AI Guard Configuration API Reference

Base URL

ai-guard.<csp>.<region>.pangea.cloud

• AI Guard Documentation
• OpenAPI Specification

post/v1beta/config

cURL

Code Snippet Language

curl -sSLX POST 'https://ai-guard.aws.us.pangea.cloud/v1beta/config' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'

Response

Raw Output

200

Code Snippet Language

Get AI Guard config

POST

https://ai-guard.aws.us.pangea.cloud/v1beta/config

Retrieve an AI Guard service configuration by its ID.

required parameters

id

string

ID of an AI Guard service configuration

​

Response Fields

Response Schema

object

Pangea standard response schema

result

object

Configuration used by the AI Guard service

id

string

ID of an AI Guard service configuration

name

string

Human-readable name of the AI Guard service configuration

audit_data_activity

object

Configuration for enabling AI Guard Activity Log integration with Pangea Secure Audit Log.

When enabled, this logs AI Guard service interactions (including inputs, outputs, and detection results) to a tamperproof audit trail. You must provide a Secure Audit Log service configuration ID and specify at least one activity area to log, such as text_guard.

enabled

boolean

Whether activity logging is enabled for this configuration

audit_service_config_id

string

ID of the Secure Audit Log service configuration where activity events should be recorded

areas

object

Specifies which AI Guard API endpoints should generate audit log entries

text_guard

boolean

Logs events for requests to the /v1/text/guard endpoint

connections

object

Configuration for service integrations used by AI Guard detectors.

These connections allow AI Guard to leverage additional sources and services for risk detection, sensitive data redaction, analysis, and secret management.

For details, see the AI Guard Settings documentation.

prompt_guard

object

Analyzes prompts to identify malicious and harmful intents like prompt injections or attempts to misuse or abuse the LLM.

Used in the Malicious Prompt detector.

enabled

boolean

Whether the Prompt Guard integration is enabled for detecting prompt injection attempts

config_id

string

ID of the Prompt Guard service configuration to use

confidence_threshold

number

Minimum confidence level for a detection

• minimum: 0

• maximum: 1

ip_intel

object

Detects malicious IP addresses using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the IP Intel integration is enabled for detecting malicious IP addresses

config_id

string

ID of the IP Intel service configuration to use

reputation_provider

string

Provider of the IP reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

user_intel

object

Detects compromised user accounts using threat intelligence data

enabled

boolean

Whether the User Intel integration is enabled for detecting breached user accounts

config_id

string

ID of the User Intel service configuration to use

breach_provider

string

Provider of the user breach data

url_intel

object

Checks URL reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the URL Intel integration is enabled for detecting malicious URLs

config_id

string

ID of the URL Intel service configuration to use

reputation_provider

string

Provider of the URL reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

domain_intel

object

Checks domain reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the Domain Intel integration is enabled for detecting malicious domains

config_id

string

ID of the Domain Intel service configuration to use

reputation_provider

string

Provider of the domain reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

file_scan

object

Scans files for known malware

enabled

boolean

Whether the File Scan integration is enabled for detecting malicious files

config_id

string

ID of the File Scan service configuration to use

scan_provider

string

Malicious content and threats detection provider used for scanning

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

redact

object

Detects and redacts sensitive information from text.

Used in the Confidential and PII, Secret and Key Entity, and Custom Entity detectors.

enabled

boolean

Whether the Redact integration is enabled for identifying and removing sensitive information

config_id

string

ID of the Redact service configuration to use

vault

object

Securely manages secrets and keys required by the AI Guard service

config_id

string

ID of the Vault service configuration to use

lingua

object

Language detection and analysis

enabled

boolean

Whether the Lingua integration is enabled for detecting languages

code

object

Detects code snippets and programming languages

enabled

boolean

Whether the Code integration is enabled for detecting code snippets

recipes

object

Pattern Property: ^.*$

object

Defines an AI Guard recipe - a named configuration of detectors and redaction settings used to analyze and protect data flows in AI-powered applications.

Recipes specify which detectors are active, how they behave, and may include reusable settings such as FPE tweaks.

For details, see the AI Guard Recipes documentation.

name

string

Human-readable name of the recipe

description

string

Detailed description of the recipe's purpose or use case

version

string

(default: "v1")

Optional version identifier for the recipe. Can be used to track changes.

detectors

array<object>

Settings for AI Guard Detectors, including which detectors to enable and how they behave

detector_name

string

Identifier of the detector to apply, such as prompt_injection, pii_entity, or malicious_entity

state

string

(default: "disabled")

Specifies whether the detector is enabled or disabled in this configuration

settings

object

Detector-specific settings

rules

array<object>

List of detection and redaction rules applied by this detector

redact_rule_id

string

Identifier of the redaction rule to apply. This should match a rule defined in the Redact service.

redaction

Configuration for the redaction method applied to detected values.

Each rule supports one redaction type, such as masking, replacement, hashing, Format-Preserving Encryption (FPE), or detection-only mode. Additional parameters may be required depending on the selected redaction type.

For more details, see the AI Guard Recipe Actions documentation.

redaction_type

string

Redaction method to apply for this rule

redaction_value

string

Replacement string to use when redaction_type is replacement

partial_masking

object

Parameters to control how text is masked when redaction_type is partial_masking

masking_type

string

(default: "unmask")

Defines the masking strategy. Use unmask to specify how many characters to keep visible. Use mask to specify how many to hide.

unmasked_from_left

integer

Number of leading characters to leave unmasked when masking_type is unmask

• minimum: 0

unmasked_from_right

integer

Number of trailing characters to leave unmasked when masking_type is unmask

• minimum: 0

masked_from_left

integer

Number of leading characters to mask when masking_type is mask

• minimum: 0

masked_from_right

integer

Number of trailing characters to mask when masking_type is mask

• minimum: 0

chars_to_ignore

array<string>

List of characters that should not be masked (for example, hyphens or periods)

masking_char

string

(default: "*")

Character to use when masking text

• minLength: 1

• maxLength: 1

hash

object, null

Hash configuration when redaction_type is hash

fpe_alphabet

Alphabet used for Format-Preserving Encryption (FPE). Determines the character set for encryption.

block

boolean

If true, indicates that further processing should be stopped when this rule is triggered

disabled

boolean

If true, disables this specific rule even if the detector is enabled

reputation_check

boolean

If true, performs a reputation check using the configured intel provider. Applies to the Malicious Entity detector when using IP, URL, or Domain Intel services.

transform_if_malicious

boolean

If true, applies redaction or transformation when the detected value is determined to be malicious by intel analysis

connector_settings

object

Connector-level Redact configuration. These settings allow you to define reusable redaction parameters, such as FPE tweak value.

redact

object

Settings for Redact integration at the recipe level

fpe_tweak_vault_secret_id

string

ID of a Vault secret containing the tweak value used for Format-Preserving Encryption (FPE). Enables deterministic encryption, ensuring that identical inputs produce consistent encrypted outputs.

request_id

string

A unique identifier assigned to each request made to the API. It is used to track and identify a specific request and its associated data. The request_id can be helpful for troubleshooting, auditing, and tracing the flow of requests within the system. It allows users to reference and retrieve information related to a particular request, such as the response, parameters, and raw data associated with that specific request.

