Link fixes 3/31/26

.github/workflows/links.yml

@@ -64,6 +64,7 @@ jobs:
             --config docs-link-checking/lychee.toml
             --root-dir "${{ github.workspace }}/public"
             --index-files index.html
+            --exclude-path public/docs/kubernetes/2.2.x
             --remap "^https://agentgateway\.dev/docs/ file:///${{ github.workspace }}/public/docs/"
             --remap "public/docs/observability public/docs/kubernetes/latest/observability"
             --remap "public/docs/resiliency public/docs/kubernetes/latest/resiliency"
@@ -150,6 +151,7 @@ jobs:
           SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
           SLACK_CHANNEL: "#doctopus-tests"
           ERRORS: ${{ steps.link-stats.outputs.errors }}
+          WARNINGS: ${{ steps.link-stats.outputs.warnings }}
           REDIRECTS: ${{ steps.link-stats.outputs.redirects }}
           ICON: ${{ steps.link-stats.outputs.icon }}
           REPOSITORY: ${{ github.repository }}

assets/agw-docs/pages/agentgateway/about/policies.md

@@ -43,13 +43,13 @@ Some `backend` sub-fields have additional targeting restrictions.
 
 The `traffic` section supports an optional `phase` field that controls when the policy runs. When you set the phase to `PreRouting`, the policy runs before route selection. Because of this timing, `PreRouting` policies can only target a Gateway or ListenerSet.
 
-For more information, see [Policy processing order](#processing-order) and [PreRouting filters](#prerouting-filters).
+For more information, see [Policy processing order](#processing-order) and [PreRouting filters](#prerouting).
 
 ## Policy merging {#merging}
 
 When multiple policies target the same resource, agentgateway merges the policy sections on a **field level** (shallow merge). If two policies set the same field, the more specific policy takes precedence.
 
-### Merge precedence
+### Merge precedence {#merging-precedence}
 
 Each policy section follows a different precedence order based on the specificity of the target. The more specific the target, the higher the precedence.
 

assets/agw-docs/pages/agentgateway/about/processing-order.md

@@ -34,7 +34,7 @@ graph LR
 3. **PostRouting traffic policies:** Run after route selection. [PostRouting](#postrouting) is the default phase for traffic policies and supports all traffic filters.
 4. **Backend policies:** Run when the gateway connects to the destination backend, including backend TLS, authentication, and health checking.
 
-Within each phase, agentgateway merges all applicable policies with a shallow field-level merge. If two policies configure different fields, both apply. For example, if one policy sets `transformation` and another sets `extAuth`, both filters run. If two policies configure the same field, the higher-precedence policy takes effect. For details, see [merge precedence](#merging).
+Within each phase, agentgateway merges all applicable policies with a shallow field-level merge. If two policies configure different fields, both apply. For example, if one policy sets `transformation` and another sets `extAuth`, both filters run. If two policies configure the same field, the higher-precedence policy takes effect.
 
 ## Traffic filter execution order
 

assets/agw-docs/pages/agentgateway/guardrails.md

@@ -26,7 +26,7 @@ By applying guardrails to both input and output, you can:
 
 ### Support for guardrails {#about-guardrail-support}
 
-{{< reuse "agw-docs/snippets/agentgateway-capital.md" >}} includes built-in [prompt guards]({{< link-hextra path="/llm/prompt-guards/">}}) to reject, mask, or pass prompt data through a moderation endpoint.
+{{< reuse "agw-docs/snippets/agentgateway-capital.md" >}} includes built-in [prompt guards]({{< link-hextra path="/llm/guardrails/">}}) to reject, mask, or pass prompt data through a moderation endpoint.
 
