Back to home

Documentation

Gateplex Docs

Everything you need to instrument your AI agents with Gateplex - observability, guardrails, and governance for production LLM workloads.

Overview

Gateplex is the governance firewall for autonomous AI agents. It intercepts every LLM call, tool invocation, and guardrail event your agents emit, giving you a real-time feed, audit trail, and policy enforcement engine.

How it works: your agent (or middleware) sends an HTTP request to Gateplex for each event. Gateplex evaluates configured guardrails, returns a verdict (ALLOW, BLOCK, or FLAG), and stores the event for later review in the dashboard.

Who it's for: teams shipping LLM-powered products who need to monitor agent behavior, prevent unsafe outputs, and meet compliance requirements without rebuilding observability from scratch.

Quick start

Send your first intercept in under a minute:

curl -X POST https://gateplex.ai/api/public/intercepts \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "agent_id": "agent_abc123",
    "event_type": "llm_call",
    "input": "What is the capital of France?",
    "output": "Paris",
    "model": "gpt-4o",
    "latency_ms": 312,
    "flagged": false
  }'

Then open the live feed to see your event appear in real time.

Authentication

All API requests authenticate with a Bearer token in the Authorization header. API keys are scoped per project - each project has its own key, so you can keep dev, staging, and prod separate.

Generate a key: visit the Projects page, select a project, and copy the key shown. New projects get a key automatically on creation.

Rotate a key: on the same page, click "Rotate key" to invalidate the old key and generate a new one. Rotation is immediate; update your environment variables before rotating in production.

Authorization: Bearer gplx_xxxxxxxxxxxxxxxxxxxx

API reference

POST /api/public/intercepts

Logs a single agent event and runs guardrails against it.

Request fields

FieldTypeRequiredDescription
agent_idstringNoUUID of a registered agent in this project
event_typestringYesllm_call | tool_call | guardrail_trigger
inputstringNoThe prompt or input sent to the model
outputstringNoThe model or tool response
modelstringNoModel identifier (e.g. gpt-4o)
latency_msnumberNoRound-trip time in milliseconds
flaggedbooleanNoWhether your client flagged this event
metadataobjectNoFree-form key-value pairs

Example request

POST /api/public/intercepts
Authorization: Bearer gplx_xxxxxxxxxxxxxxxxxxxx
Content-Type: application/json

{
  "agent_id": "8d2c1f4a-...-...",
  "event_type": "llm_call",
  "input": "Summarize this contract",
  "output": "This contract grants ...",
  "model": "claude-3-5-sonnet",
  "latency_ms": 842,
  "metadata": { "user_id": "u_42", "session": "s_99" }
}

Example response

HTTP/1.1 201 Created
Content-Type: application/json

{
  "ok": true,
  "intercept": {
    "id": "01J9...",
    "created_at": "2026-05-18T12:34:56.000Z",
    "event_type": "llm_call",
    "flagged": false
  }
}

Guardrails

Guardrails are policies that evaluate each intercept and return a verdict (ALLOW, BLOCK, or FLAG). They are applied consistently to every event you send, independent of the client or framework that emitted it.

Gateplex supports eight rule types:

  • Keyword Block - blocks an action when a configured keyword appears in the payload.
  • Keyword Flag - flags an action for review when a configured keyword appears.
  • Rate Limiter - caps how many actions an agent can take within a time window.
  • API Scope Control - restricts the domains and endpoints an agent is allowed to call.
  • Regex Pattern Match - matches the payload against a custom regular expression.
  • Output Length Limit - flags or blocks outputs that exceed a configured length.
  • Prompt Injection Detector - detects prompt injection and jailbreak attempts.
  • Repetition Detector - catches repeated or looping agent output.

Three compliance packs are available that add multiple pre-configured rules at once: EU AI Act Article 12 Pack, HIPAA Safety Pack, and Financial Services Pack.

Configure guardrails from the Guardrails page. Each rule can be toggled and scoped to specific agents.

Event types

llm_call

Any call to a language model. Use this for chat completions, embeddings, and streaming responses. The input field holds the prompt; output holds the model's response.

tool_call

Any function or tool the agent invokes - database queries, web fetches, API calls. Put the tool name and arguments in input, and the result in output.

guardrail_trigger

Emitted when your own client-side check fires before sending to Gateplex. Useful for tracking rejections from local safety logic alongside server-side verdicts.

Verdicts

Every intercept resolves to one of four verdicts:

  • ALLOW - no guardrail matched. The event is logged and your agent should proceed.
  • BLOCK - a guardrail matched with blocking severity. Your agent should stop and either ask the user to rephrase or escalate to a human.
  • FLAG - a guardrail matched but only surfaced a warning. The event proceeds, but it's marked for review in the dashboard.
  • PENDING_APPROVAL - a FLAG rule with requires_approval enabled held this action for human review. The agent should poll the status endpoint until a reviewer decides.

Human-in-the-Loop Approval

When a rule returns PENDING_APPROVAL, use client.wait_for_approval(intercept_id) to poll until a reviewer decides. The method blocks and returns an ApprovalStatus object with is_approved, is_rejected, and is_pending properties. A GateplexRejectedError is raised if the reviewer rejects the action and raise_on_error is True.

MCP integration

Gateplex ships a remote MCP server so agents built on Claude Desktop, Cursor, or any MCP-compatible client can call log_intercept, get_feed, and check_guardrails directly.

Install via Smithery with one command:

npx -y @smithery/cli install gateplex/gateplex --client claude

Or connect manually to https://gateplex.ai/mcp using the streamable HTTP transport. Browse the listing on Smithery.

Python SDK

The gateplex-python SDK (v0.2.3) wraps the REST API with type-safe helpers and async support.

PyPI version
pip install gateplex-python==0.2.3
from gateplex import GateplexClient

client = GateplexClient(api_key="gplx_xxxxxxxxxxxxxxxxxxxx")

response = client.log_intercept(
    agent_id="agent_abc123",
    event_type="llm_call",
    input="What is the capital of France?",
    output="Paris",
    model="gpt-4o",
    latency_ms=312,
    flagged=False
)

# v0.2.3 response fields
print(response.verdict)               # ALLOW | FLAG | BLOCK | PENDING_APPROVAL
print(response.reasoning)             # why the verdict was assigned
print(response.triggered_rules)       # list of rules that matched
print(response.pii_types_detected)    # detected PII categories
print(response.transaction_amount)    # extracted amount, if any

# convenience properties
if response.is_blocked:
    raise RuntimeError("Action blocked by governance policy")
if response.is_allowed:
    pass        # proceed normally
if response.is_flagged:
    log_for_review(response)
if response.is_pending_approval:
    handle_pending(response)

Handling PENDING_APPROVAL

When a FLAG rule has requires_approval enabled, the verdict is PENDING_APPROVAL and the agent action is held until a human reviewer approves or rejects it in the dashboard. The SDK can poll for the final decision with wait_for_approval.

response = client.log_intercept(
    agent_id="agent_abc123",
    event_type="tool_call",
    input="Wire $24,000 to vendor ACME",
)

if response.is_pending_approval:
    # blocks until a reviewer approves or rejects, or the timeout elapses
    decision = client.wait_for_approval(
        response.intercept_id,
        timeout=300,        # seconds
        poll_interval=5,    # seconds
    )

    if decision.is_approved:
        execute_action()
    else:
        cancel_action(decision.reviewer_note)

Source and full reference on GitHub.

VPC Deployment

Gateplex VPC Edition runs the governance engine inside your own AWS or Azure environment. Deploy with a single docker compose up command. No agent payload data leaves your perimeter. Contact sales@gateplex.ai to request access.