$5 free credits when you sign up
Vs Portkey

Same AI gateway capability, without the feature gating.

Credit-based billing, built-in guardrails, and zero BYOK on every plan. Nemo Router holds all provider keys, so your team trades a virtual-key header dance for a single OpenAI-compatible base URL. Every claim below about Portkey cites its public docs and is dated.

Start free — no credit cardBook a demo
vs · portkey · verified May 2026

What changes on day one

Provider keysWe manage all
Portkey modelBYOK
Credit-based billingStripe built-in
Guardrails / SSO / AuditEvery tier
Feature gatingNone
Per-key + per-team budgetsHard caps
Tier 3 · 0%No BYOKGDPRDPA
Tier 3 platform fee
0%

Annual prepay ($1,200+/yr) — charged on top, not carved out

Provider keys to manage
0

We hold every credential — no BYOK

Paywalled features
None

Every feature on every tier

Migration time
< 5 min

Drop the virtual-key headers — base URL only

Compliance posture — stated honestly, not overclaimed

  • SOC 2 Type IIIn progress
  • ISO/IEC 27001In progress
  • GDPRActive
  • HIPAAAvailable
  • PCI DSSAvailable
  • Data residencyActive

Our underlying infrastructure (Cloud Run, Supabase) is SOC 2 Type II and ISO 27001 certified. Nemo Router's own SOC 2 Type II audit is in progress. Full detail and downloadable artifacts live on the Trust Center.

Side by side

The capability matrix

Both gateways serve OpenAI-compatible APIs. The differences are pricing philosophy, feature gating, and provider-key ownership. Every marker is sourced below.

Comparison · sources verified May 2026

CapabilityNemo RouterPortkey
Platform feeMarkup added on top of provider cost
0 % – 4 %0 % – 4 %7
Usage-basedUsage-based1
Provider key managementWho holds the provider credentials
Fully managed (no BYOK)Fully managed (no BYOK)7
BYOK requiredBYOK required2
OpenAI-compatible API
Included
Included
Built-in guardrailsPII, prompt injection, content filter
Included7
Plan-dependentPlan-dependent3
Role-based team managementOwner / admin / member / viewer
4 roles, every tier4 roles, every tier7
Advanced RBAC on EnterpriseAdvanced RBAC on Enterprise4
SSO / SAML
Every tierEvery tier7
Enterprise planEnterprise plan4
Audit logs
Every tierEvery tier7
Enterprise planEnterprise plan4
Built-in credit billingStripe-backed credit ledger with reserve + settle
Included
Not available5
Per-team & per-key budgetsHard spend caps enforced in the request path
Hard caps, every tierHard caps, every tier7
Rate limits documentedRate limits documented5
Observability suiteLogs, latency percentiles, callbacks
Built-in, every tierBuilt-in, every tier7
Available, plan-dependentAvailable, plan-dependent5
Prompt managementVersioned templates + A/B variants
Templates + versioningTemplates + versioning7
Prompt library / playgroundPrompt library / playground5
Feature gating by tierAre core features paywalled?
Not available7
Included4
Contractual uptime SLA
99.9 %99.9 %7
Enterprise planEnterprise plan6
IncludedNot availableNot applicablenSourced footnote below

Sources & methodology

Competitor rows reflect each vendor's publicly documented plans and docs as last checked in May 2026; each cell links the specific source. Where a competitor's pricing or plan structure is not public, the cell describes the structure rather than quoting a figure — we never invent competitor pricing. Found something out of date? Email sales@nemorouter.ai and we'll correct it.

  1. Portkey publishes a usage-based / per-request gateway price with paid plans layered above a free tier. The fee structure is documented; specific figures are not quoted here because they vary by plan. Portkey pricing tiers · Portkey pricing page · verified May 2026
  2. Portkey operates on a bring-your-own-key model: you provision, rotate, and audit each provider credential. Virtual keys abstract usage but the underlying provider accounts remain yours. Portkey (all plans) · Portkey docs — virtual keys · verified May 2026
  3. Portkey documents guardrails as a product capability; availability of specific guardrail checks and the volume allowance vary by plan tier. Treat the cell as "available, plan-dependent" rather than "free". Portkey Pro / Enterprise · Portkey docs — guardrails · verified May 2026
  4. Portkey documents SSO/SAML, advanced RBAC, and audit logging as Enterprise-plan capabilities rather than features available on the free or entry paid plan. Portkey Enterprise · Portkey pricing — Enterprise plan · verified May 2026
  5. Portkey provides usage analytics and cost observability. It does not ship a built-in customer billing / credit ledger — teams wire up billing themselves. Portkey (all plans) · Portkey docs · verified May 2026
  6. Portkey publishes uptime targets for its paid/enterprise plans. A contractual SLA percentage is associated with higher tiers rather than the free plan. Portkey Enterprise · Portkey site · verified May 2026
  7. Nemo platform fee is charged on top of provider cost, never deducted from purchased credits. Every product feature ships on every tier — tiers differ only on fee percentage and RPM/TPM guarantee. Nemo Router pricing · Nemo Router pricing page · verified May 2026
Feature by feature

The honest, line-by-line breakdown

Eight capabilities, compared in plain English — including where Portkey is genuinely a peer. Drop this straight into an internal RFP.