"request_id":"prq_x6fdiizbon6j3bsdvnpmwxsz2aan7fqd"

request_time

string

The timestamp indicates the exact moment when a request is made to the API. It represents the date and time at which the request was initiated by the client. The request_time is useful for tracking and analyzing the timing of requests, measuring response times, and monitoring performance metrics. It allows users to determine the duration between the request initiation and the corresponding response, aiding in the assessment of API performance and latency.

"request_time":"2022-09-21T17:24:33.105Z"

response_time

string

Duration it takes for the API to process a request and generate a response. It represents the elapsed time from when the request is received by the API to when the corresponding response is returned to the client.

"response_time":"2022-09-21T17:24:34.007Z"

status

string

It represents the status or outcome of the API request made for IP information. It indicates the current state or condition of the request and provides information on the success or failure of the request.

"status":"success"

summary

string

Provides a concise and brief overview of the purpose or primary objective of the API endpoint. It serves as a high-level summary or description of the functionality or feature offered by the endpoint.

post/v1beta/config/create

cURL

Code Snippet Language

curl -sSLX POST 'https://ai-guard.aws.us.pangea.cloud/v1beta/config/create' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'

This endpoint cannot be called through the documentation site

Create AI Guard config

POST

https://ai-guard.aws.us.pangea.cloud/v1beta/config/create

Create a new AI Guard service configuration.

required parameters

name

string

Human-readable name of the AI Guard service configuration

optional parameters

audit_data_activity

object

Configuration for enabling AI Guard Activity Log integration with Pangea Secure Audit Log.

When enabled, this logs AI Guard service interactions (including inputs, outputs, and detection results) to a tamperproof audit trail. You must provide a Secure Audit Log service configuration ID and specify at least one activity area to log, such as text_guard.

enabled

boolean

Whether activity logging is enabled for this configuration

audit_service_config_id

string

ID of the Secure Audit Log service configuration where activity events should be recorded

areas

object

Specifies which AI Guard API endpoints should generate audit log entries

text_guard

boolean

Logs events for requests to the /v1/text/guard endpoint

connections

object

Configuration for service integrations used by AI Guard detectors.

These connections allow AI Guard to leverage additional sources and services for risk detection, sensitive data redaction, analysis, and secret management.

For details, see the AI Guard Settings documentation.

prompt_guard

object

Analyzes prompts to identify malicious and harmful intents like prompt injections or attempts to misuse or abuse the LLM.

Used in the Malicious Prompt detector.

enabled

boolean

Whether the Prompt Guard integration is enabled for detecting prompt injection attempts

config_id

string

ID of the Prompt Guard service configuration to use

confidence_threshold

number

Minimum confidence level for a detection

• minimum: 0

• maximum: 1

ip_intel

object

Detects malicious IP addresses using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the IP Intel integration is enabled for detecting malicious IP addresses

config_id

string

ID of the IP Intel service configuration to use

reputation_provider

string

Provider of the IP reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

user_intel

object

Detects compromised user accounts using threat intelligence data

enabled

boolean

Whether the User Intel integration is enabled for detecting breached user accounts

config_id

string

ID of the User Intel service configuration to use

breach_provider

string

Provider of the user breach data

url_intel

object

Checks URL reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the URL Intel integration is enabled for detecting malicious URLs

config_id

string

ID of the URL Intel service configuration to use

reputation_provider

string

Provider of the URL reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

domain_intel

object

Checks domain reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the Domain Intel integration is enabled for detecting malicious domains

config_id

string

ID of the Domain Intel service configuration to use

reputation_provider

string

Provider of the domain reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

file_scan

object

Scans files for known malware

enabled

boolean

Whether the File Scan integration is enabled for detecting malicious files

config_id

string

ID of the File Scan service configuration to use

scan_provider

string

Malicious content and threats detection provider used for scanning

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

redact

object

Detects and redacts sensitive information from text.

Used in the Confidential and PII, Secret and Key Entity, and Custom Entity detectors.

enabled

boolean

Whether the Redact integration is enabled for identifying and removing sensitive information

config_id

string

ID of the Redact service configuration to use

vault

object

Securely manages secrets and keys required by the AI Guard service

config_id

string

ID of the Vault service configuration to use

lingua

object

Language detection and analysis

enabled

boolean

Whether the Lingua integration is enabled for detecting languages

code

object

Detects code snippets and programming languages

enabled

boolean

Whether the Code integration is enabled for detecting code snippets

recipes

object

Pattern Property: ^.*$

object

Defines an AI Guard recipe - a named configuration of detectors and redaction settings used to analyze and protect data flows in AI-powered applications.

Recipes specify which detectors are active, how they behave, and may include reusable settings such as FPE tweaks.

For details, see the AI Guard Recipes documentation.

name

string

Human-readable name of the recipe

description

string

Detailed description of the recipe's purpose or use case

version

string

(default: "v1")

Optional version identifier for the recipe. Can be used to track changes.

detectors

array<object>

Settings for AI Guard Detectors, including which detectors to enable and how they behave

detector_name

string

Identifier of the detector to apply, such as prompt_injection, pii_entity, or malicious_entity

state

string

(default: "disabled")

Specifies whether the detector is enabled or disabled in this configuration

settings

object

Detector-specific settings

rules

array<object>

List of detection and redaction rules applied by this detector

redact_rule_id

string

Identifier of the redaction rule to apply. This should match a rule defined in the Redact service.

redaction

Configuration for the redaction method applied to detected values.

Each rule supports one redaction type, such as masking, replacement, hashing, Format-Preserving Encryption (FPE), or detection-only mode. Additional parameters may be required depending on the selected redaction type.

For more details, see the AI Guard Recipe Actions documentation.

redaction_type

string

Redaction method to apply for this rule

redaction_value

string

Replacement string to use when redaction_type is replacement

partial_masking

object

Parameters to control how text is masked when redaction_type is partial_masking

masking_type

string

(default: "unmask")

Defines the masking strategy. Use unmask to specify how many characters to keep visible. Use mask to specify how many to hide.

unmasked_from_left

integer

Number of leading characters to leave unmasked when masking_type is unmask

• minimum: 0

unmasked_from_right

integer

Number of trailing characters to leave unmasked when masking_type is unmask

• minimum: 0

masked_from_left

integer

Number of leading characters to mask when masking_type is mask

• minimum: 0

masked_from_right

integer

Number of trailing characters to mask when masking_type is mask

• minimum: 0

chars_to_ignore

array<string>

List of characters that should not be masked (for example, hyphens or periods)

masking_char

string

(default: "*")

Character to use when masking text

• minLength: 1

• maxLength: 1

hash

object, null

Hash configuration when redaction_type is hash

fpe_alphabet

Alphabet used for Format-Preserving Encryption (FPE). Determines the character set for encryption.

block

boolean

If true, indicates that further processing should be stopped when this rule is triggered

disabled

boolean

If true, disables this specific rule even if the detector is enabled

reputation_check

boolean

If true, performs a reputation check using the configured intel provider. Applies to the Malicious Entity detector when using IP, URL, or Domain Intel services.

transform_if_malicious

boolean

If true, applies redaction or transformation when the detected value is determined to be malicious by intel analysis

connector_settings

object

Connector-level Redact configuration. These settings allow you to define reusable redaction parameters, such as FPE tweak value.

redact

object

Settings for Redact integration at the recipe level

fpe_tweak_vault_secret_id

string

ID of a Vault secret containing the tweak value used for Format-Preserving Encryption (FPE). Enables deterministic encryption, ensuring that identical inputs produce consistent encrypted outputs.

