Update docs to match current AI Gateway UI

- Update MCP server fields to match Create MCP Server dialog (Server ID,
  Display Name, Server Address, Defer Loading Override, Forward OIDC
  Token Override)
- Update orchestrator section to reflect system-managed config with
  configurable blocked tool patterns
- Update deferred loading config to use per-server Defer Loading Override
  dropdown instead of gateway-level toggle
- Update observability references to point to gateway Overview tab
- Comment out references to UI features not yet available

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: micheleRP

modules/ai-agents/pages/ai-gateway/admin/setup-guide.adoc

@@ -26,7 +26,7 @@ After completing this guide, you will be able to:
 
 Providers represent upstream services (Anthropic, OpenAI, Google AI) and associated credentials. Providers are disabled by default and must be enabled explicitly by an administrator.
 
-. In the Redpanda Cloud Console, navigate to *AI Gateway* → *Providers*.
+. In the Redpanda Cloud Console, navigate to *Agentic AI* → *Providers*.
 . Select a provider (for example, Anthropic).
 . On the Configuration tab for the provider, click *Add configuration*.
 . Enter your API Key for the provider.
@@ -43,17 +43,15 @@ The model catalog is the set of models made available through the gateway. Model
 
 The infrastructure that serves the model differs based on the provider you select. For example, OpenAI has different reliability and availability metrics than Anthropic. When you consider all metrics, you can design your gateway to use different providers for different use cases.
 
-. Navigate to *AI Gateway* → *Models*.
+. Navigate to *Agentic AI* → *Models*.
 . Review the list of available models from enabled providers.
-. For each model you want to expose through gateways, toggle it to *Enabled*.
-+
-Common models to enable:
+. For each model you want to expose through gateways, toggle it to *Enabled*. For example:
 +
 --
-* `openai/gpt-5.2` - OpenAI's most capable model
-* `openai/gpt-5.2-mini` - Cost-effective OpenAI model
-* `anthropic/claude-sonnet-4.5` - Balanced Anthropic model
-* `anthropic/claude-opus-4.6` - Anthropic's most capable model
+* `openai/gpt-5.2`
+* `openai/gpt-5.2-mini`
+* `anthropic/claude-sonnet-4.5`
+* `anthropic/claude-opus-4.6`
 --
 
 . Click *Save changes*.
@@ -62,9 +60,7 @@ Only enabled models will be accessible through gateways. You can enable or disab
 
 === Model naming convention
 
-Model requests must use the `vendor/model_id` format in the model property of the request body. This format allows AI Gateway to route requests to the appropriate provider.
-
-Examples:
+Model requests must use the `vendor/model_id` format in the model property of the request body. This format allows AI Gateway to route requests to the appropriate provider. For example:
 
 * `openai/gpt-5.2`
 * `anthropic/claude-sonnet-4.5`
@@ -109,7 +105,7 @@ endif::[]
 
 A gateway is a logical configuration boundary (policies + routing + observability) on top of a single deployment. It's a "virtual gateway" that you can create per team, environment (staging/production), product, or customer.
 
-. Navigate to *AI Gateway* → *Gateways*.
+. Navigate to *Agentic AI* → *Gateways*.
 . Click *Create Gateway*.
 . Configure the gateway:
 +
@@ -128,10 +124,12 @@ TIP: A workspace is conceptually similar to a resource group in Redpanda streami
 . After creation, note the following information:
 +
 --
-* *Gateway Endpoint*: URL for API requests (for example, `https://example/gateways/gw_abc123/v1`) - the gateway ID is embedded in the URL
+* *Gateway endpoint*: URL for API requests (for example, `https://example/gateways/d633lffcc16s73ct95mg/v1`) 
++
+The gateway ID is embedded in the URL.
 --
 
-You'll share the Gateway Endpoint with users who need to access this gateway.
+You'll share the gateway endpoint with users who need to access this gateway.
 
