Documentation
Keeptrusts Docs
Keeptrusts helps teams route, govern, and review AI traffic without rebuilding every application. Define runtime behavior in config, run traffic through the gateway, and use the product surfaces to verify what changed.
Install the CLI, create a starter config, and send your first governed request.
Config-first workflowUse policy-config.yaml as the source of truth for policy, routing, and evidence behavior.
Choose the controls you need for prompt safety, PII handling, quality checks, routing, and human review.
Install the gatewayRun Keeptrusts locally or in your own environment and point applications at the governed endpoint.
A reliable first session
Use the docs in the same order that traffic moves through the product:
- Install the CLI and gateway and confirm the process is healthy.
- Create and validate a policy config before starting the gateway with that file.
- Send an authenticated request through a supported request family.
- Confirm both the client response and the applicable runtime evidence. Use
kt events tailfor delivered request outcomes, History only for capture-enabled session context, Trail for audit chronology, and Inbox for human-review work.
/healthz proves that the gateway process is running. It does not prove that a
client token is authorized, a model is available, or a provider credential is
valid. Use an authenticated model request for that end-to-end check.
Keep the credentials separate
| Credential | Used by | Purpose |
|---|---|---|
| Gateway runtime API token | kt gateway run --agent ... | Connects the gateway runtime to the Keeptrusts control plane |
| Client API token | Application, SDK, or IDE | Authorizes a request sent to the gateway |
| Upstream provider credential | Gateway provider target | Authorizes the gateway with the selected model provider |
Do not reuse the gateway runtime token as the client or provider credential. The setup and rotation workflows are different for each boundary.
Documentation
Use the rest of the site by job:
Field-by-field reference for declarative config, providers, routes, tests, and policy settings.
CLI referenceRun the gateway, validate config, inspect runtime signals, and automate rollout workflows.
IntegrationsConnect OpenAI-compatible clients, provider SDKs, IDEs, and existing application stacks.
Operational workflowsFollow the customer tasks for onboarding, rollout, investigation, evidence export, and spend review.