PEP (Policy Enforcement Point)
Policies & Security Profiles
TrustGate separates Access (what models you can use) from Security (what data you can send).
Access Policy
Controls the "Plumbing".
- Model Allow-List (e.g. "Only GPT-3.5")
- Monthly Budget Limits
- Rate Limiting (RPM)
Security Profile
Controls the "Content".
- DLP / PII Redaction
- Prompt Injection Blocking
- Keyword Banning
1. The Access Policy (Model Gates)
Prevents developers from accidentally using expensive models (like GPT-4-32k) in development environments.
# Policy: "Dev-Environment"
allowed_models: ["gpt-3.5-turbo", "claude-instant"]
fallback_behavior: "block"
allowed_models: ["gpt-3.5-turbo", "claude-instant"]
fallback_behavior: "block"
If a user requests "gpt-4", Gateway returns HTTP 403: "Model not allowed by policy."
2. The Security Block (Soft Fail)
When TrustGate blocks a prompt due to PII or Injection, we return a Safe 200 OK to prevent your app from crashing, but with a specific finish reason.
// Response for Blocked Content
{
"id": "tg_block_123",
"choices": [
{
"finish_reason": "content_filter",
"message": { "content": "[BLOCKED BY TRUSTGATE SAFETY POLICY]" }
}
]
}
{
"id": "tg_block_123",
"choices": [
{
"finish_reason": "content_filter",
"message": { "content": "[BLOCKED BY TRUSTGATE SAFETY POLICY]" }
}
]
}
3. Cost Control
Set hard budgets on token usage and API spend per team or application. For Agentic workflows, TrustGate automatically detects agent hallucinations and blocks uncontrolled retries (infinite execution loops) to prevent autonomous agents from silently draining your API budget.