 == Configure LLM routing
 
@@ -228,49 +226,78 @@ TIP: Provider pool (UI) = Backend pool (API)
 
 If a provider pool contains multiple providers, you can distribute traffic to balance load or optimize for cost/performance:
 
-* *Round-robin*: Distribute evenly across all providers
-* *Weighted*: Assign weights (for example, 80% to Anthropic, 20% to OpenAI)
-* *Least latency*: Route to fastest provider based on recent performance
-* *Cost-optimized*: Route to cheapest provider for each model
+* Round-robin: Distribute evenly across all providers
+* Weighted: Assign weights (for example, 80% to Anthropic, 20% to OpenAI)
+* Least latency: Route to fastest provider based on recent performance
+* Cost-optimized: Route to cheapest provider for each model
 
 == Configure MCP tools (optional)
 
 If your users will build glossterm:AI agent[,AI agents] that need access to glossterm:MCP tool[,tools] via glossterm:MCP[,Model Context Protocol (MCP)], configure MCP tool aggregation.
 
 On the gateway details page, select the *MCP* tab to configure tool discovery and execution. The MCP proxy aggregates multiple glossterm:MCP server[,MCP servers], allowing agents to find and call tools through a single endpoint.
 
+=== Configure MCP rate limits
+
+Rate limits for MCP work the same way as LLM rate limits.
+
+. In the *MCP* tab, locate the *Rate Limit* section.
+. Click *Add rate limit*.
+. Configure the maximum requests per second and optional burst allowance.
+. Click *Save*.
+
 === Add MCP servers
 
-. In the *MCP* tab, click *Add MCP server*.
+. In the *MCP* tab, click *Create MCP Server*.
 . Configure the server:
 +
 --
-* *Server name*: Human-readable identifier (for example, `database-server`, `slack-server`)
-* *Server URL*: Endpoint for the MCP server (for example, `https://mcp-database.example.com`)
-* *Authentication*: Configure authentication if required (bearer token, API key, mTLS)
-* *Enabled tools*: Select which tools from this server to expose (or *All tools*)
+* *Server ID*: Unique identifier for this server
+* *Display Name*: Human-readable name (for example, `database-server`, `slack-server`)
+* *Server Address*: Endpoint URL for the MCP server (for example, `https://mcp-database.example.com`)
 --
 
-. Click *Test connection* to verify connectivity.
-. Click *Save* to add the server to this gateway.
+. Configure server settings:
++
+--
+* *Timeout (seconds)*: Maximum time to wait for a response from this server
+* *Enabled*: Whether this server is active and accepting requests
+* *Defer Loading Override*: Controls whether tools from this server are loaded upfront or on demand
++
+[cols="1,2"]
+|===
+|Option |Description
 
-Repeat for each MCP server you want to aggregate.
+|Inherit from gateway
+|Use the gateway-level deferred loading setting (default)
 
-=== Configure deferred tool loading
+|Enabled
+|Always defer loading from this server. Agents receive only a search tool initially and query for specific tools when needed. This can reduce token usage by 80-90%.
 
-Deferred tool loading dramatically reduces token costs by initially exposing only a search tool and orchestrator, rather than listing all available tools.
+|Disabled
+|Always load all tools from this server upfront.
+|===
 
-. In the *MCP* tab, locate *Deferred Loading*.
-. Toggle *Enable deferred tool loading* to *On*.
-. Configure behavior:
+* *Forward OIDC Token Override*: Controls whether the client's OIDC token is forwarded to this MCP server
 +
---
-* *Initially expose*: Search tool + orchestrator only
-* *Load on demand*: Tools are retrieved when agents query for them
-* *Token savings*: Expect 80-90% reduction in token usage for tool definitions
+[cols="1,2"]
+|===
+|Option |Description
+
+|Inherit from gateway
+|Use the gateway-level OIDC forwarding setting (default)
+
+|Enabled
+|Always forward the OIDC token to this server
+
+|Disabled
+|Never forward the OIDC token to this server
+|===
 --
 
-. Click *Save*.
+. Click *Save* to add the server to this gateway.
+
+Repeat for each MCP server you want to aggregate.
 
 See xref:ai-gateway/mcp-aggregation-guide.adoc[] for detailed information about MCP aggregation.
 
@@ -280,11 +307,24 @@ The MCP orchestrator is a built-in MCP server that enables programmatic tool cal
 
 Example: A workflow requiring 47 file reads can be reduced from 49 round trips to just 1 round trip using the orchestrator.
 
-The orchestrator is enabled by default when you enable MCP tools. You can configure:
+The orchestrator is pre-configured when you initialize the MCP gateway. Its server configuration (Server ID, Display Name, Transport, Command, and Timeout) is system-managed and cannot be modified.
 