Response Fields

Response Schema

object

Pangea standard response schema

result

object

Configuration used by the AI Guard service

id

string

ID of an AI Guard service configuration

name

string

Human-readable name of the AI Guard service configuration

audit_data_activity

object

Configuration for enabling AI Guard Activity Log integration with Pangea Secure Audit Log.

When enabled, this logs AI Guard service interactions (including inputs, outputs, and detection results) to a tamperproof audit trail. You must provide a Secure Audit Log service configuration ID and specify at least one activity area to log, such as text_guard.

enabled

boolean

Whether activity logging is enabled for this configuration

audit_service_config_id

string

ID of the Secure Audit Log service configuration where activity events should be recorded

areas

object

Specifies which AI Guard API endpoints should generate audit log entries

text_guard

boolean

Logs events for requests to the /v1/text/guard endpoint

connections

object

Configuration for service integrations used by AI Guard detectors.

These connections allow AI Guard to leverage additional sources and services for risk detection, sensitive data redaction, analysis, and secret management.

For details, see the AI Guard Settings documentation.

prompt_guard

object

Analyzes prompts to identify malicious and harmful intents like prompt injections or attempts to misuse or abuse the LLM.

Used in the Malicious Prompt detector.

enabled

boolean

Whether the Prompt Guard integration is enabled for detecting prompt injection attempts

config_id

string

ID of the Prompt Guard service configuration to use

confidence_threshold

number

Minimum confidence level for a detection

• minimum: 0

• maximum: 1

ip_intel

object

Detects malicious IP addresses using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the IP Intel integration is enabled for detecting malicious IP addresses

config_id

string

ID of the IP Intel service configuration to use

reputation_provider

string

Provider of the IP reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

user_intel

object

Detects compromised user accounts using threat intelligence data

enabled

boolean

Whether the User Intel integration is enabled for detecting breached user accounts

config_id

string

ID of the User Intel service configuration to use

breach_provider

string

Provider of the user breach data

url_intel

object

Checks URL reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the URL Intel integration is enabled for detecting malicious URLs

config_id

string

ID of the URL Intel service configuration to use

reputation_provider

string

Provider of the URL reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

domain_intel

object

Checks domain reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the Domain Intel integration is enabled for detecting malicious domains

config_id

string

ID of the Domain Intel service configuration to use

reputation_provider

string

Provider of the domain reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

file_scan

object

Scans files for known malware

enabled

boolean

Whether the File Scan integration is enabled for detecting malicious files

config_id

string

ID of the File Scan service configuration to use

scan_provider

string

Malicious content and threats detection provider used for scanning

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

redact

object

Detects and redacts sensitive information from text.

Used in the Confidential and PII, Secret and Key Entity, and Custom Entity detectors.

enabled

boolean

Whether the Redact integration is enabled for identifying and removing sensitive information

config_id

string

ID of the Redact service configuration to use

vault

object

Securely manages secrets and keys required by the AI Guard service

config_id

string

ID of the Vault service configuration to use

lingua

object

Language detection and analysis

enabled

boolean

Whether the Lingua integration is enabled for detecting languages

code

object

Detects code snippets and programming languages

enabled

boolean

Whether the Code integration is enabled for detecting code snippets

recipes

object

Pattern Property: ^.*$

object

Defines an AI Guard recipe - a named configuration of detectors and redaction settings used to analyze and protect data flows in AI-powered applications.

Recipes specify which detectors are active, how they behave, and may include reusable settings such as FPE tweaks.

For details, see the AI Guard Recipes documentation.

name

string

Human-readable name of the recipe

description

string

Detailed description of the recipe's purpose or use case

version

string

(default: "v1")

Optional version identifier for the recipe. Can be used to track changes.

detectors

array<object>

Settings for AI Guard Detectors, including which detectors to enable and how they behave

detector_name

string

Identifier of the detector to apply, such as prompt_injection, pii_entity, or malicious_entity

state

string

(default: "disabled")

Specifies whether the detector is enabled or disabled in this configuration

settings

object

Detector-specific settings

rules

array<object>

List of detection and redaction rules applied by this detector

redact_rule_id

string

Identifier of the redaction rule to apply. This should match a rule defined in the Redact service.

redaction

Configuration for the redaction method applied to detected values.

Each rule supports one redaction type, such as masking, replacement, hashing, Format-Preserving Encryption (FPE), or detection-only mode. Additional parameters may be required depending on the selected redaction type.

For more details, see the AI Guard Recipe Actions documentation.

redaction_type

string

Redaction method to apply for this rule

redaction_value

string

Replacement string to use when redaction_type is replacement

partial_masking

object

Parameters to control how text is masked when redaction_type is partial_masking

masking_type

string

(default: "unmask")

Defines the masking strategy. Use unmask to specify how many characters to keep visible. Use mask to specify how many to hide.

unmasked_from_left

integer

Number of leading characters to leave unmasked when masking_type is unmask

• minimum: 0

unmasked_from_right

integer

Number of trailing characters to leave unmasked when masking_type is unmask

• minimum: 0

masked_from_left

integer

Number of leading characters to mask when masking_type is mask

• minimum: 0

masked_from_right

integer

Number of trailing characters to mask when masking_type is mask

• minimum: 0

chars_to_ignore

array<string>

List of characters that should not be masked (for example, hyphens or periods)

masking_char

string

(default: "*")

Character to use when masking text

• minLength: 1

• maxLength: 1

hash

object, null

Hash configuration when redaction_type is hash

fpe_alphabet

Alphabet used for Format-Preserving Encryption (FPE). Determines the character set for encryption.

block

boolean

If true, indicates that further processing should be stopped when this rule is triggered

disabled

boolean

If true, disables this specific rule even if the detector is enabled

reputation_check

boolean

If true, performs a reputation check using the configured intel provider. Applies to the Malicious Entity detector when using IP, URL, or Domain Intel services.

transform_if_malicious

boolean

If true, applies redaction or transformation when the detected value is determined to be malicious by intel analysis

connector_settings

object

Connector-level Redact configuration. These settings allow you to define reusable redaction parameters, such as FPE tweak value.

redact

object

Settings for Redact integration at the recipe level

fpe_tweak_vault_secret_id

string

ID of a Vault secret containing the tweak value used for Format-Preserving Encryption (FPE). Enables deterministic encryption, ensuring that identical inputs produce consistent encrypted outputs.

request_id

string

A unique identifier assigned to each request made to the API. It is used to track and identify a specific request and its associated data. The request_id can be helpful for troubleshooting, auditing, and tracing the flow of requests within the system. It allows users to reference and retrieve information related to a particular request, such as the response, parameters, and raw data associated with that specific request.