 However, you might want to bring your own guardrails for situations such as:
 

assets/agw-docs/pages/agentgateway/integrations/llm-clients-k8s/claude-code.md

@@ -244,5 +244,4 @@ kubectl delete secret anthropic-secret -n agentgateway-system --ignore-not-found
 {{< cards >}}
   {{< card path="/tutorials/claude-code-proxy" title="Claude Code Proxy Tutorial" subtitle="Full walkthrough with prompt guards and observability" >}}
   {{< card path="/llm/providers/anthropic" title="Anthropic Provider" subtitle="Complete Anthropic provider configuration" >}}
-  {{< card path="/tutorials/ai-prompt-guard" title="AI Prompt Guard" subtitle="Block sensitive content in prompts" >}}
 {{< /cards >}}

assets/agw-docs/pages/agentgateway/integrations/llm-clients/claude-code.md

@@ -100,6 +100,5 @@ export ANTHROPIC_BASE_URL="http://localhost:4000"
 
 {{< cards >}}
   {{< card path="/llm/providers/anthropic" title="Anthropic provider" subtitle="Complete Anthropic provider configuration" >}}
-  {{< card path="/tutorials/ai-prompt-guard" title="AI prompt guard" subtitle="Advanced prompt guard patterns" >}}
   {{< card path="/llm/prompt-guards/" title="Prompt guards" subtitle="Set up guardails for LLM requests and responses" >}}
 {{< /cards >}}

assets/agw-docs/pages/agentgateway/llm/functions.md

@@ -44,7 +44,7 @@ sequenceDiagram
 
 ### Behavior with other AI features {#about-behavior}
 
-Keep in mind the following behaviors when using function calling with other agentgateway features. For more details about these features, see the [API docs]({{< link-hextra path="/reference/api/#aitrafficpolicy" >}}).
+Keep in mind the following behaviors when using function calling with other agentgateway features. For more details about these features, see the [API docs]({{< link-hextra path="/reference/api/#backendai" >}}).
 
 * Streaming responses: You can stream responses that call functions.
 * Semantic caching: Function calls are not cached.

assets/agw-docs/pages/agentgateway/llm/providers/azureopenai.md

@@ -64,7 +64,7 @@ Configure [Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/?vie
    | `ai.provider.azureopenai` | Define the Azure OpenAI provider. |
    | `azureopenai.endpoint`     | The endpoint of the Azure OpenAI deployment that you created, such as `my-endpoint.cognitiveservices.azure.com`. |
    | `azureopenai.deployment`    | The name of the Azure OpenAI model deployment that you created earlier. For more information, see the [Azure OpenAI model docs](https://learn.microsoft.com/en-us/azure/ai-foundry/foundry-models/how-to/deploy-foundry-models?view=foundry).|
-   | `azureopenai.apiVersion`    | The version of the Azure OpenAI API to use. For more information, see the [Azure OpenAI API version reference](https://learn.microsoft.com/en-us/azure/ai-foundry/?view=foundry-classicreference#api-specs).|
+   | `azureopenai.apiVersion`    | The version of the Azure OpenAI API to use. For more information, see the [Azure OpenAI API version reference](https://learn.microsoft.com/en-us/azure/foundry/?view=foundry-classicreference#api-specs).|
    | `policies.auth` | Configure the authentication token for Azure OpenAI API. The example refers to the secret that you previously created. The token is automatically sent in the `api-key` header.|
 
 6. Create an HTTPRoute resource that routes incoming traffic to the {{< reuse "agw-docs/snippets/backend.md" >}}. The following example sets up a route. Note that {{< reuse "agw-docs/snippets/kgateway.md" >}} automatically rewrites the endpoint to the appropriate chat completion endpoint of the LLM provider for you, based on the LLM provider that you set up in the {{< reuse "agw-docs/snippets/backend.md" >}} resource.

assets/agw-docs/pages/landing.md

@@ -84,7 +84,7 @@ Enable secure communication between AI agents using the [Agent-to-Agent (A2A)](h
 - **Authentication**: JWT, API keys, basic auth, MCP auth spec
 - **Authorization**: Fine-grained RBAC with [Cedar policy engine](https://www.cedarpolicy.com/)
 - **Traffic policies**: Rate limiting, CORS, TLS, external authz
-- **Observability**: Built-in [OpenTelemetry](https://opentelemetry.io/) metrics, logs, and distributed tracing
+- **Observability**: Built-in [OpenTelemetry](https://opentelemetry.io) metrics, logs, and distributed tracing
 
 ### Platform Agnostic
 

assets/agw-docs/pages/resiliency/connection.md

@@ -243,7 +243,7 @@ EOF
 Manage idle and stale connections with HTTP/2 keepalive.
 
