AI Guard API Reference

Base URL

ai-guard.<csp>.<region>.pangea.cloud

• OpenAPI Specification

post/v1/text/guard

cURL

Code Snippet Language

curl -sSLX POST 'https://ai-guard.aws.us.pangea.cloud/v1/text/guard' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'

Response

Raw Output

200

Code Snippet Language

---

Text Guard for scanning LLM inputs and outputs

POST

https://ai-guard.aws.us.pangea.cloud/v1/text/guard

Analyze and redact text to avoid manipulation of the model, addition of malicious content, and other undesirable data transfers.

messages

Structured messages data to be scanned by AI Guard for PII, sensitive data, malicious content, and other data types defined by the configuration. Supports processing up to 20 KiB of JSON text using models: AzureAi, Bedrock, Claude, Cohere, Dbrx, Falcon, Gemini, LangChain, Meta, Mistral, OpenAi, Pangea.

​

text

string

Text to be scanned by AI Guard for PII, sensitive data, malicious content, and other data types defined by the configuration. Supports processing up to 20 KiB of text.

​

recipe

string

(default: "pangea_prompt_guard")

Recipe key of a configuration of data types and settings defined in the Pangea User Console. It specifies the rules that are to be applied to the text, such as defang malicious URLs.

recipe

recipe

debug

boolean

(default: false)