"request_id":"prq_x6fdiizbon6j3bsdvnpmwxsz2aan7fqd"

request_time

string

The timestamp indicates the exact moment when a request is made to the API. It represents the date and time at which the request was initiated by the client. The request_time is useful for tracking and analyzing the timing of requests, measuring response times, and monitoring performance metrics. It allows users to determine the duration between the request initiation and the corresponding response, aiding in the assessment of API performance and latency.

"request_time":"2022-09-21T17:24:33.105Z"

response_time

string

Duration it takes for the API to process a request and generate a response. It represents the elapsed time from when the request is received by the API to when the corresponding response is returned to the client.

"response_time":"2022-09-21T17:24:34.007Z"

status

string

It represents the status or outcome of the API request made for IP information. It indicates the current state or condition of the request and provides information on the success or failure of the request.

"status":"success"

summary

string

Provides a concise and brief overview of the purpose or primary objective of the API endpoint. It serves as a high-level summary or description of the functionality or feature offered by the endpoint.

post/v1beta/config/update

cURL

Code Snippet Language

curl -sSLX POST 'https://ai-guard.aws.us.pangea.cloud/v1beta/config/update' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'

This endpoint cannot be called through the documentation site

Update AI Guard config

POST

https://ai-guard.aws.us.pangea.cloud/v1beta/config/update

Update an AI Guard service configuration.

To update a configuration, first retrieve the current version, apply your changes, and submit the updated configuration to this endpoint.

For a full example using a Project Admin management client, see the Service Configuration APIs documentation.

required parameters

id

string

ID of an AI Guard service configuration

name

string

Human-readable name of the AI Guard service configuration

optional parameters

audit_data_activity

object

Configuration for enabling AI Guard Activity Log integration with Pangea Secure Audit Log.

When enabled, this logs AI Guard service interactions (including inputs, outputs, and detection results) to a tamperproof audit trail. You must provide a Secure Audit Log service configuration ID and specify at least one activity area to log, such as text_guard.

enabled

boolean

Whether activity logging is enabled for this configuration

audit_service_config_id

string

ID of the Secure Audit Log service configuration where activity events should be recorded

areas

object

Specifies which AI Guard API endpoints should generate audit log entries

text_guard

boolean

Logs events for requests to the /v1/text/guard endpoint

connections

object

Configuration for service integrations used by AI Guard detectors.

These connections allow AI Guard to leverage additional sources and services for risk detection, sensitive data redaction, analysis, and secret management.

For details, see the AI Guard Settings documentation.

prompt_guard

object

Analyzes prompts to identify malicious and harmful intents like prompt injections or attempts to misuse or abuse the LLM.

Used in the Malicious Prompt detector.

enabled

boolean

Whether the Prompt Guard integration is enabled for detecting prompt injection attempts

config_id

string

ID of the Prompt Guard service configuration to use

confidence_threshold

number

Minimum confidence level for a detection

• minimum: 0

• maximum: 1

ip_intel

object

Detects malicious IP addresses using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the IP Intel integration is enabled for detecting malicious IP addresses

config_id

string

ID of the IP Intel service configuration to use

reputation_provider

string

Provider of the IP reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

user_intel

object

Detects compromised user accounts using threat intelligence data

enabled

boolean

Whether the User Intel integration is enabled for detecting breached user accounts

config_id

string

ID of the User Intel service configuration to use

breach_provider

string

Provider of the user breach data

url_intel

object

Checks URL reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the URL Intel integration is enabled for detecting malicious URLs

config_id

string

ID of the URL Intel service configuration to use

reputation_provider

string

Provider of the URL reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

domain_intel

object

Checks domain reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the Domain Intel integration is enabled for detecting malicious domains

config_id

string

ID of the Domain Intel service configuration to use

reputation_provider

string

Provider of the domain reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

file_scan

object

Scans files for known malware

enabled

boolean

Whether the File Scan integration is enabled for detecting malicious files

config_id

string

ID of the File Scan service configuration to use

scan_provider

string

Malicious content and threats detection provider used for scanning

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

redact

object

Detects and redacts sensitive information from text.

Used in the Confidential and PII, Secret and Key Entity, and Custom Entity detectors.

enabled

boolean

Whether the Redact integration is enabled for identifying and removing sensitive information

config_id

string

ID of the Redact service configuration to use

vault

object

Securely manages secrets and keys required by the AI Guard service

config_id

string

ID of the Vault service configuration to use

lingua

object

Language detection and analysis

enabled

boolean

Whether the Lingua integration is enabled for detecting languages

code

object

Detects code snippets and programming languages

enabled

boolean

Whether the Code integration is enabled for detecting code snippets

recipes

object

Pattern Property: ^.*$

object

Defines an AI Guard recipe - a named configuration of detectors and redaction settings used to analyze and protect data flows in AI-powered applications.

Recipes specify which detectors are active, how they behave, and may include reusable settings such as FPE tweaks.

For details, see the AI Guard Recipes documentation.

name

string

Human-readable name of the recipe

description

string

Detailed description of the recipe's purpose or use case

version

string

(default: "v1")

Optional version identifier for the recipe. Can be used to track changes.

detectors

array<object>

Settings for AI Guard Detectors, including which detectors to enable and how they behave

detector_name

string

Identifier of the detector to apply, such as prompt_injection, pii_entity, or malicious_entity

state

string

(default: "disabled")

Specifies whether the detector is enabled or disabled in this configuration

settings

object

Detector-specific settings

rules

array<object>

List of detection and redaction rules applied by this detector

redact_rule_id

string

Identifier of the redaction rule to apply. This should match a rule defined in the Redact service.

redaction

Configuration for the redaction method applied to detected values.

Each rule supports one redaction type, such as masking, replacement, hashing, Format-Preserving Encryption (FPE), or detection-only mode. Additional parameters may be required depending on the selected redaction type.