 {{< cards >}}
-  {{< card path="/resiliency/keepalive/#http-keepalive" title="Keepalive" subtitle="COnfigure keepalive connection settings." >}}
+  {{< card path="/resiliency/keepalive/#http-keepalive" title="Keepalive" subtitle="Configure keepalive connection settings." >}}
 {{< /cards >}}
 
 

assets/agw-docs/pages/resiliency/keepalive.md

@@ -6,7 +6,7 @@ With keepalive, the kernel sends probe packets with only an acknowledgement flag
 
 {{< reuse "agw-docs/snippets/agentgateway/prereq.md" >}}
 
-## TCP keepalive
+## TCP keepalive {#tcp-keepalive}
 
 Keep the TCP connection alive by sending out probes after the connection has been idle for a specific amount of time.
 
@@ -93,7 +93,7 @@ Keep the TCP connection alive by sending out probes after the connection has bee
 kubectl delete {{< reuse "agw-docs/snippets/trafficpolicy.md" >}} httpbin-keepalive -n httpbin
 ```
 
-## HTTP keepalive
+## HTTP keepalive {#http-keepalive}
 
 Keep the HTTP connection alive by sending out probes after the connection has been idle for a specific amount of time.
 

assets/agw-docs/pages/traffic-management/destination-types/kube-services/grpc-services.md

@@ -199,7 +199,7 @@ Create an HTTPS listener so that the gateway can route gRPC traffic. GRPCRoute r
 
 ## Create a GRPCRoute {#create-grpcroute}
 
-1. Create the GRPCRoute resource. Include the `grpc.reflection.v1alpha.ServerReflection` method to enable dynamic API exploration. For detailed information about GRPCRoute fields and configuration options, see the [Gateway API GRPCRoute documentation](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.GRPCRoute).
+1. Create the GRPCRoute resource. Include the `grpc.reflection.v1alpha.ServerReflection` method to enable dynamic API exploration. For detailed information about GRPCRoute fields and configuration options, see the [Gateway API GRPCRoute documentation](https://gateway-api.sigs.k8s.io/reference/spec/#grpcroute).
 
    ```yaml
    kubectl apply -f - <<EOF

assets/agw-docs/pages/traffic-management/grpc.md

@@ -131,7 +131,7 @@ Steps to set up the sample gRPC service:
    EOF
    ```
 
-2. Create the GRPCRoute. The GRPCRoute includes a match for `grpc.reflection.v1alpha.ServerReflection` to enable dynamic API exploration and a match for the `Ping` method. For detailed information about GRPCRoute fields and configuration options, see the [Gateway API GRPCRoute documentation](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.GRPCRoute).
+2. Create the GRPCRoute. The GRPCRoute includes a match for `grpc.reflection.v1alpha.ServerReflection` to enable dynamic API exploration and a match for the `Ping` method. For detailed information about GRPCRoute fields and configuration options, see the [Gateway API GRPCRoute documentation](https://gateway-api.sigs.k8s.io/reference/spec/#grpcroute).
 
    ```yaml
    kubectl apply -f - <<EOF

assets/agw-docs/pages/traffic-management/redirect/host.md

@@ -1,6 +1,6 @@
 Redirect requests to a different host. 
 
-For more information, see the [{{< reuse "agw-docs/snippets/k8s-gateway-api-name.md" >}} documentation](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRequestRedirectFilter).
+For more information, see the [{{< reuse "agw-docs/snippets/k8s-gateway-api-name.md" >}} documentation](https://gateway-api.sigs.k8s.io/reference/spec/#httprequestredirectfilter).
 
 {{< reuse "agw-docs/snippets/agentgateway/prereq.md" >}}
 

assets/agw-docs/pages/traffic-management/redirect/https.md

@@ -1,6 +1,6 @@
 Redirect HTTP traffic to HTTPS. 
 
-For more information, see the [{{< reuse "agw-docs/snippets/k8s-gateway-api-name.md" >}} documentation](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRequestRedirectFilter).
+For more information, see the [{{< reuse "agw-docs/snippets/k8s-gateway-api-name.md" >}} documentation](https://gateway-api.sigs.k8s.io/reference/spec/#httprequestredirectfilter).
 
 {{< reuse "agw-docs/snippets/agentgateway/prereq.md" >}}
 

assets/agw-docs/pages/traffic-management/redirect/path.md

@@ -1,6 +1,6 @@
 Redirect requests to a different path prefix. 
 