Pricing philosophy & feature gating4

Edge: Nemo Router

Nemo Router

Every product feature ships on every tier. Tiers differ on exactly two axes — the platform-fee percentage (4% / 2% / 0%) and the RPM/TPM guarantee. Guardrails, SSO, audit logs, and budgets are never behind a paywall.

Portkey

Portkey uses a tiered model: a free plan, paid plans, and an Enterprise plan. Advanced RBAC, SSO/SAML, and audit logging are documented as Enterprise-plan capabilities — core governance scales with the plan, not just with usage.

Bottom line: If your team needs SSO or audit logs without negotiating an Enterprise contract, Nemo includes them from Tier 1. Portkey gates them.

Provider keys — BYOK vs fully managed2

Edge: Nemo Router

Nemo Router

We hold every provider credential across 1 provider cloud today. You get one NEMOROUTER_API_KEY and never provision, rotate, or audit an upstream provider account.

Portkey

Portkey operates on bring-your-own-key. You provision, rotate, and audit each provider credential. Virtual keys abstract usage, but the underlying provider accounts remain yours to manage.

Bottom line: If you want to keep your own provider contracts, Portkey's BYOK is a feature. If you want zero provider-account management, Nemo's fully-managed model removes that operational tax.

Billing & cost control5

Edge: Nemo Router

Nemo Router

A Stripe-backed credit ledger with atomic reserve-and-settle. Every call deducts in real time, every failure releases the reservation, and per-key / per-team / per-org budgets are hard caps enforced before a request leaves the gateway.

Portkey

Portkey provides usage analytics and cost observability but does not ship a customer-facing billing or credit system. Teams wire up billing and enforcement themselves.

Bottom line: Nemo turns spend control into an enforced product surface; on Portkey it is a reporting layer you build the enforcement around.

Guardrails & content safety3

Edge: Nemo Router

Nemo Router

Content filtering, PII detection/redaction, and prompt-injection detection run in the request path on every tier — pre-call, during-call, post-call — scoped per org, team, or key. No volume tier, no add-on.

Portkey

Portkey documents guardrails as a product capability, but the available checks and volume allowance vary by plan tier. Treat it as available-but-plan-dependent rather than free.

Bottom line: Both products ship guardrails. On Nemo every check is available on every tier; on Portkey the depth depends on which plan you are on.

Teams, roles & tenant isolation4

Edge: Nemo Router

Nemo Router

Org → team → member with four roles (owner / admin / member / viewer) and granular permissions for keys, spend visibility, and guardrails. Multi-tenancy is enforced in Postgres with row-level security — cross-org reads are physically impossible.

Portkey

Portkey offers RBAC, with advanced role controls documented on its Enterprise plan. Team structure scales with the plan tier.

Bottom line: Nemo gives every tier the full role model and RLS-backed isolation; Portkey reserves advanced RBAC for Enterprise.

Observability5

Roughly even

Nemo Router

Request logs, cost tracking per model/team/key, P50/P95/P99 latency, error-rate monitoring, and callbacks to Langfuse / Datadog / S3 / Slack — included on every tier, with org-level data-policy controls.

Portkey

Portkey is observability-first and ships a strong analytics surface. Some observability depth is associated with higher plan tiers.

Bottom line: Observability is genuine common ground — both are strong here. The difference is Nemo does not tier it.

Prompt management5

Roughly even

Nemo Router

Versioned prompt templates with deterministic A/B variants and evals, opted into per request via a template ID. Versioning lives in the gateway, not your codebase.

Portkey

Portkey ships a prompt library and playground for managing and testing prompts.

Bottom line: Both let you manage prompts centrally. Nemo additionally bakes A/B traffic splitting and evals into the gateway.

Model catalog2

Edge: competitor

Nemo Router

18 models live today on Google Vertex AI; Anthropic, OpenAI, and AWS Bedrock are on the public roadmap. We publish only what is routable.

Portkey

Portkey routes to a broad set of providers via its gateway, since it runs on your own provider keys.

Bottom line: Portkey's BYOK model gives it broad provider reach today. Nemo's catalog is focused but managed end-to-end and growing.

Why teams switch

Four reasons Portkey customers move to Nemo Router

Every product feature — guardrails, prompt management, A/B tests, evals, observability, RBAC, SSO/SAML, audit logs, per-team budgets, and priority support — ships on every tier. Tiers differ on exactly two axes: the platform-fee percentage (4 % / 2 % / 0 %) and the RPM/TPM guarantee. Nothing else is gated.

No feature gating, no add-ons

Portkey documents advanced RBAC, SSO/SAML, and audit logging as Enterprise-plan capabilities. Nemo Router ships every feature on every plan — Tier 1 through Tier 3. The only thing that changes between tiers is platform fee (4% / 2% / 0%) and RPM/TPM guarantees.