For more details, see the AI Guard Recipe Actions documentation.

redaction_type

string

Redaction method to apply for this rule

redaction_value

string

Replacement string to use when redaction_type is replacement

partial_masking

object

Parameters to control how text is masked when redaction_type is partial_masking

masking_type

string

(default: "unmask")

Defines the masking strategy. Use unmask to specify how many characters to keep visible. Use mask to specify how many to hide.

unmasked_from_left

integer

Number of leading characters to leave unmasked when masking_type is unmask

• minimum: 0

unmasked_from_right

integer

Number of trailing characters to leave unmasked when masking_type is unmask

• minimum: 0

masked_from_left

integer

Number of leading characters to mask when masking_type is mask

• minimum: 0

masked_from_right

integer

Number of trailing characters to mask when masking_type is mask

• minimum: 0

chars_to_ignore

array<string>

List of characters that should not be masked (for example, hyphens or periods)

masking_char

string

(default: "*")

Character to use when masking text

• minLength: 1

• maxLength: 1

hash

object, null

Hash configuration when redaction_type is hash

fpe_alphabet

Alphabet used for Format-Preserving Encryption (FPE). Determines the character set for encryption.

block

boolean

If true, indicates that further processing should be stopped when this rule is triggered

disabled

boolean

If true, disables this specific rule even if the detector is enabled

reputation_check

boolean

If true, performs a reputation check using the configured intel provider. Applies to the Malicious Entity detector when using IP, URL, or Domain Intel services.

transform_if_malicious

boolean

If true, applies redaction or transformation when the detected value is determined to be malicious by intel analysis

connector_settings

object

Connector-level Redact configuration. These settings allow you to define reusable redaction parameters, such as FPE tweak value.

redact

object

Settings for Redact integration at the recipe level

fpe_tweak_vault_secret_id

string

ID of a Vault secret containing the tweak value used for Format-Preserving Encryption (FPE). Enables deterministic encryption, ensuring that identical inputs produce consistent encrypted outputs.

Response Fields

Response Schema

object

Pangea standard response schema

result

object

Configuration used by the AI Guard service

id

string

ID of an AI Guard service configuration

name

string

Human-readable name of the AI Guard service configuration

audit_data_activity

object

Configuration for enabling AI Guard Activity Log integration with Pangea Secure Audit Log.

When enabled, this logs AI Guard service interactions (including inputs, outputs, and detection results) to a tamperproof audit trail. You must provide a Secure Audit Log service configuration ID and specify at least one activity area to log, such as text_guard.

enabled

boolean

Whether activity logging is enabled for this configuration

audit_service_config_id

string

ID of the Secure Audit Log service configuration where activity events should be recorded

areas

object

Specifies which AI Guard API endpoints should generate audit log entries

text_guard

boolean

Logs events for requests to the /v1/text/guard endpoint

connections

object

Configuration for service integrations used by AI Guard detectors.

These connections allow AI Guard to leverage additional sources and services for risk detection, sensitive data redaction, analysis, and secret management.

For details, see the AI Guard Settings documentation.

prompt_guard

object

Analyzes prompts to identify malicious and harmful intents like prompt injections or attempts to misuse or abuse the LLM.

Used in the Malicious Prompt detector.

enabled

boolean

Whether the Prompt Guard integration is enabled for detecting prompt injection attempts

config_id

string

ID of the Prompt Guard service configuration to use

confidence_threshold

number

Minimum confidence level for a detection

• minimum: 0

• maximum: 1

ip_intel

object

Detects malicious IP addresses using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the IP Intel integration is enabled for detecting malicious IP addresses

config_id

string

ID of the IP Intel service configuration to use

reputation_provider

string

Provider of the IP reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

user_intel

object

Detects compromised user accounts using threat intelligence data

enabled

boolean

Whether the User Intel integration is enabled for detecting breached user accounts

config_id

string

ID of the User Intel service configuration to use

breach_provider

string

Provider of the user breach data

url_intel

object

Checks URL reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the URL Intel integration is enabled for detecting malicious URLs

config_id

string

ID of the URL Intel service configuration to use

reputation_provider

string

Provider of the URL reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

domain_intel

object

Checks domain reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the Domain Intel integration is enabled for detecting malicious domains

config_id

string

ID of the Domain Intel service configuration to use

reputation_provider

string

Provider of the domain reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

file_scan

object

Scans files for known malware

enabled

boolean

Whether the File Scan integration is enabled for detecting malicious files

config_id

string

ID of the File Scan service configuration to use

scan_provider

string

Malicious content and threats detection provider used for scanning

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

redact

object

Detects and redacts sensitive information from text.

Used in the Confidential and PII, Secret and Key Entity, and Custom Entity detectors.

enabled

boolean

Whether the Redact integration is enabled for identifying and removing sensitive information

config_id

string

ID of the Redact service configuration to use

vault

object

Securely manages secrets and keys required by the AI Guard service

config_id

string

ID of the Vault service configuration to use

lingua

object

Language detection and analysis

enabled

boolean

Whether the Lingua integration is enabled for detecting languages

code

object

Detects code snippets and programming languages

enabled

boolean

Whether the Code integration is enabled for detecting code snippets

recipes

object

Pattern Property: ^.*$

object

Defines an AI Guard recipe - a named configuration of detectors and redaction settings used to analyze and protect data flows in AI-powered applications.

Recipes specify which detectors are active, how they behave, and may include reusable settings such as FPE tweaks.

For details, see the AI Guard Recipes documentation.

name

string

Human-readable name of the recipe

description

string

Detailed description of the recipe's purpose or use case

version

string

(default: "v1")

Optional version identifier for the recipe. Can be used to track changes.

detectors

array<object>

Settings for AI Guard Detectors, including which detectors to enable and how they behave

detector_name

string

Identifier of the detector to apply, such as prompt_injection, pii_entity, or malicious_entity

state

string

(default: "disabled")

Specifies whether the detector is enabled or disabled in this configuration

settings

object

Detector-specific settings

rules

array<object>

List of detection and redaction rules applied by this detector

redact_rule_id

string

Identifier of the redaction rule to apply. This should match a rule defined in the Redact service.

redaction

Configuration for the redaction method applied to detected values.

Each rule supports one redaction type, such as masking, replacement, hashing, Format-Preserving Encryption (FPE), or detection-only mode. Additional parameters may be required depending on the selected redaction type.

For more details, see the AI Guard Recipe Actions documentation.

redaction_type

string

Redaction method to apply for this rule

redaction_value

string

Replacement string to use when redaction_type is replacement

partial_masking

object

Parameters to control how text is masked when redaction_type is partial_masking

masking_type

string

(default: "unmask")

Defines the masking strategy. Use unmask to specify how many characters to keep visible. Use mask to specify how many to hide.

unmasked_from_left

integer

Number of leading characters to leave unmasked when masking_type is unmask

• minimum: 0

unmasked_from_right

integer

Number of trailing characters to leave unmasked when masking_type is unmask

• minimum: 0

masked_from_left

integer

Number of leading characters to mask when masking_type is mask

• minimum: 0

masked_from_right

integer

Number of trailing characters to mask when masking_type is mask

• minimum: 0

chars_to_ignore

array<string>

List of characters that should not be masked (for example, hyphens or periods)

masking_char

string

(default: "*")