-* *Execution timeout*: Maximum time for orchestrator workflows (for example, 30 seconds)
-* *Memory limit*: Maximum memory for JavaScript execution (for example, 128MB)
-* *Allowed operations*: Restrict which MCP tools can be called from orchestrator workflows
+You can configure blocked tool patterns to prevent specific tools from being called through the orchestrator:
+
+. In the *MCP* tab, select the orchestrator server to edit it.
+. Under *Blocked Tools*, click *Add Pattern* to add glob patterns for tools that should be blocked from execution.
++
+Example patterns:
++
+--
+* `server_id:*` - Block all tools from a specific server
+* `*:dangerous_tool` - Block a specific tool across all servers
+* `specific:tool` - Block a single tool on a specific server
+--
++
+NOTE: The orchestrator's own tools are blocked by default to prevent recursive execution.
+
+. Click *Save*.
 
 == Verify your setup
 
@@ -318,7 +358,7 @@ Expected result: Successful completion response.
 
 === Check the gateway overview
 
-. Navigate to *AI Gateway* → *Gateways* → Select your gateway → *Overview*.
+. Navigate to *Gateways* → Select your gateway → *Overview*.
 . Check the aggregate metrics to verify your test request was processed:
 +
 --

modules/ai-agents/pages/ai-gateway/builders/connect-your-agent.adoc

@@ -32,9 +32,7 @@ Connecting to AI Gateway requires two configuration changes:
 . *Change the base URL*: Point to the gateway endpoint instead of the provider's API. The gateway ID is embedded in the endpoint URL.
 . *Add authentication*: Use your Redpanda Cloud token instead of provider API keys
 
-That's it. Your existing application code doesn't need to change.
-
-== Quick start
+== Quickstart
 
 === Environment variables
 
@@ -144,9 +142,7 @@ When making requests through AI Gateway, use the `vendor/model_id` format for th
 * `anthropic/claude-sonnet-4.5`
 * `anthropic/claude-opus-4.6`
 
-This format tells AI Gateway which provider to route the request to.
-
-Example:
+This format tells AI Gateway which provider to route the request to. For example:
 
 [source,python]
 ----

modules/ai-agents/pages/ai-gateway/builders/discover-gateways.adoc

@@ -27,19 +27,10 @@ After reading this page, you will be able to:
 ====
 Using the Console::
 +
-. Navigate to *AI Gateway* in the Redpanda Cloud Console.
-. View the *My Gateways* tab (or *Gateways* if you're an administrator).
-. Review the list of gateways you can access:
+. Navigate to *Gateways* in the Redpanda Cloud Console.
+. Review the list of gateways you can access. For each gateway, you'll see the gateway name, ID, endpoint URL, status, available models, and provider performance.
 +
-For each gateway, you'll see:
-+
---
-* *Gateway Name*: Human-readable name (for example, `production-gateway`, `team-ml-gateway`)
-* *Gateway Endpoint*: URL for API requests, with the gateway ID embedded in the path (for example, `https://example/gateways/gw_abc123/v1`)
-* *Status*: Whether the gateway is active and accepting requests
-* *Available Models*: Which LLM models you can access
-* *MCP Tools*: Whether MCP tool aggregation is enabled
---
+Click the Configuration, API, MCP Tools, and Changelog tabs for additional information.
 
 Using the API::
 +

modules/ai-agents/pages/ai-gateway/cel-routing-cookbook.adoc

@@ -745,6 +745,7 @@ test_cel_routing(
 ----
 
 
+////
 === Option 3: CLI test (if available)
 
 [source,bash]
@@ -758,6 +759,7 @@ rpk cloud ai-gateway test-cel \
 
 # Expected output: openai/gpt-5.2
 ----
+////
 
 
 == Common CEL errors

modules/ai-agents/pages/ai-gateway/gateway-quickstart.adoc

@@ -78,10 +78,10 @@ ifdef::ai-hub-available[]
 endif::[]
 . Configure the gateway:
 +
-* Display name: Choose a descriptive name (for example, `my-first-gateway`)
-* Workspace: Select a workspace (conceptually similar to a resource group)
-* Description: Add context about this gateway's purpose
-* Optional metadata for documentation
+** Display name: Choose a descriptive name (for example, `my-first-gateway`)
+** Workspace: Select a workspace (conceptually similar to a resource group)
+** Description: Add context about this gateway's purpose
+** Optional metadata for documentation
 
 After creation, copy the gateway endpoint from the overview page. You'll need this for sending requests. The gateway ID is embedded in the endpoint URL. For example:
 
@@ -213,7 +213,6 @@ If your request fails, check these common issues:
 
 Confirm your request was routed through AI Gateway.
 