-For more information, see the [{{< reuse "agw-docs/snippets/k8s-gateway-api-name.md" >}} documentation](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRequestRedirectFilter).
+For more information, see the [{{< reuse "agw-docs/snippets/k8s-gateway-api-name.md" >}} documentation](https://gateway-api.sigs.k8s.io/reference/spec/#httprequestredirectfilter).
 
 {{< reuse "agw-docs/snippets/agentgateway/prereq.md" >}}
 

assets/agw-docs/pages/traffic-management/traffic-split.md

@@ -93,7 +93,7 @@ This example demonstrates A/B testing and canary deployments by distributing tra
 
    |Setting|Description|
    |--|--|
-   |`spec.parentRefs.name`|The name and namespace of the gateway resource that serves the route. In this example, you use the gateway that you created when you set up the [Sample app]({{< link-hextra path="/install/sample-app#deploy-app/" >}}). |
+   |`spec.parentRefs.name`|The name and namespace of the gateway resource that serves the route. In this example, you use the gateway that you created when you set up the [Sample app]({{< link-hextra path="/install/sample-app/" >}}). |
    |`spec.hostnames`| The hostname for which you want to apply traffic splitting.|
    |`spec.rules.matches.path`|The path prefix to match on. In this example, `/` is used. |
    |`spec.rules.backendRefs`| A list of services you want to forward traffic to. Use the `weight` option to define the amount of traffic that you want to forward to each service. |

assets/agw-docs/snippets/agentgateway-setup.md

@@ -1,4 +1,4 @@
-1. Create a Gateway that uses the `{{< reuse "agw-docs/snippets/agw-gatewayclass.md" >}}` GatewayClass. The following example sets up a Gateway that uses the [default agentgateway proxy template](https://github.com/agentgateway/agentgateway/blob/main/controller/pkg/kgateway/helm/agentgateway/templates/deployment.yaml).
+1. Create a Gateway that uses the `{{< reuse "agw-docs/snippets/agw-gatewayclass.md" >}}` GatewayClass. The following example sets up a Gateway that uses the [default agentgateway proxy template](https://github.com/agentgateway/agentgateway/blob/main/controller/pkg/helm/agentgateway/templates/deployment.yaml).
    ```sh {paths="all"}
    kubectl apply -f- <<EOF
    apiVersion: gateway.networking.k8s.io/v1

assets/agw-docs/snippets/agentgateway/otel-prereq.md

@@ -8,7 +8,7 @@ Deploy an open source observability stack based on OpenTelemetry (OTel) that inc
 
 ## About
 
-Observability tools are essential to gain insight into the health and performance of your gateway proxies. [OpenTelemetry](https://opentelemetry.io/) (OTel) is a flexible, open source framework that provides a set of APIs, libraries, and instrumentation to help capture and export observability data. However, you can follow a similar process as this guide to use the tools that you prefer.
+Observability tools are essential to gain insight into the health and performance of your gateway proxies. [OpenTelemetry]() (OTel) is a flexible, open source framework that provides a set of APIs, libraries, and instrumentation to help capture and export observability data. However, you can follow a similar process as this guide to use the tools that you prefer.
 
 ### Observability data types {#data-types}
 

assets/agw-docs/snippets/otel-prereq.md

@@ -8,7 +8,7 @@ Deploy an open source observability stack based on OpenTelemetry (OTel) that inc
 
 ## About
 
-Observability tools are essential to gain insight into the health and performance of your gateway proxies. [OpenTelemetry](https://opentelemetry.io/) (OTel) is a flexible, open source framework that provides a set of APIs, libraries, and instrumentation to help capture and export observability data. However, you can follow a similar process as this guide to use the tools that you prefer.
+Observability tools are essential to gain insight into the health and performance of your gateway proxies. [OpenTelemetry](https://opentelemetry.io) (OTel) is a flexible, open source framework that provides a set of APIs, libraries, and instrumentation to help capture and export observability data. However, you can follow a similar process as this guide to use the tools that you prefer.
 