Character to use when masking text

• minLength: 1

• maxLength: 1

hash

object, null

Hash configuration when redaction_type is hash

fpe_alphabet

Alphabet used for Format-Preserving Encryption (FPE). Determines the character set for encryption.

block

boolean

If true, indicates that further processing should be stopped when this rule is triggered

disabled

boolean

If true, disables this specific rule even if the detector is enabled

reputation_check

boolean

If true, performs a reputation check using the configured intel provider. Applies to the Malicious Entity detector when using IP, URL, or Domain Intel services.

transform_if_malicious

boolean

If true, applies redaction or transformation when the detected value is determined to be malicious by intel analysis

connector_settings

object

Connector-level Redact configuration. These settings allow you to define reusable redaction parameters, such as FPE tweak value.

redact

object

Settings for Redact integration at the recipe level

fpe_tweak_vault_secret_id

string

ID of a Vault secret containing the tweak value used for Format-Preserving Encryption (FPE). Enables deterministic encryption, ensuring that identical inputs produce consistent encrypted outputs.

request_id

string

A unique identifier assigned to each request made to the API. It is used to track and identify a specific request and its associated data. The request_id can be helpful for troubleshooting, auditing, and tracing the flow of requests within the system. It allows users to reference and retrieve information related to a particular request, such as the response, parameters, and raw data associated with that specific request.

"request_id":"prq_x6fdiizbon6j3bsdvnpmwxsz2aan7fqd"

request_time

string

The timestamp indicates the exact moment when a request is made to the API. It represents the date and time at which the request was initiated by the client. The request_time is useful for tracking and analyzing the timing of requests, measuring response times, and monitoring performance metrics. It allows users to determine the duration between the request initiation and the corresponding response, aiding in the assessment of API performance and latency.

"request_time":"2022-09-21T17:24:33.105Z"

response_time

string

Duration it takes for the API to process a request and generate a response. It represents the elapsed time from when the request is received by the API to when the corresponding response is returned to the client.

"response_time":"2022-09-21T17:24:34.007Z"

status

string

It represents the status or outcome of the API request made for IP information. It indicates the current state or condition of the request and provides information on the success or failure of the request.

"status":"success"

summary

string

Provides a concise and brief overview of the purpose or primary objective of the API endpoint. It serves as a high-level summary or description of the functionality or feature offered by the endpoint.

post/v1beta/config/delete

cURL

Code Snippet Language

curl -sSLX POST 'https://ai-guard.aws.us.pangea.cloud/v1beta/config/delete' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'

This endpoint cannot be called through the documentation site

Delete AI Guard config

POST

https://ai-guard.aws.us.pangea.cloud/v1beta/config/delete

Delete an AI Guard service configuration.

required parameters

id

string

ID of an AI Guard service configuration

Response Fields

Response Schema

object

Pangea standard response schema

result

object

Configuration used by the AI Guard service

id

string

ID of an AI Guard service configuration

name

string

Human-readable name of the AI Guard service configuration

audit_data_activity

object

Configuration for enabling AI Guard Activity Log integration with Pangea Secure Audit Log.

When enabled, this logs AI Guard service interactions (including inputs, outputs, and detection results) to a tamperproof audit trail. You must provide a Secure Audit Log service configuration ID and specify at least one activity area to log, such as text_guard.

enabled

boolean

Whether activity logging is enabled for this configuration

audit_service_config_id

string

ID of the Secure Audit Log service configuration where activity events should be recorded

areas

object

Specifies which AI Guard API endpoints should generate audit log entries

text_guard

boolean

Logs events for requests to the /v1/text/guard endpoint

connections

object

Configuration for service integrations used by AI Guard detectors.

These connections allow AI Guard to leverage additional sources and services for risk detection, sensitive data redaction, analysis, and secret management.

For details, see the AI Guard Settings documentation.

prompt_guard

object

Analyzes prompts to identify malicious and harmful intents like prompt injections or attempts to misuse or abuse the LLM.

Used in the Malicious Prompt detector.

enabled

boolean

Whether the Prompt Guard integration is enabled for detecting prompt injection attempts

config_id

string

ID of the Prompt Guard service configuration to use

confidence_threshold

number

Minimum confidence level for a detection

• minimum: 0

• maximum: 1

ip_intel

object

Detects malicious IP addresses using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the IP Intel integration is enabled for detecting malicious IP addresses

config_id

string

ID of the IP Intel service configuration to use

reputation_provider

string

Provider of the IP reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

user_intel

object

Detects compromised user accounts using threat intelligence data

enabled

boolean

Whether the User Intel integration is enabled for detecting breached user accounts

config_id

string

ID of the User Intel service configuration to use

breach_provider

string

Provider of the user breach data

url_intel

object

Checks URL reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the URL Intel integration is enabled for detecting malicious URLs

config_id

string

ID of the URL Intel service configuration to use

reputation_provider

string

Provider of the URL reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

domain_intel

object

Checks domain reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the Domain Intel integration is enabled for detecting malicious domains

config_id

string

ID of the Domain Intel service configuration to use

reputation_provider

string

Provider of the domain reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

file_scan

object

Scans files for known malware

enabled

boolean

Whether the File Scan integration is enabled for detecting malicious files

config_id

string

ID of the File Scan service configuration to use

scan_provider

string

Malicious content and threats detection provider used for scanning

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

redact

object

Detects and redacts sensitive information from text.

Used in the Confidential and PII, Secret and Key Entity, and Custom Entity detectors.

enabled

boolean

Whether the Redact integration is enabled for identifying and removing sensitive information

config_id

string

ID of the Redact service configuration to use

vault

object

Securely manages secrets and keys required by the AI Guard service

config_id

string

ID of the Vault service configuration to use

lingua

object

Language detection and analysis

enabled

boolean

Whether the Lingua integration is enabled for detecting languages

code

object

Detects code snippets and programming languages

enabled

boolean

Whether the Code integration is enabled for detecting code snippets

recipes

object

Pattern Property: ^.*$

object

Defines an AI Guard recipe - a named configuration of detectors and redaction settings used to analyze and protect data flows in AI-powered applications.

Recipes specify which detectors are active, how they behave, and may include reusable settings such as FPE tweaks.

For details, see the AI Guard Recipes documentation.

name

string

Human-readable name of the recipe

description

string

Detailed description of the recipe's purpose or use case

version

string

(default: "v1")

Optional version identifier for the recipe. Can be used to track changes.

detectors

array<object>

Settings for AI Guard Detectors, including which detectors to enable and how they behave

detector_name

string

Identifier of the detector to apply, such as prompt_injection, pii_entity, or malicious_entity

state

string

(default: "disabled")

Specifies whether the detector is enabled or disabled in this configuration

settings

object

Detector-specific settings

rules

array<object>

List of detection and redaction rules applied by this detector

redact_rule_id

string

Identifier of the redaction rule to apply. This should match a rule defined in the Redact service.

redaction

Configuration for the redaction method applied to detected values.

Each rule supports one redaction type, such as masking, replacement, hashing, Format-Preserving Encryption (FPE), or detection-only mode. Additional parameters may be required depending on the selected redaction type.