-. In the sidebar, navigate to *Agentic AI > Gateways*, then select your gateway.
 . On the *Overview* tab, check the aggregate metrics:
 +
 * *Total Requests*: Should have incremented
@@ -225,12 +224,6 @@ Confirm your request was routed through AI Gateway.
 +
 The model you used in your request should appear with its request count, token usage (input/output), estimated cost, latency, and error rate.
 
-If your request doesn't appear:
-
-* Wait a few seconds for metrics to update
-* Verify the gateway endpoint in your request matches the gateway you're viewing
-* Check that your client received a successful response
-
 == Configure LLM routing (optional)
 
 Configure rate limits, spend limits, and provider pools with failover.

modules/ai-agents/pages/ai-gateway/mcp-aggregation-guide.adoc

@@ -282,27 +282,27 @@ Don't use deferred loading when:
 
 === Configure deferred loading
 
-// PLACEHOLDER: Add UI path or configuration method
+Deferred loading is configured per MCP server through the *Defer Loading Override* setting in the Create MCP Server dialog.
 
-Option 1: Enable at gateway level (recommended)
+. Navigate to your gateway's *MCP* tab.
+. Create or edit an MCP server.
+. Under *Server Settings*, set *Defer Loading Override*:
++
+[cols="1,2"]
+|===
+|Option |Description
 
-[source,yaml]
-----
-# PLACEHOLDER: Actual configuration format
-mcp:
-  deferred_loading: true  # Default for all agents using this gateway
-----
+|Inherit from gateway
+|Use the gateway-level deferred loading setting (default)
 
+|Enabled
+|Always defer loading from this server. Agents receive only a search tool initially and query for specific tools when needed.
 
-Option 2: Enable per-request (agent-controlled)
+|Disabled
+|Always load all tools from this server upfront.
+|===
 
-[source,python]
-----
-# Agent includes header
-headers = {
-    "rp-aigw-mcp-deferred": "true"  # Enable for this request
-}
-----
+. Click *Save*.
 
 
 === Measure token savings
@@ -460,14 +460,12 @@ Available in workflow:
 Security:
 
 * Sandboxed execution (no file system, network, or system access)
-* Timeout: // PLACEHOLDER: e.g., 30 seconds
-* Memory limit: // PLACEHOLDER: e.g., 128MB
+* Timeout and memory limits are system-managed and cannot be modified
 
 Limitations:
 
 * Cannot call external APIs directly (must use MCP tools)
 * Cannot import npm packages (built-in JS only)
-* // PLACEHOLDER: Other limitations?
 
 === Orchestrator example: data aggregation
 
@@ -797,6 +795,7 @@ Solution:
 
 == Security considerations
 
+////
 === Tool execution sandboxing
 
 // PLACEHOLDER: Confirm sandboxing implementation
@@ -814,6 +813,7 @@ MCP tool execution:
 * Tools execute in MCP server's environment (not gateway)
 * Gateway does not execute tool code (only proxies requests)
 * Security is MCP server's responsibility
+////
 
 === Authentication
 
@@ -1004,7 +1004,3 @@ response = agent.run("Find all premium users in the database")
 ----
 --
 ====
-
-
-== Next steps
-

modules/ai-agents/pages/ai-gateway/what-is-ai-gateway.adoc

@@ -185,6 +185,8 @@ AI Gateway may not be necessary if:
 
 Now that you understand what AI Gateway is and how it can benefit your organization:
 
+* xref:ai-gateway/gateway-quickstart.adoc[Gateway Quickstart] - Get started quickly with a basic gateway setup
+
 *For Administrators:*
 
 * xref:ai-gateway/admin/setup-guide.adoc[Setup Guide] - Enable providers, models, and create gateways