> ## Documentation Index
> Fetch the complete documentation index at: https://docs.trusys.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Configure guardrails

> Enables or disables guardrails and sets input/output validators for an application.

`input_validators` and `output_validators` are **arrays of objects**. Each entry requires:
- `type` — validator id from `GET /guardrails/validators`
- `on_fail` — action id from the catalog `actions` list (what Trusys does when the validator fails: `mask`, `encrypt`, `filter`, `fail`, `ignore`, or `fix` for PII only)
- `config` — optional; structure depends on `type` (see catalog `validators[].config` for the template)

Not every `on_fail` action applies to every validator — the catalog `actions[].validators` array lists compatible validator types.



## OpenAPI

````yaml /openapi.json put /applications/{applicationId}/guardrails
openapi: 3.0.0
info:
  title: Trusys API
  version: 1.0.0
  description: >-
    Programmatic access to Trusys for integrating AI quality monitoring,
    evaluation, and guardrails into your own systems — without using the Trusys
    UI.


    **Typical integration flow**


    1. `POST /applications` — register your application and get an id.

    2. `PUT /applications/{id}/monitoring` and/or `PUT
    /applications/{id}/guardrails` — configure which metrics, security plugins,
    and guardrails apply.

    3. `POST /applications/{id}/evaluations` — submit prompt/response traces to
    be scored as your application runs.

    4. `GET /applications/{id}/traces`, `GET /applications/{id}/evaluations`,
    and `POST /applications/{id}/widget-data` — pull results, trends, and
    dashboard-equivalent chart data back into your own tools.


    All requests require an `x-api-key` header (see Authentication). All
    timestamps are ISO 8601 UTC. Paginated endpoints default to 20 items per
    page (max 100).
servers:
  - url: https://app.trusys.ai/api/external
security:
  - ApiKeyAuth: []
paths:
  /applications/{applicationId}/guardrails:
    put:
      tags:
        - Guardrails
      summary: Configure guardrails
      description: >-
        Enables or disables guardrails and sets input/output validators for an
        application.


        `input_validators` and `output_validators` are **arrays of objects**.
        Each entry requires:

        - `type` — validator id from `GET /guardrails/validators`

        - `on_fail` — action id from the catalog `actions` list (what Trusys
        does when the validator fails: `mask`, `encrypt`, `filter`, `fail`,
        `ignore`, or `fix` for PII only)

        - `config` — optional; structure depends on `type` (see catalog
        `validators[].config` for the template)


        Not every `on_fail` action applies to every validator — the catalog
        `actions[].validators` array lists compatible validator types.
      operationId: updateGuardrailsConfig
      parameters:
        - $ref: '#/components/parameters/applicationId'
      requestBody:
        required: true
        description: Guardrails toggle and validator lists.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PutGuardrailsRequest'
            example:
              enable_guard_rails: true
              input_validators:
                - type: prompt-injection
                  on_fail: fail
                  config:
                    threshold: 0.8
              output_validators:
                - type: pii
                  on_fail: mask
                  config:
                    entities:
                      - EMAIL_ADDRESS
                    threshold: 0.5
      responses:
        '200':
          description: Guardrails configuration saved.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GuardrailsConfigResponse'
        '400':
          $ref: '#/components/responses/ValidationError'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
components:
  parameters:
    applicationId:
      name: applicationId
      in: path
      required: true
      schema:
        type: string
        format: uuid
      description: >-
        Unique identifier (UUID) of the application. Returned by `POST
        /applications`.
  schemas:
    PutGuardrailsRequest:
      type: object
      additionalProperties: false
      required:
        - enable_guard_rails
      properties:
        enable_guard_rails:
          type: boolean
          description: Master switch for guardrails on this application.
        input_validators:
          type: array
          description: >-
            Validators applied to user/model input. Each item is an object with
            `type`, `on_fail`, and optional `config`.
          items:
            $ref: '#/components/schemas/GuardrailValidatorEntry'
        output_validators:
          type: array
          description: >-
            Validators applied to model output. Each item is an object with
            `type`, `on_fail`, and optional `config`.
          items:
            $ref: '#/components/schemas/GuardrailValidatorEntry'
    GuardrailsConfigResponse:
      type: object
      properties:
        success:
          type: boolean
        data:
          $ref: '#/components/schemas/GuardrailsConfigData'
    GuardrailValidatorEntry:
      type: object
      additionalProperties: false
      description: >-
        Single guardrail validator configuration. Stored as an element in
        `input_validators` or `output_validators` arrays.
      required:
        - type
        - on_fail
      properties:
        type:
          type: string
          description: >-
            Validator id from `GET /guardrails/validators` (for example `pii`,
            `prompt-injection`, `regex`).
        on_fail:
          type: string
          description: >-
            Action id from catalog `actions` — enforced when this validator
            fails. Common values: `mask`, `encrypt`, `filter`, `fail`, `ignore`.
            `fix` is supported for `pii` only.
        config:
          description: >-
            Validator-specific settings. Shape depends on `type` — use the
            catalog `validators[].config` object as a template. May be an object
            (for example `{ "threshold": 0.8 }`) or an array (for example
            regex/blocklist pattern rows).
      example:
        type: prompt-injection
        on_fail: fail
        config:
          threshold: 0.8
    GuardrailsConfigData:
      type: object
      description: Guardrails validators applied to application input and output.
      properties:
        enable_guard_rails:
          type: boolean
        input_validators:
          type: array
          items:
            $ref: '#/components/schemas/GuardrailValidatorEntry'
        output_validators:
          type: array
          items:
            $ref: '#/components/schemas/GuardrailValidatorEntry'
    ValidationErrorResponse:
      type: object
      description: Returned when request body or query parameters fail validation.
      properties:
        success:
          type: boolean
          example: false
        message:
          type: string
          example: Invalid request body
          description: Summary of the validation failure.
        errors:
          type: array
          description: Per-field validation errors.
          items:
            type: object
            properties:
              path:
                type: string
                description: >-
                  JSON path to the invalid field (for example
                  `traces.0.prompt`).
              message:
                type: string
                description: Why the field failed validation.
    ErrorResponse:
      type: object
      description: Standard error envelope for non-validation failures.
      properties:
        success:
          type: boolean
          example: false
          description: Always `false` for errors.
        message:
          type: string
          description: Human-readable explanation of the error.
      required:
        - success
        - message
  responses:
    ValidationError:
      description: >-
        The request body or query parameters are invalid. See the `errors` array
        for field-level detail.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ValidationErrorResponse'
          example:
            success: false
            message: Invalid request body
            errors:
              - path: name
                message: name is required
    Unauthorized:
      description: >-
        The API key is missing, invalid, or revoked. Verify the `x-api-key`
        header and that the key is active in Trusys settings.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          example:
            message: Error while verifying api key
    NotFound:
      description: The requested resource does not exist, or your API key cannot access it.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          example:
            success: false
            message: Application not found
  securitySchemes:
    ApiKeyAuth:
      type: apiKey
      in: header
      name: x-api-key
      description: >-
        Your Trusys API key. Create and manage keys in the Trusys UI under
        **Settings → API Keys**.


        Include the key on every request:


        ```

        x-api-key: <your-api-key>

        ```

````