For more details, see the AI Guard Recipe Actions documentation.

redaction_type

string

Redaction method to apply for this rule

redaction_value

string

Replacement string to use when redaction_type is replacement

partial_masking

object

Parameters to control how text is masked when redaction_type is partial_masking

masking_type

string

(default: "unmask")

Defines the masking strategy. Use unmask to specify how many characters to keep visible. Use mask to specify how many to hide.

unmasked_from_left

integer

Number of leading characters to leave unmasked when masking_type is unmask

• minimum: 0

unmasked_from_right

integer

Number of trailing characters to leave unmasked when masking_type is unmask

• minimum: 0

masked_from_left

integer

Number of leading characters to mask when masking_type is mask

• minimum: 0

masked_from_right

integer

Number of trailing characters to mask when masking_type is mask

• minimum: 0

chars_to_ignore

array<string>

List of characters that should not be masked (for example, hyphens or periods)

masking_char

string

(default: "*")

Character to use when masking text

• minLength: 1

• maxLength: 1

hash

object, null

Hash configuration when redaction_type is hash

fpe_alphabet

Alphabet used for Format-Preserving Encryption (FPE). Determines the character set for encryption.

block

boolean

If true, indicates that further processing should be stopped when this rule is triggered

disabled

boolean

If true, disables this specific rule even if the detector is enabled

reputation_check

boolean

If true, performs a reputation check using the configured intel provider. Applies to the Malicious Entity detector when using IP, URL, or Domain Intel services.

transform_if_malicious

boolean

If true, applies redaction or transformation when the detected value is determined to be malicious by intel analysis

connector_settings

object

Connector-level Redact configuration. These settings allow you to define reusable redaction parameters, such as FPE tweak value.

redact

object

Settings for Redact integration at the recipe level

fpe_tweak_vault_secret_id

string

ID of a Vault secret containing the tweak value used for Format-Preserving Encryption (FPE). Enables deterministic encryption, ensuring that identical inputs produce consistent encrypted outputs.

request_id

string

A unique identifier assigned to each request made to the API. It is used to track and identify a specific request and its associated data. The request_id can be helpful for troubleshooting, auditing, and tracing the flow of requests within the system. It allows users to reference and retrieve information related to a particular request, such as the response, parameters, and raw data associated with that specific request.

"request_id":"prq_x6fdiizbon6j3bsdvnpmwxsz2aan7fqd"

request_time

string

The timestamp indicates the exact moment when a request is made to the API. It represents the date and time at which the request was initiated by the client. The request_time is useful for tracking and analyzing the timing of requests, measuring response times, and monitoring performance metrics. It allows users to determine the duration between the request initiation and the corresponding response, aiding in the assessment of API performance and latency.

"request_time":"2022-09-21T17:24:33.105Z"

response_time

string

Duration it takes for the API to process a request and generate a response. It represents the elapsed time from when the request is received by the API to when the corresponding response is returned to the client.

"response_time":"2022-09-21T17:24:34.007Z"

status

string

It represents the status or outcome of the API request made for IP information. It indicates the current state or condition of the request and provides information on the success or failure of the request.

"status":"success"

summary

string

Provides a concise and brief overview of the purpose or primary objective of the API endpoint. It serves as a high-level summary or description of the functionality or feature offered by the endpoint.

post/v1beta/config/list

cURL

Code Snippet Language

curl -sSLX POST 'https://ai-guard.aws.us.pangea.cloud/v1beta/config/list' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'

Response

Raw Output

200

Code Snippet Language

List AI Guard configs

POST

https://ai-guard.aws.us.pangea.cloud/v1beta/config/list

Retrieve a paginated list of AI Guard service configurations.

fields

filter

object

id

string

Only records where id equals this value.

id

id

id__contains

array<string>

Only records where id includes each substring.

Click 'Save' to use the value

id__in

array<string>

Only records where id equals one of the provided substrings.

Click 'Save' to use the value

created_at

string (date-time)

Only records where created_at equals this value.

created_at

created_at

created_at__gt

string (date-time)

Only records where created_at is greater than this value.

created_at__gt

created_at__gt

created_at__gte

string (date-time)

Only records where created_at is greater than or equal to this value.

created_at__gte

created_at__gte

created_at__lt

string (date-time)

Only records where created_at is less than this value.

created_at__lt

created_at__lt

created_at__lte

string (date-time)

Only records where created_at is less than or equal to this value.

created_at__lte

created_at__lte

updated_at

string (date-time)

Only records where updated_at equals this value.

updated_at

updated_at

updated_at__gt

string (date-time)

Only records where updated_at is greater than this value.

updated_at__gt

updated_at__gt

updated_at__gte

string (date-time)

Only records where updated_at is greater than or equal to this value.

updated_at__gte

updated_at__gte

updated_at__lt

string (date-time)

Only records where updated_at is less than this value.

updated_at__lt

updated_at__lt

updated_at__lte

string (date-time)

Only records where updated_at is less than or equal to this value.

updated_at__lte

updated_at__lte

last

string

Base64-encoded pagination cursor from the previous response, used to retrieve the next page of results

​

order

string

Order results asc(ending) or desc(ending).

order

​

order

order_by

string

Which field to order results by.

order_by

​

order_by

size

integer

Maximum results to include in the response.

• minimum: 1

size

size

Response Fields

Response Schema

object

Pangea standard response schema

result

object

count

integer

Number of service configs matched by the list request

last

string

Base64-encoded pagination cursor from the previous response, used to retrieve the next page of results

items

array<object>

id

string

ID of an AI Guard service configuration

name

string

Human-readable name of the AI Guard service configuration

audit_data_activity

object

Configuration for enabling AI Guard Activity Log integration with Pangea Secure Audit Log.

When enabled, this logs AI Guard service interactions (including inputs, outputs, and detection results) to a tamperproof audit trail. You must provide a Secure Audit Log service configuration ID and specify at least one activity area to log, such as text_guard.

enabled

boolean

Whether activity logging is enabled for this configuration

audit_service_config_id

string

ID of the Secure Audit Log service configuration where activity events should be recorded

areas

object

Specifies which AI Guard API endpoints should generate audit log entries

text_guard

boolean

Logs events for requests to the /v1/text/guard endpoint

connections

object

Configuration for service integrations used by AI Guard detectors.

These connections allow AI Guard to leverage additional sources and services for risk detection, sensitive data redaction, analysis, and secret management.

For details, see the AI Guard Settings documentation.

prompt_guard

object

Analyzes prompts to identify malicious and harmful intents like prompt injections or attempts to misuse or abuse the LLM.

