Custom Guardrails/Plugins are a way to introduce custom “validation” or “mutations” to the request and response of the LLM. You can implement custom security policies, PII detection, content moderation specific to your use case.

Template Repository Overview

The custom guardrails template repository provides a comprehensive FastAPI application with multiple guardrail implementations. It serves as a starting point for building your own custom guardrail server with best practices and example implementations.

Architecture

The template follows a modular architecture:
  • main.py: FastAPI application with route definitions
  • guardrail/: Directory containing all guardrail implementations
  • entities.py: Pydantic models for request/response validation
  • requirements.txt: Dependencies and libraries

Entities and Data Models

The template defines several Pydantic models that structure the data flow between TrueFoundry AI Gateway and your custom guardrail server.

RequestContext

class SubjectType(str, Enum):
    user = 'user'
    team = 'team'
    serviceaccount = 'serviceaccount'

class Subject(BaseModel):
    subjectId: str
    subjectType: SubjectType
    subjectSlug: Optional[str] = None
    subjectDisplayName: Optional[str] = None

class RequestContext(BaseModel):
    user: Subject
    metadata: Optional[dict[str, str]] = None
RequestContext is a Pydantic model that provides structured contextual information for each request processed by your custom guardrail server. It includes details about the user (as a Subject object) and optional metadata relevant to the request lifecycle. This context is automatically populated by the TrueFoundry AI Gateway and can be leveraged for access control, auditing, or custom logic within your guardrail implementations.

InputGuardrailRequest

class InputGuardrailRequest(BaseModel):
    requestBody: CompletionCreateParams
    context: RequestContext
    config: Optional[dict] = None
InputGuardrailRequest represents the schema for requests sent to the input guardrail endpoint. It encapsulates the original model input (requestBody), which is OpenAI-compatible and follows the schema from the official OpenAI repository, along with configuration options (config) and contextual information (context) about the request.

OutputGuardrailRequest

class OutputGuardrailRequest(BaseModel):
    requestBody: CompletionCreateParams
    responseBody: ChatCompletion
    config: Optional[dict] = None
    context: RequestContext
OutputGuardrailRequest represents the schema for requests sent to the output guardrail endpoint. It encapsulates the original model input (requestBody), the model’s output (responseBody), configuration options (config), and contextual information (context) about the request. Both requestBody and responseBody are OpenAI-compatible and follow the schemas from the official OpenAI repository.

Available Guardrails

The template repository includes five pre-implemented guardrails that demonstrate different validation and transformation techniques.

Request Examples

Running Locally

# Install dependencies
pip install -r requirements.txt

# Run the server
python main.py

# Or using uvicorn directly
uvicorn main:app --host 0.0.0.0 --port 8000 --reload

Adding Custom Guardrail Integration

To add Custom Guardrail to your TrueFoundry setup, follow these steps:
  1. Navigate to AI Gateway
    • Go to AI Gateway in your TrueFoundry dashboard.
  2. Access Guardrails
    • Click on Guardrails.
  3. Add New Guardrails Group
    • Click on Add New Guardrails Group.
Navigate to Guardrails section in dashboard

Navigate to Guardrails

Guardrails groups help manage access control and security policies for your LLM applications. Configure rules to prevent harmful content, ensure compliance, and maintain data privacy. For more details, refer to the Collaborator Section.
  1. Fill in the Guardrails Group Form
    • Name: Enter a name for your guardrails group.
    • Collaborators: Add collaborators who will have access to this group.
    • Custom Guardrail Config:
      • Name: Enter a name for the Custom Guardrail configuration.
      • Operation: The operation type to use for the guardrail.
        • Validate: Guardrails with this operation are used to validate requests. These guardrails are run in parallel.
        • Mutate: Guardrails with this operation can both validate and mutate requests. Mutate guardrails are run sequentially.
      • URL: Enter the URL for the Guardrail Server.
      • Auth Data: Provide authentication data for the Guardrail Server. This data will be sent to the Guardrail Server for authorization.
        • Choose between Custom Basic Auth or Custom Bearer Auth.
      • Headers (Optional): Add any headers required for the Guardrail Server. These will be forwarded as is.
      • Config: Enter the configuration for the Guardrail Server. This is a JSON object that will be sent along with the request.
Custom Guardrail configuration form in dashboard

Fill in the Custom Guardrail Form

How Custom Guardrail Config Relates to Guardrail Requests

When you configure a Custom Guardrail in the TrueFoundry guardrails integration creation form (as described above), the settings you provide—such as the operation type, URL, authentication data, headers, and config—directly influence how the AI Gateway interacts with your guardrail server at runtime. How it works:
  • Config Propagation:
    The Config field you specify in the integration creation form is sent as the config attribute in every guardrail request payload. This allows you to parameterize your guardrail logic (e.g., set thresholds, enable/disable features, or pass secrets) without changing your server code.
  • Request Structure:
    When a request is routed through a guardrail, the AI Gateway constructs a request object (such as InputGuardrailRequest or OutputGuardrailRequest) and sends it to your server. This object includes:
    • The original model input (requestBody)
    • (For output guardrails) The model’s response (responseBody)
    • The config object (from your integration creation form)
    • The context (user, metadata, etc.)
  • Example Payload:
    {
      "requestBody": { /* original model input */ },
      "responseBody": { /* model output, for output guardrails */ },
      "config": { /* your custom config from the integration creation form */ },
      "context": { /* user and request metadata */ }
    }
    
  • Dynamic Behavior:
    By updating the Custom Guardrail Config in the integration creation form, you can change the behavior of your guardrail server in real time—no code redeploy required. For example, you might adjust PII detection sensitivity, toggle logging, or update allowed user lists.
Summary Table
Integration Creation Form FieldSent in Guardrail Request as
Configconfig
Auth Data, HeadersHTTP headers customHeaders
OperationDetermines endpoint & method
URLGuardrail server endpoint
This tight integration ensures that your guardrail logic remains flexible, maintainable, and easy to update as your requirements evolve.

Example: Sending a Request to Your Guardrail Server

Sample Input Guardrail Request Payload & cURL Example

Sample Output Guardrail Request Payload & cURL Example