Setting this value to true will provide a detailed analysis of the text data

debug

​

debug

overrides

object

code_detection

object

disabled

boolean

disabled

​

disabled

action

string

action

​

action

language_detection

disabled

boolean

disabled

​

disabled

prompt_injection

object

disabled

boolean

disabled

​

disabled

action

string

action

​

action

selfharm

object

disabled

boolean

disabled

​

disabled

action

string

action

​

action

gibberish

object

disabled

boolean

disabled

​

disabled

action

string

action

​

action

roleplay

object

disabled

boolean

disabled

​

disabled

action

string

action

​

action

sentiment

object

disabled

boolean

disabled

​

disabled

action

string

action

​

action

malicious_entity

object

disabled

boolean

disabled

​

disabled

ip_address

string

ip_address

​

ip_address

url

string

url

​

url

domain

string

domain

​

domain

pii_entity

object

disabled

boolean

disabled

​

disabled

email_address

string

email_address

​

email_address

nrp

string

nrp

​

nrp

location

string

location

​

location

person

string

person

​

person

phone_number

string

phone_number

​

phone_number

date_time

string

date_time

​

date_time

ip_address

string

ip_address

​

ip_address

url

string

url

​

url

money

string

money

​

money

credit_card

string

credit_card

​

credit_card

crypto

string

crypto

​

crypto

iban_code

string

iban_code

​

iban_code

us_bank_number

string

us_bank_number

​

us_bank_number

nif

string

nif

​

nif

fin/nric

string

fin/nric

​

fin/nric

au_abn

string

au_abn

​

au_abn

au_acn

string

au_acn

​

au_acn

au_tfn

string

au_tfn

​

au_tfn

medical_license

string

medical_license

​

medical_license

uk_nhs

string

uk_nhs

​

uk_nhs

au_medicare

string

au_medicare

​

au_medicare

us_drivers_license

string

us_drivers_license

​

us_drivers_license

us_itin

string

us_itin

​

us_itin

us_passport

string

us_passport

​

us_passport

us_ssn

string

us_ssn

​

us_ssn

secrets_detection

object

disabled

boolean

disabled

​

disabled

slack_token

string

slack_token

​

slack_token

rsa_private_key

string

rsa_private_key

​

rsa_private_key

ssh_dsa_private_key

string

ssh_dsa_private_key

​

ssh_dsa_private_key

ssh_ec_private_key

string

ssh_ec_private_key

​

ssh_ec_private_key

pgp_private_key_block

string

pgp_private_key_block

​

pgp_private_key_block

amazon_aws_access_key_id

string

amazon_aws_access_key_id

​

amazon_aws_access_key_id

amazon_aws_secret_access_key

string

amazon_aws_secret_access_key

​

amazon_aws_secret_access_key

amazon_mws_auth_token

string

amazon_mws_auth_token

​

amazon_mws_auth_token

facebook_access_token

string

facebook_access_token

​

facebook_access_token

github_access_token

string

github_access_token

​

github_access_token

jwt_token

string

jwt_token

​

jwt_token

google_api_key

string

google_api_key

​

google_api_key

google_cloud_platform_api_key

string

google_cloud_platform_api_key

​

google_cloud_platform_api_key

google_drive_api_key

string

google_drive_api_key

​

google_drive_api_key

google_cloud_platform_service_account

string

google_cloud_platform_service_account

​

google_cloud_platform_service_account

google_gmail_api_key

string

google_gmail_api_key

​

google_gmail_api_key

youtube_api_key

string

youtube_api_key

​

youtube_api_key

mailchimp_api_key

string

mailchimp_api_key

​

mailchimp_api_key

mailgun_api_key

string

mailgun_api_key

​

mailgun_api_key

basic_auth

string

basic_auth

​

basic_auth

picatic_api_key

string

picatic_api_key

​

picatic_api_key

slack_webhook

string

slack_webhook

​

slack_webhook

stripe_api_key

string

stripe_api_key

​

stripe_api_key

stripe_restricted_api_key

string

stripe_restricted_api_key

​

stripe_restricted_api_key

square_access_token

string

square_access_token

​

square_access_token

square_oauth_secret

string

square_oauth_secret

​

square_oauth_secret

twilio_api_key

string

twilio_api_key

​

twilio_api_key

pangea_token

string

pangea_token

​

pangea_token

log_fields

object

Additional fields to include in activity log.

citations

string

Origin or source application of the event. Examples: 'Slack', 'GDrive', 'Confluence', 'Workday'.

citations

citations

extra_info

string

Stores supplementary details related to the event.

extra_info

extra_info

model

string

Model used to perform the event. Example: '{model: gpt, version: 3.5}'.

model

model

source

string

IP address of user or app or agent.

source

source

tools

string

Tools used to perform the event. Example: '{tool:ai-guard}'.

tools

tools

Response Schema

object

Pangea standard response schema

result

object

prompt_text

string

Updated prompt text, if applicable.

prompt_messages

object

Updated structured prompt, if applicable.

blocked

boolean

Whether or not the prompt triggered a block detection.

recipe

string

The Recipe that was used.

detectors

object

Result of the recipe analyzing and input prompt.

prompt_injection

object

detected

boolean

Whether or not the Prompt Injection was detected.

data

object

Details about the analyzers.

action

string

The action taken by this Detector

analyzer_responses

array<object>

Triggered prompt injection analyzers.

analyzer

string

confidence

number

pii_entity

object

detected

boolean

Whether or not the PII Entities were detected.

data

object

Details about the detected entities.

entities

array<object>

Detected redaction rules.

action

string

The action taken on this Entity

type

string

value

string

redacted

boolean

start_pos

number

malicious_entity

object

detected

boolean

Whether or not the Malicious Entities were detected.

data

object

Details about the detected entities.

entities

array<object>

Detected harmful items.

type

string

value

string

redacted

boolean

start_pos

number

raw

object

custom_entity

object

detected

boolean

Whether or not the Custom Entities were detected.

data

object

Details about the detected entities.

entities

array<object>

Detected redaction rules.

action

string

The action taken on this Entity

type

string

value

string

redacted

boolean

start_pos

number

secrets_detection

object

detected

boolean

Whether or not the Secret Entities were detected.

data

object

Details about the detected entities.

entities

array<object>

Detected redaction rules.

action

string

The action taken on this Entity

type

string

value

string

redacted

boolean

start_pos

number

profanity_and_toxicity

object

detected

boolean

Whether or not the Toxic Entities were detected.

data

object

Details about the detected entities.

entities

array<object>

Detected redaction rules.

action

string

The action taken on this Entity

type

string

value

string

redacted

boolean

start_pos

number

language_detection

object

detected

boolean

Whether or not the Languages were detected.

data

object

Details about the detected languages.

action

string

The action taken by this Detector

language

string

code_detection

object

detected

boolean

Whether or not the Code was detected.

data

object

Details about the detected code.

action

string

The action taken by this Detector

language

string

fpe_context

string (base64)

If an FPE redaction method returned results, this will be the context passed to unredact.

request_id

string

A unique identifier assigned to each request made to the API. It is used to track and identify a specific request and its associated data. The request_id can be helpful for troubleshooting, auditing, and tracing the flow of requests within the system. It allows users to reference and retrieve information related to a particular request, such as the response, parameters, and raw data associated with that specific request.

"request_id":"prq_x6fdiizbon6j3bsdvnpmwxsz2aan7fqd"

request_time

string

The timestamp indicates the exact moment when a request is made to the API. It represents the date and time at which the request was initiated by the client. The request_time is useful for tracking and analyzing the timing of requests, measuring response times, and monitoring performance metrics. It allows users to determine the duration between the request initiation and the corresponding response, aiding in the assessment of API performance and latency.

"request_time":"2022-09-21T17:24:33.105Z"

response_time

string

Duration it takes for the API to process a request and generate a response. It represents the elapsed time from when the request is received by the API to when the corresponding response is returned to the client.

"response_time":"2022-09-21T17:24:34.007Z"

status

string

It represents the status or outcome of the API request made for IP information. It indicates the current state or condition of the request and provides information on the success or failure of the request.

"status":"success"

summary

string

Provides a concise and brief overview of the purpose or primary objective of the API endpoint. It serves as a high-level summary or description of the functionality or feature offered by the endpoint.