agent development lifecycle, similar to how Vercel AI Gateway and OpenRouter offer centralized controls.

LangSmith LLM Gateway is available in private beta, with setup involving a one-line base_url change and policy configuration in the LangSmith UI. This allows teams to manage agent behavior, update system prompts, and re-evaluate against existing test sets without switching tools, providing real-time cost visibility and audit logging.

Create policy, Cost control policy, Organization, Total company ceiling, Workspace, Per workspace budget, User, Per user spend cap, API Key, Stop runaway agents, Policy name, Organization, LangChain Inc., Spend limit, $ / period, Period, Monthly, Hard Block when the limit is hit, The request is rejected by the Gateway before it is sent to the Provider. The agent receives an error., Policy prioritization, The most restrictive limit always wins. A user can never exceed their personal cap, their workspace cap, or the org cap., Cancel, Create policy — LangSmith Gateway policy configuration interface for managing organization, workspace, user, and API key spend limits.

LLM Gateway, Spend Limits, PII Redaction, Secrets Redaction, Agent, Request, Response, LLM Provider, Policy Events, LANGSMITH ECOSYSTEM, Traces, Full request and response history per policy event, LangSmith Engine, Identify problems, push fixes, build ground truth evals, Dashboards, Real-time spend and compliance review — LangChain LLM Gateway architecture showing request flow, policy enforcement, and integration with the LangSmith observability ecosystem.

View the full update on langchain.com

LangChain

@LangChain5d ago

Most governance tools live in their own consoles or dashboards. LLM Gateway lives in LangSmith. When requests are blocked or info is redacted, you get traceable events. See what your agents do, update system prompts or tool configs, re-evaluate against existing test sets, all in one place.

215

View on X

Still wondering? A few quick answers below.

LangSmith LLM Gateway is a runtime governance layer that sits between your AI agents and the LLM providers they use, enforcing policies before requests reach the models.

It offers spend limits at various organizational levels, PII and secrets redaction, real-time spend visibility, audit logging, and trace continuity within LangSmith.

The gateway detects and redacts sensitive data like PII and secrets from requests and responses before they reach the LLM provider or are written to a trace.

Policy violations, such as blocked requests or redacted data, surface as traceable events directly within the LangSmith platform, integrated with LangSmith Engine.

Setup involves changing your agent's base_url to the LangSmith Gateway endpoint, adding provider API keys to workspace secrets, and setting policies in the LangSmith UI.

Every HeadsUpAI update is written based on its original source and reviewed before it's published. Read our editorial standards →

Keep reading

LangSmith Sandboxes Enable Safe Agent Code Execution with MicroVMs

LangChain has made LangSmith Sandboxes generally available, providing kernel-isolated microVMs for AI agents. These environments allow agents to safely execute untrusted, model-generated code, enabling complex workflows without compromising infrastructure security. This shifts agents from answering questions to autonomously performing work in production environments.

OpenRouter Adds Centralized Guardrails to Govern Multi-Model AI Traffic

OpenRouterMay 30

OpenRouter Adds Centralized Guardrails to Govern Multi-Model AI Traffic

OpenRouter launched Guardrails, a suite of security and governance tools for managing budgets, data retention, and prompt injections across its unified API. By moving these controls to the routing layer, developers can enforce enterprise-grade safety and cost policies without rewriting code for individual model providers.

Cloudflare AI Gateway Adds Real-Time Spend Limits, Identity-Driven Budgets

Cloudflare4d ago

Cloudflare AI Gateway Adds Real-Time Spend Limits, Identity-Driven Budgets

Cloudflare's AI Gateway now offers real-time spend limits to control token costs across various AI providers. This update, combined with identity-driven budgets via Cloudflare Access, helps companies manage AI expenses and attribute usage to specific users or teams. It addresses the challenge of runaway bills and lack of visibility in enterprise AI deployments.

Oracle Launches Managed MCP Service for Governed AI Agent Database Access

Oracle DevelopersMay 24

Oracle Launches Managed MCP Service for Governed AI Agent Database Access

Oracle launched the OCI Managed MCP Service, a cloud-native gateway that connects AI agents to Oracle databases using the Model Context Protocol. This move shifts agentic data access from local developer tools to a managed enterprise environment with centralized identity and governance controls.

What is LangSmith LLM Gateway?

What governance capabilities does it offer?

How does it handle sensitive data?

Where do policy violations appear?

How is LangSmith LLM Gateway set up?

Keep reading

LangSmith Sandboxes Enable Safe Agent Code Execution with MicroVMs

LangSmith Sandboxes Enable Safe Agent Code Execution with MicroVMs

OpenRouter Adds Centralized Guardrails to Govern Multi-Model AI Traffic

OpenRouter Adds Centralized Guardrails to Govern Multi-Model AI Traffic

Cloudflare AI Gateway Adds Real-Time Spend Limits, Identity-Driven Budgets

Cloudflare AI Gateway Adds Real-Time Spend Limits, Identity-Driven Budgets

Oracle Launches Managed MCP Service for Governed AI Agent Database Access

Oracle Launches Managed MCP Service for Governed AI Agent Database Access

Keep reading

LangSmith Sandboxes Enable Safe Agent Code Execution with MicroVMs

LangSmith Sandboxes Enable Safe Agent Code Execution with MicroVMs

OpenRouter Adds Centralized Guardrails to Govern Multi-Model AI Traffic

OpenRouter Adds Centralized Guardrails to Govern Multi-Model AI Traffic

Cloudflare AI Gateway Adds Real-Time Spend Limits, Identity-Driven Budgets

Cloudflare AI Gateway Adds Real-Time Spend Limits, Identity-Driven Budgets

Oracle Launches Managed MCP Service for Governed AI Agent Database Access

Oracle Launches Managed MCP Service for Governed AI Agent Database Access