  • Guardrails on Tier 1
  • SSO + audit on Tier 1
  • No premium-tier upgrade pressure

Credits are the product, not an afterthought

Nemo Router is built around a Stripe-integrated credit ledger with atomic reserve-and-settle. Every API call deducts in real time, every failure releases the reservation, and budgets are enforced before a request leaves the gateway. Portkey has no built-in billing — you wire up cost tracking yourself.

  • Atomic reserve+settle ledger
  • Per-key / per-team / per-org budgets
  • Auto-topup + 402 error path

Zero BYOK — we hold every provider key

Portkey runs on BYOK: you provision, rotate, and audit every provider credential. Nemo Router manages all keys (Google (Gemini, Imagen, Veo) — Anthropic, OpenAI, and AWS Bedrock shipping next). One NEMOROUTER_API_KEY, one bill, no provider accounts to wrangle.

  • No provider key rotation on your team
  • No vendor account management
  • Single OpenAI-compatible base URL

Real RBAC + tenant isolation

Owner / admin / member / viewer with granular permissions for keys, spend visibility, guardrails, and team operations — on every tier. Multi-tenancy is enforced at the database level via row-level security, so cross-org reads are physically impossible.

  • 4 roles on every tier
  • RLS-enforced isolation in Postgres
  • Single-org-per-user invariant
Migration

Migrate in 3 steps

Change the base URL, drop the virtual-key header dance, and you're done. Same OpenAI SDK, same client code.

1

Sign up at nemorouter.ai

Free account, no credit card required. Takes 30 seconds.

2

Replace base_url and api_key

Two lines of code. Same OpenAI-compatible SDK, same format.

3

Same call shape, zero feature gating

Your existing code works without modification. Every feature is on.

migration.py
# Before (Portkey)
from openai import OpenAI

client = OpenAI(
    base_url="https://api.portkey.ai/v1",
    api_key="pk-...",
    default_headers={"x-portkey-virtual-key": "..."},
)

# After (Nemo Router — zero feature gating)
client = OpenAI(
    base_url="https://api.nemorouter.ai/v1",
    api_key=os.environ["NEMOROUTER_API_KEY"],
    # No extra headers — one key does it all
)

Works with the OpenAI Python SDK, Node.js SDK, and any OpenAI-compatible client. No extra headers, no virtual key config — just base URL and API key.

Architectural differences

Pricing, keys, billing — where the products diverge

Pricing philosophy

Portkey uses a tiered model where advanced RBAC, SSO/SAML, audit logging, and some governance tooling are documented as Enterprise- plan capabilities. Smaller teams that need those controls have to move to the Enterprise plan to access them.

Nemo Router takes the opposite approach. Every feature — guardrails, SSO, audit logs, budget controls, RBAC, observability, prompt management — is included on every plan. Plans differ only in platform-fee percentage (4% Tier 1 / 2% Tier 2 / 0% Tier 3) and RPM/TPM guarantees. Nothing else is gated.

Provider key management

Portkey operates on BYOK. You provision, rotate, and secure your own API keys for each provider. Virtual keys abstract usage, but the underlying credentials remain your responsibility.

Nemo Router eliminates this entirely. We manage every provider key. You receive a single Nemo Router API key (set as NEMOROUTER_API_KEY) that works with every model in our catalog.

Billing and cost control

Nemo Router has a built-in credit system powered by Stripe. You purchase credits, every call deducts via atomic reserve-and-settle, and budgets at the key/team/org level enforce in real time — when a budget is exhausted, requests reject before reaching the provider.

Portkey does not include a built-in customer billing or credit system. Teams wire up cost tracking and enforcement externally. Portkey provides usage analytics, but not the enforced spend controls Nemo Router ships out of the box.

Enterprise features

Enterprise capability, included on every plan

The opposite of feature gating — we differentiate on platform fee and RPM/TPM guarantees, not by paywalling governance.

Budget controls that enforce

Hard spending caps per API key, per team, per org. When a key hits the cap, requests reject before reaching the provider — not a post-hoc report telling you that you already overspent.

Full observability stack — free

Request logging, cost tracking by model/team/key, P50/P95/P99 latency, error-rate monitoring, and callbacks to Langfuse / Datadog / S3 / Slack. Data retention is configurable at the org level.

Compliance posture, stated honestly

SSO/SAML (Okta, Azure AD, Google Workspace), immutable audit logs, GDPR with a DPA, data-residency controls — on every plan. Infrastructure is SOC 2 Type II certified; our own audit is in progress.

Zero BYOK across every provider

We manage every provider key. No provisioning, rotation, or auditing of upstream credentials on your side — the operational tax is ours.

What customers ask

Frequently asked questions

Common questions about switching from Portkey to Nemo Router.

No BYOK · 5-minute migration

Ready to switch from Portkey?

Free Tier 1 account, no credit card. Every feature included from day one — guardrails, SSO, audit logs, budgets, RBAC, prompt management.

Start free — no credit cardBook a demo

Need help moving over? sales@nemorouter.ai for white-glove migration.99.9% SLA