 ### Observability data types {#data-types}
 

content/_index.md

@@ -640,7 +640,7 @@ setTimeout(function() { btn.textContent = 'Copy'; }, 2000);
 <span class="inline-block bg-blue-400/20 text-blue-400 text-xs font-medium px-2 py-0.5 rounded-full">Azure</span>
 </div>
 </a>
-<a href="/docs/kubernetes/latest/tutorials/authorization/" class="bg-secondary-bg rounded-xl border border-secondary-border p-4 hover:border-tertiary-text/50 transition-colors block">
+<a href="/docs/kubernetes/latest/tutorials/jwt-authorization/" class="bg-secondary-bg rounded-xl border border-secondary-border p-4 hover:border-tertiary-text/50 transition-colors block">
 <div class="flex items-center justify-between">
 <div>
 <h4 class="text-primary-text font-semibold text-sm">JWT Authorization</h4>
@@ -649,7 +649,7 @@ setTimeout(function() { btn.textContent = 'Copy'; }, 2000);
 <span class="inline-block bg-amber-400/20 text-amber-400 text-xs font-medium px-2 py-0.5 rounded-full">Security</span>
 </div>
 </a>
-<a href="/docs/kubernetes/latest/tutorials/ai-prompt-guard/" class="bg-secondary-bg rounded-xl border border-secondary-border p-4 hover:border-tertiary-text/50 transition-colors block">
+<a href="/docs/kubernetes/latest/llm/guardrails/" class="bg-secondary-bg rounded-xl border border-secondary-border p-4 hover:border-tertiary-text/50 transition-colors block">
 <div class="flex items-center justify-between">
 <div>
 <h4 class="text-primary-text font-semibold text-sm">AI Prompt Guard</h4>
@@ -826,7 +826,7 @@ function showK8sOption(option) {
         Support for industry standard AI protocols for agent and tool connectivity including A2A and MCP with the ability to automatically expose existing REST APIs as MCP-native tools.
       </p>
     </a>
-    <a class="bg-secondary-bg rounded-xl md:max-w-96 p-4 border-secondary-border border-[1px] hover:border-primary-border" href="/docs/quickstart/#step-3-explore-the-ui">
+    <a class="bg-secondary-bg rounded-xl md:max-w-96 p-4 border-secondary-border border-[1px] hover:border-primary-border" href="/docs/quickstart/mcp/#step-4-explore-the-ui">
       <h3 class="font-bold  text-primary-text">
         <span class="text-tertiary-text">Developer Portal</span>
       </h3>

content/blog/2025-07-14-a2a-mcp-gateway-api-0-6-release.md

@@ -47,7 +47,7 @@ In real enterprise deployments, security and reliability aren't optional. That's
 * Local and remote rate limiting
 * JWT authentication and external auth, (ie, extAuthz) hooks
 * Upstream auth (cloud identity, TLS, etc)
-* Full [OpenTelemetry](https://opentelemetry.io/) support for metrics, logs, and distributed tracing
+* Full [OpenTelemetry](https://opentelemetry.io) support for metrics, logs, and distributed tracing
 
 These controls allow you to run production-grade agent infrastructure that meets enterprise security and observability requirements.
 

content/blog/2026-02-09-getting-started-agentgateway-llm-routing.md

@@ -442,7 +442,7 @@ Now that you have path-based LLM routing working, there's a lot more you can do
 * **Multiple providers on one route** — group backends for automatic load balancing and failover. Agentgateway picks two random providers and selects the healthiest one.
 * **Prompt guarding** — add `AgentgatewayPolicy` resources for regex-based prompt filtering or webhook-based validation before requests hit your LLM.
 * **Rate limiting** — protect your API keys and budgets with local or remote rate limiting policies.
-* **Observability** — enable full [OpenTelemetry](https://opentelemetry.io/) support for metrics, logs, and distributed tracing across all your LLM traffic.
+* **Observability** — enable full [OpenTelemetry](https://opentelemetry.io) support for metrics, logs, and distributed tracing across all your LLM traffic.
 
 Check out the [agentgateway docs](https://agentgateway.dev/docs/kubernetes/latest/quickstart/) for more, or come chat with us on [Discord](https://discord.com/invite/y9efgEmppm).