Cloud security gateways are on-premises or cloud-based security policy enforcement points placed between cloud service consumers and cloud service providers to interject enterprise security policies as the cloud-based resources are accessed. Cloud security gateways consolidate multiple types of security policy enforcement. Example security policies include authentication, single sign-on, authorization, security token mapping, encryption, tokenization, logging, alerting, API control and so on.