Used in the Malicious Prompt detector.

enabled

boolean

Whether the Prompt Guard integration is enabled for detecting prompt injection attempts

config_id

string

ID of the Prompt Guard service configuration to use

confidence_threshold

number

Minimum confidence level for a detection

• minimum: 0

• maximum: 1

ip_intel

object

Detects malicious IP addresses using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the IP Intel integration is enabled for detecting malicious IP addresses

config_id

string

ID of the IP Intel service configuration to use

reputation_provider

string

Provider of the IP reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

user_intel

object

Detects compromised user accounts using threat intelligence data

enabled

boolean

Whether the User Intel integration is enabled for detecting breached user accounts

config_id

string

ID of the User Intel service configuration to use

breach_provider

string

Provider of the user breach data

url_intel

object

Checks URL reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the URL Intel integration is enabled for detecting malicious URLs

config_id

string

ID of the URL Intel service configuration to use

reputation_provider

string

Provider of the URL reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

domain_intel

object

Checks domain reputation using threat intelligence data.

Used in the Malicious Entity detector.

enabled

boolean

Whether the Domain Intel integration is enabled for detecting malicious domains

config_id

string

ID of the Domain Intel service configuration to use

reputation_provider

string

Provider of the domain reputation data

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

file_scan

object

Scans files for known malware

enabled

boolean

Whether the File Scan integration is enabled for detecting malicious files

config_id

string

ID of the File Scan service configuration to use

scan_provider

string

Malicious content and threats detection provider used for scanning

risk_threshold

number

Minimum risk level for a detection

• minimum: 0

• maximum: 100

redact

object

Detects and redacts sensitive information from text.

Used in the Confidential and PII, Secret and Key Entity, and Custom Entity detectors.

enabled

boolean

Whether the Redact integration is enabled for identifying and removing sensitive information

config_id

string

ID of the Redact service configuration to use

vault

object

Securely manages secrets and keys required by the AI Guard service

config_id

string

ID of the Vault service configuration to use

lingua

object

Language detection and analysis

enabled

boolean

Whether the Lingua integration is enabled for detecting languages

code

object

Detects code snippets and programming languages

enabled

boolean

Whether the Code integration is enabled for detecting code snippets

recipes

object

Pattern Property: ^.*$

object

Defines an AI Guard recipe - a named configuration of detectors and redaction settings used to analyze and protect data flows in AI-powered applications.

Recipes specify which detectors are active, how they behave, and may include reusable settings such as FPE tweaks.

For details, see the AI Guard Recipes documentation.

name

string

Human-readable name of the recipe

description

string

Detailed description of the recipe's purpose or use case

version

string

(default: "v1")

Optional version identifier for the recipe. Can be used to track changes.

detectors

array<object>

Settings for AI Guard Detectors, including which detectors to enable and how they behave

detector_name

string

Identifier of the detector to apply, such as prompt_injection, pii_entity, or malicious_entity

state

string

(default: "disabled")

Specifies whether the detector is enabled or disabled in this configuration

settings

object

Detector-specific settings

rules

array<object>

List of detection and redaction rules applied by this detector

redact_rule_id

string

Identifier of the redaction rule to apply. This should match a rule defined in the Redact service.

redaction

Configuration for the redaction method applied to detected values.

Each rule supports one redaction type, such as masking, replacement, hashing, Format-Preserving Encryption (FPE), or detection-only mode. Additional parameters may be required depending on the selected redaction type.

For more details, see the AI Guard Recipe Actions documentation.

redaction_type

string

Redaction method to apply for this rule

redaction_value

string

Replacement string to use when redaction_type is replacement

partial_masking

object

Parameters to control how text is masked when redaction_type is partial_masking

masking_type

string

(default: "unmask")

Defines the masking strategy. Use unmask to specify how many characters to keep visible. Use mask to specify how many to hide.

unmasked_from_left

integer

Number of leading characters to leave unmasked when masking_type is unmask

• minimum: 0

unmasked_from_right

integer

Number of trailing characters to leave unmasked when masking_type is unmask

• minimum: 0

masked_from_left

integer

Number of leading characters to mask when masking_type is mask

• minimum: 0

masked_from_right

integer

Number of trailing characters to mask when masking_type is mask

• minimum: 0

chars_to_ignore

array<string>

List of characters that should not be masked (for example, hyphens or periods)

masking_char

string

(default: "*")

Character to use when masking text

• minLength: 1

• maxLength: 1

hash

object, null

Hash configuration when redaction_type is hash

fpe_alphabet

Alphabet used for Format-Preserving Encryption (FPE). Determines the character set for encryption.

block

boolean

If true, indicates that further processing should be stopped when this rule is triggered

disabled

boolean

If true, disables this specific rule even if the detector is enabled

reputation_check

boolean

If true, performs a reputation check using the configured intel provider. Applies to the Malicious Entity detector when using IP, URL, or Domain Intel services.

transform_if_malicious

boolean

If true, applies redaction or transformation when the detected value is determined to be malicious by intel analysis

connector_settings

object

Connector-level Redact configuration. These settings allow you to define reusable redaction parameters, such as FPE tweak value.

redact

object

Settings for Redact integration at the recipe level

fpe_tweak_vault_secret_id

string

ID of a Vault secret containing the tweak value used for Format-Preserving Encryption (FPE). Enables deterministic encryption, ensuring that identical inputs produce consistent encrypted outputs.

request_id

string

A unique identifier assigned to each request made to the API. It is used to track and identify a specific request and its associated data. The request_id can be helpful for troubleshooting, auditing, and tracing the flow of requests within the system. It allows users to reference and retrieve information related to a particular request, such as the response, parameters, and raw data associated with that specific request.

"request_id":"prq_x6fdiizbon6j3bsdvnpmwxsz2aan7fqd"

request_time

string

The timestamp indicates the exact moment when a request is made to the API. It represents the date and time at which the request was initiated by the client. The request_time is useful for tracking and analyzing the timing of requests, measuring response times, and monitoring performance metrics. It allows users to determine the duration between the request initiation and the corresponding response, aiding in the assessment of API performance and latency.

"request_time":"2022-09-21T17:24:33.105Z"

response_time

string

Duration it takes for the API to process a request and generate a response. It represents the elapsed time from when the request is received by the API to when the corresponding response is returned to the client.

"response_time":"2022-09-21T17:24:34.007Z"

status

string

It represents the status or outcome of the API request made for IP information. It indicates the current state or condition of the request and provides information on the success or failure of the request.

"status":"success"

summary

string

Provides a concise and brief overview of the purpose or primary objective of the API endpoint. It serves as a high-level summary or description of the functionality or feature offered by the endpoint.

Status Codes

Status	Status Code	Description
AIGBadInputFormat	400	The input schema is not currently supported.
AIGFileTooLarge	400	File size too large.
AIGInvalidRecipe	400	Recipe contains invalid contents.
AIGMissingSvConnection	400	A service dependency was not set up.
NoProviderConfigured	400	Provider for intelligence services used by ai-guard is not configured
RecipeNotExist	400	Recipe does not exist in the ai-guard configuration
AIGServiceConfigFetchError	500	Failed to fetch the dependent '{service_name}' service configuration from Pangea Cloud.

Was this article helpful?

Contact us