Architecture Overview
Keeptrusts sits between your application and upstream model providers. The gateway owns request routing and applies policy on the request families that use its policy evaluation path. Product surfaces help teams review rollout state, request events, captured session history, audit records, human-review work, and spend.
Public component model
What each component owns
| Component | Public responsibility |
|---|---|
| Your application | Sends requests and consumes responses |
| Keeptrusts gateway | Authenticates and routes supported requests, applies policy on policy-covered routes, and emits the route-specific outcomes the runtime implements |
| Model provider | Produces the upstream model response |
| Product surfaces | Help teams review rollout state, request events, capture-enabled session history, human-review queues, audit records, and spend |
Policy-covered request flow
Chat Completions and Responses use this policy-covered flow:
The Anthropic-shaped POST /v1/messages route currently performs
authentication, connected billing, and provider routing without the
Chat/Responses policy-chain evaluation. WebSocket routes authenticate and
route the handshake, but subsequent frames are proxied without frame-level
policy evaluation. These are current runtime boundaries, not equivalent
governance paths; see Runtime Request Families
and Streaming with SSE.
Customer-facing surfaces
- Configurations and Templates manage versioned policy changes.
- Gateways shows runtime inventory and the state of connected gateways.
- Overview summarizes aggregate traffic and governance activity; it is not a request-detail view.
kt eventsandGET /v1/eventswith its requiredsincequery expose delivered request IDs, outcomes, configuration versions, and policy evidence for runtime investigation.- History shows captured session context when history capture is enabled; the available metadata or content depends on capture mode and the owning platform retention policy.
- Inbox handles human-review work such as escalations and approvals.
- Trail is the audit and evidence surface, including export workflows.
- Usage, Bills, and Payments cover spend analysis, budgets, and billing state.
Public boundaries
- Your application points at the Keeptrusts gateway instead of calling the provider directly.
- Runtime behavior is defined through declarative config such as
policy-config.yaml. - Secret material stays outside YAML and is referenced through
secret_key_ref. - Customer docs describe public workflows only; they do not depend on unpublished operational guides.
Next steps
- Use Quickstart for the shortest working path.
- Use Configurations for versioned rollout.
- Use Runtime Request Families for supported public request shapes.
- Use Permissions Reference for organization-scoped access guidance.