Skip to main content
The PromptGuard API is fully compatible with OpenAI’s API structure, making it a seamless drop-in replacement for your existing integrations.

Overview

PromptGuard provides two types of APIs:
API TypeBase URLAuthenticationPurpose
Developer APIhttps://api.promptguard.co/api/v1API Key (X-API-Key)AI requests, usage stats
Dashboard APIhttps://api.promptguard.co/dashboardSession CookieProject management, analytics

Authentication

All PromptGuard API endpoints require authentication. For the Developer API, you’ll use two keys:
  1. PromptGuard API key (in X-API-Key header) - Authenticates your PromptGuard account
  2. LLM provider key (in Authorization header) - Your OpenAI/Anthropic key that gets forwarded to the provider

Developer API Authentication

curl https://api.promptguard.co/api/v1/chat/completions \
  -H "X-API-Key: your_api_key" \
  -H "Authorization: Bearer YOUR_OPENAI_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "gpt-5-nano",
    "messages": [{"role": "user", "content": "Hello!"}]
  }'
For detailed authentication setup and code examples, see Authentication.

Dashboard API Authentication

For dashboard applications, use session-based authentication: 
curl https://api.promptguard.co/dashboard/projects \
  -H "Cookie: session=YOUR_SESSION_COOKIE"

Base URLs

EnvironmentURL
Productionhttps://api.promptguard.co/api/v1
Staginghttps://staging-api.promptguard.co/api/v1

Available Endpoints

Chat Completions (OpenAI Compatible)

The primary endpoint for AI requests. Fully compatible with OpenAI’s API: 
POST /chat/completions
Supported parameters:
  • model - Any supported LLM model (OpenAI, Anthropic, Google, Mistral, DeepSeek, Cohere, Groq, Azure OpenAI). See Supported LLM Providers for complete model list
  • messages - Array of message objects
  • temperature, max_tokens, top_p, etc.
  • stream - Enable streaming responses
  • user - Unique user identifier for tracking

Models

List available models: 
GET /models

Usage Statistics

Get your current usage: 
GET /usage/stats

Presets

List available security presets: 
GET /presets

Rate Limits

Rate limits vary by plan:
PlanMonthly LimitType
Free10,000 requestsHard limit (blocks when exceeded)
Pro100,000 requestsHard limit (blocks when exceeded)
Scale1,000,000 requestsSoft limit (alerts only, never blocks)
Infrastructure Rate Limiting: Cloud Armor enforces 100 requests per minute per IP address at the infrastructure level. This is separate from your monthly subscription limits and applies to all plans.
Rate limits are per API key. Distribute load across multiple keys if needed. Contact [email protected] for higher limits.

Response Headers

PromptGuard adds helpful headers to every response:
HeaderDescription
X-PromptGuard-Event-IDUnique identifier for tracking this request
X-PromptGuard-DecisionSecurity decision: allow, block, or redact

Error Handling

PromptGuard uses conventional HTTP response codes:
CodeDescriptionAction
200SuccessRequest processed normally
400Bad RequestCheck request format or security policy violation
401UnauthorizedVerify API key is valid
403ForbiddenCheck permissions or subscription status
429Too Many RequestsImplement exponential backoff
500Server ErrorRetry with backoff

Error Response Format

{
  "error": {
    "message": "Request blocked by security policy",
    "type": "policy_violation",
    "code": "prompt_injection_detected",
    "event_id": "evt_abc123xyz"
  }
}

Security Policy Violations

When a request is blocked for security reasons: 
{
  "error": {
    "message": "Prompt injection detected",
    "type": "policy_violation",
    "code": "prompt_injection_detected",
    "event_id": "evt_abc123xyz",
    "details": {
      "threat_type": "instruction_override",
      "confidence": 0.95
    }
  }
}

SDKs & Libraries

PromptGuard works with existing OpenAI/Anthropic SDKs by simply changing the base URL:

Node.js / TypeScript

Use the official OpenAI SDK with PromptGuard

Python

Use the official OpenAI Python library

React / Next.js

Frontend integration patterns

CLI Tool

Automatic code transformation

OpenAPI Specification

The complete OpenAPI specification is available for:
  • Auto-generating client libraries
  • API testing and validation
  • Documentation generation

Download OpenAPI Spec

Get the full OpenAPI specification for the Developer API

Next Steps

Quick Start

Get started with PromptGuard in 5 minutes

First Request

Make your first secure AI request

Authentication

Learn more about API key management

Security Policies

Configure protection for your use case