Documentation
Everything you need to instrument your AI agents with Gateplex - observability, guardrails, and governance for production LLM workloads.
Gateplex is the governance firewall for autonomous AI agents. It intercepts every LLM call, tool invocation, and guardrail event your agents emit, giving you a real-time feed, audit trail, and policy enforcement engine.
How it works: your agent (or middleware) sends an HTTP request to Gateplex for each event. Gateplex evaluates configured guardrails, returns a verdict (ALLOW, BLOCK, or FLAG), and stores the event for later review in the dashboard.
Who it's for: teams shipping LLM-powered products who need to monitor agent behavior, prevent unsafe outputs, and meet compliance requirements without rebuilding observability from scratch.
Send your first intercept in under a minute:
curl -X POST https://gateplex.ai/api/public/intercepts \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"agent_id": "agent_abc123",
"event_type": "llm_call",
"input": "What is the capital of France?",
"output": "Paris",
"model": "gpt-4o",
"latency_ms": 312,
"flagged": false
}'Then open the live feed to see your event appear in real time.
All API requests authenticate with a Bearer token in the Authorization header. API keys are scoped per project - each project has its own key, so you can keep dev, staging, and prod separate.
Generate a key: visit the Projects page, select a project, and copy the key shown. New projects get a key automatically on creation.
Rotate a key: on the same page, click "Rotate key" to invalidate the old key and generate a new one. Rotation is immediate; update your environment variables before rotating in production.
Authorization: Bearer gplx_xxxxxxxxxxxxxxxxxxxx
Logs a single agent event and runs guardrails against it.
| Field | Type | Required | Description |
|---|---|---|---|
| agent_id | string | No | UUID of a registered agent in this project |
| event_type | string | Yes | llm_call | tool_call | guardrail_trigger |
| input | string | No | The prompt or input sent to the model |
| output | string | No | The model or tool response |
| model | string | No | Model identifier (e.g. gpt-4o) |
| latency_ms | number | No | Round-trip time in milliseconds |
| flagged | boolean | No | Whether your client flagged this event |
| metadata | object | No | Free-form key-value pairs |
POST /api/public/intercepts
Authorization: Bearer gplx_xxxxxxxxxxxxxxxxxxxx
Content-Type: application/json
{
"agent_id": "8d2c1f4a-...-...",
"event_type": "llm_call",
"input": "Summarize this contract",
"output": "This contract grants ...",
"model": "claude-3-5-sonnet",
"latency_ms": 842,
"metadata": { "user_id": "u_42", "session": "s_99" }
}HTTP/1.1 201 Created
Content-Type: application/json
{
"ok": true,
"intercept": {
"id": "01J9...",
"created_at": "2026-05-18T12:34:56.000Z",
"event_type": "llm_call",
"flagged": false
}
}Guardrails are policies that evaluate each intercept and return a verdict (ALLOW, BLOCK, or FLAG). They are applied consistently to every event you send, independent of the client or framework that emitted it.
Gateplex supports eight rule types:
Three compliance packs are available that add multiple pre-configured rules at once: EU AI Act Article 12 Pack, HIPAA Safety Pack, and Financial Services Pack.
Configure guardrails from the Guardrails page. Each rule can be toggled and scoped to specific agents.
Any call to a language model. Use this for chat completions, embeddings, and streaming responses. The input field holds the prompt; output holds the model's response.
Any function or tool the agent invokes - database queries, web fetches, API calls. Put the tool name and arguments in input, and the result in output.
Emitted when your own client-side check fires before sending to Gateplex. Useful for tracking rejections from local safety logic alongside server-side verdicts.
Every intercept resolves to one of four verdicts:
When a rule returns PENDING_APPROVAL, use client.wait_for_approval(intercept_id) to poll until a reviewer decides. The method blocks and returns an ApprovalStatus object with is_approved, is_rejected, and is_pending properties. A GateplexRejectedError is raised if the reviewer rejects the action and raise_on_error is True.
Gateplex ships a remote MCP server so agents built on Claude Desktop, Cursor, or any MCP-compatible client can call log_intercept, get_feed, and check_guardrails directly.
Install via Smithery with one command:
npx -y @smithery/cli install gateplex/gateplex --client claude
Or connect manually to https://gateplex.ai/mcp using the streamable HTTP transport. Browse the listing on Smithery.
The gateplex-python SDK (v0.2.3) wraps the REST API with type-safe helpers and async support.
pip install gateplex-python==0.2.3
from gateplex import GateplexClient
client = GateplexClient(api_key="gplx_xxxxxxxxxxxxxxxxxxxx")
response = client.log_intercept(
agent_id="agent_abc123",
event_type="llm_call",
input="What is the capital of France?",
output="Paris",
model="gpt-4o",
latency_ms=312,
flagged=False
)
# v0.2.3 response fields
print(response.verdict) # ALLOW | FLAG | BLOCK | PENDING_APPROVAL
print(response.reasoning) # why the verdict was assigned
print(response.triggered_rules) # list of rules that matched
print(response.pii_types_detected) # detected PII categories
print(response.transaction_amount) # extracted amount, if any
# convenience properties
if response.is_blocked:
raise RuntimeError("Action blocked by governance policy")
if response.is_allowed:
pass # proceed normally
if response.is_flagged:
log_for_review(response)
if response.is_pending_approval:
handle_pending(response)When a FLAG rule has requires_approval enabled, the verdict is PENDING_APPROVAL and the agent action is held until a human reviewer approves or rejects it in the dashboard. The SDK can poll for the final decision with wait_for_approval.
response = client.log_intercept(
agent_id="agent_abc123",
event_type="tool_call",
input="Wire $24,000 to vendor ACME",
)
if response.is_pending_approval:
# blocks until a reviewer approves or rejects, or the timeout elapses
decision = client.wait_for_approval(
response.intercept_id,
timeout=300, # seconds
poll_interval=5, # seconds
)
if decision.is_approved:
execute_action()
else:
cancel_action(decision.reviewer_note)Source and full reference on GitHub.
Gateplex VPC Edition runs the governance engine inside your own AWS or Azure environment. Deploy with a single docker compose up command. No agent payload data leaves your perimeter. Contact sales@gateplex.ai to request access.