> ## Documentation Index
> Fetch the complete documentation index at: https://docs.trusys.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Get guardrails configuration

> Returns the guardrails enabled for an application.

`input_validators` and `output_validators` are **arrays of objects** (not maps). Each object has:
- `type` — validator id from `GET /guardrails/validators` (for example `prompt-injection`, `pii`)
- `on_fail` — enforcement action when validation fails (for example `fail`, `mask`, `filter`)
- `config` — optional validator-specific settings (shape varies by `type`; see the catalog `config` template)



## OpenAPI

````yaml /openapi.json get /applications/{applicationId}/guardrails
openapi: 3.0.0
info:
  title: Trusys API
  version: 1.0.0
  description: >-
    Programmatic access to Trusys for integrating AI quality monitoring,
    evaluation, and guardrails into your own systems — without using the Trusys
    UI.


    **Typical integration flow**


    1. `POST /applications` — register your application and get an id.

    2. `PUT /applications/{id}/monitoring` and/or `PUT
    /applications/{id}/guardrails` — configure which metrics, security plugins,
    and guardrails apply.

    3. `POST /applications/{id}/evaluations` — submit prompt/response traces to
    be scored as your application runs.

    4. `GET /applications/{id}/traces`, `GET /applications/{id}/evaluations`,
    and `POST /applications/{id}/widget-data` — pull results, trends, and
    dashboard-equivalent chart data back into your own tools.


    All requests require an `x-api-key` header (see Authentication). All
    timestamps are ISO 8601 UTC. Paginated endpoints default to 20 items per
    page (max 100).
servers:
  - url: https://app.trusys.ai/api/external
security:
  - ApiKeyAuth: []
paths:
  /applications/{applicationId}/guardrails:
    get:
      tags:
        - Guardrails
      summary: Get guardrails configuration
      description: >-
        Returns the guardrails enabled for an application.


        `input_validators` and `output_validators` are **arrays of objects**
        (not maps). Each object has:

        - `type` — validator id from `GET /guardrails/validators` (for example
        `prompt-injection`, `pii`)

        - `on_fail` — enforcement action when validation fails (for example
        `fail`, `mask`, `filter`)

        - `config` — optional validator-specific settings (shape varies by
        `type`; see the catalog `config` template)
      operationId: getGuardrailsConfig
      parameters:
        - $ref: '#/components/parameters/applicationId'
      responses:
        '200':
          description: Current guardrails configuration.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GuardrailsConfigResponse'
              example:
                success: true
                data:
                  enable_guard_rails: true
                  input_validators:
                    - type: prompt-injection
                      on_fail: fail
                      config:
                        threshold: 0.8
                  output_validators:
                    - type: pii
                      on_fail: mask
                      config:
                        entities:
                          - EMAIL_ADDRESS
                          - PHONE_NUMBER
                        threshold: 0.5
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
components:
  parameters:
    applicationId:
      name: applicationId
      in: path
      required: true
      schema:
        type: string
        format: uuid
      description: >-
        Unique identifier (UUID) of the application. Returned by `POST
        /applications`.
  schemas:
    GuardrailsConfigResponse:
      type: object
      properties:
        success:
          type: boolean
        data:
          $ref: '#/components/schemas/GuardrailsConfigData'
    GuardrailsConfigData:
      type: object
      description: Guardrails validators applied to application input and output.
      properties:
        enable_guard_rails:
          type: boolean
        input_validators:
          type: array
          items:
            $ref: '#/components/schemas/GuardrailValidatorEntry'
        output_validators:
          type: array
          items:
            $ref: '#/components/schemas/GuardrailValidatorEntry'
    ErrorResponse:
      type: object
      description: Standard error envelope for non-validation failures.
      properties:
        success:
          type: boolean
          example: false
          description: Always `false` for errors.
        message:
          type: string
          description: Human-readable explanation of the error.
      required:
        - success
        - message
    GuardrailValidatorEntry:
      type: object
      additionalProperties: false
      description: >-
        Single guardrail validator configuration. Stored as an element in
        `input_validators` or `output_validators` arrays.
      required:
        - type
        - on_fail
      properties:
        type:
          type: string
          description: >-
            Validator id from `GET /guardrails/validators` (for example `pii`,
            `prompt-injection`, `regex`).
        on_fail:
          type: string
          description: >-
            Action id from catalog `actions` — enforced when this validator
            fails. Common values: `mask`, `encrypt`, `filter`, `fail`, `ignore`.
            `fix` is supported for `pii` only.
        config:
          description: >-
            Validator-specific settings. Shape depends on `type` — use the
            catalog `validators[].config` object as a template. May be an object
            (for example `{ "threshold": 0.8 }`) or an array (for example
            regex/blocklist pattern rows).
      example:
        type: prompt-injection
        on_fail: fail
        config:
          threshold: 0.8
  responses:
    Unauthorized:
      description: >-
        The API key is missing, invalid, or revoked. Verify the `x-api-key`
        header and that the key is active in Trusys settings.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          example:
            message: Error while verifying api key
    NotFound:
      description: The requested resource does not exist, or your API key cannot access it.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          example:
            success: false
            message: Application not found
  securitySchemes:
    ApiKeyAuth:
      type: apiKey
      in: header
      name: x-api-key
      description: >-
        Your Trusys API key. Create and manage keys in the Trusys UI under
        **Settings → API Keys**.


        Include the key on every request:


        ```

        x-api-key: <your-api-key>

        ```

````