REST API
Overview
Aporia’s REST API method involves explicit API calls to enforce guardrails before and after LLM interactions, suitable for applications requiring a high level of customization and control over content policy enforcement.
Prerequisites
Before you begin, ensure you have created an Aporia Guardrails project.
Integration Guide
Step 1: Gather Aporia’s API Key
- Log into the Aporia dashboard and select your project.
- Click on the Integration tab.
- Ensure that REST API is activated.
- Note down the API Key displayed.
Step 2: Integrate into Your Code
- Locate where your code makes LLM calls, such as OpenAI API calls.
- Before sending the prompt to the LLM, and after receiving the LLM’s response, incorporate calls to Aporia’s REST API to enforce the respective guardrails.
API Endpoint and JSON Structure
Endpoint: POST https://gr-prd.aporia.com/<PROJECT_ID>/validate
Headers:
Content-Type
:application/json
X-APORIA-API-KEY
: Your copied Aporia API key
Request Fields:
OpenAI-compatible array of messages. Each message should include role
and content
.
Possible role
values are system
, user
, assistant
, or other
for any unsupported roles.
The target of the validation which can be prompt
, response
, or both
.
The raw response from the LLM before any modifications. It is required if ‘validation_target’ includes ‘response’.
Whether to return detailed explanations for the actions taken by the guardrails.
An optional session ID to track related interactions across multiple requests.
Response Fields:
The action taken by the guardrails, possible values are modify
, passthrough
, block
, rephrase
.
The revised version of the LLM’s response based on the applied guardrails.
A detailed log of each policy’s application, including the policy ID, target, result, and details of the action taken.
The final result of the policy execution, detailing the log of policies applied and the specific actions taken for each.
Request JSON Example:
{
"messages": [
{
"role": "user",
"content": "This is a test prompt"
}
],
"response": "Response from LLM here",
// Optional
// "validation_target": "both",
// "explain": false,
// "session_id": "optional-session-id"
}
Response JSON Example:
{
"action": "modify",
"revised_response": "Modified response based on policy",
"explain_log": [
{
"policy_id": "001",
"target": "response",
"result": "issue_detected",
"details": {
...
}
},
...
],
"policy_execution_result": {
"policy_log": [
{
"policy_id": "001",
"policy_type": "content_check",
"target": "response"
}
],
"action": {
"type": "modify",
"revised_message": "Modified response based on policy"
}
}
}
Best practices
Request timeout
Set up a timeout of 5 second to the HTTP request in case there’s any failure on Aporia’s side.
If you are using the fetch
API in JavaScript, you can provide an abort signal using the AbortController API and trigger it with setTimeout
. See this example.
If you are using the requests library in Python, you can simply provide a timeout
argument:
import requests
requests.post(
"https://gr-prd.aporia.com/<PROJECT_ID>/validate",
timeout=5,
...
)