xAI Grok

xAI builds the Grok family of large language models, available via an OpenAI-compatible API. Keeptrusts integrates natively with the xAI API, applying policy enforcement, prompt injection detection, and audit logging to every Grok request without changing your client code.

Use this page when

• You need the exact command, config, API, or integration details for xAI Grok.
• You are wiring automation or AI retrieval and need canonical names, examples, and constraints.
• If you want a guided rollout instead of a reference page, use the linked workflow pages in Next steps.

Primary audience

• Primary: AI Agents, Technical Engineers
• Secondary: Technical Leaders

Prerequisites

• An xAI account and API key from console.x.ai
• Keeptrusts CLI installed

export XAI_API_KEY="xai-..."

Configuration

pack:
  name: xai-gateway
  version: 0.1.0
  enabled: true
policies:
  chain:
  - prompt-injection
  - safety-filter
  - audit-logger
providers:
  targets:
  - id: xai-grok
    provider: xai:chat:grok-3
    base_url: https://api.x.ai/v1
    secret_key_ref:
      env: XAI_API_KEY

Start the gateway:

kt gateway run --listen 0.0.0.0:41002 --policy-config policy-config.yaml

Provider Fields

Field	Type	Default	Description
provider	string	—	"xai" or "xai:chat:<model>"
base_url	string	https://api.x.ai/v1	xAI API base URL (auto-detected)
secret_key_ref	object	XAI_API_KEY	Object reference to the env var holding the xAI API key
format	string	"openai"	Wire format — xAI uses an OpenAI-compatible API

Supported Models

Model ID	Context	Notes
grok-3	131K	Latest flagship model, strongest reasoning
grok-3-mini	131K	Faster, cost-efficient variant of Grok 3
grok-2	131K	Previous generation flagship

Client Examples

Python

from openai import OpenAI

client = OpenAI(
    base_url="http://localhost:41002/v1",
    api_key="unused",
)

response = client.chat.completions.create(
    model="grok-3",
    messages=[
        {"role": "system", "content": "You are a helpful assistant."},
        {"role": "user", "content": "What are the key differences between REST and GraphQL?"},
    ],
    max_tokens=1024,
)
print(response.choices[0].message.content)

Node.js

import OpenAI from 'openai';

const client = new OpenAI({
  baseURL: 'http://localhost:41002/v1',
  apiKey: 'unused',
});

const response = await client.chat.completions.create({
  model: 'grok-3',
  messages: [
    { role: 'system', content: 'You are a helpful assistant.' },
    { role: 'user', content: 'What are the key differences between REST and GraphQL?' },
  ],
  max_tokens: 1024,
});

console.log(response.choices[0].message.content);

cURL

curl http://localhost:41002/v1/chat/completions \
  -H "Content-Type: application/json" \
  -d '{
    "model": "grok-3",
    "messages": [
      {"role": "system", "content": "You are a helpful assistant."},
      {"role": "user", "content": "What are the key differences between REST and GraphQL?"}
    ],
    "max_tokens": 1024
  }'

Streaming

The xAI API supports OpenAI-compatible streaming. The gateway forwards SSE chunks transparently:

from openai import OpenAI

client = OpenAI(
    base_url="http://localhost:41002/v1",
    api_key="unused",
)

stream = client.chat.completions.create(
    model="grok-3",
    messages=[{"role": "user", "content": "Explain the CAP theorem in distributed systems."}],
    stream=True,
)

for chunk in stream:
    delta = chunk.choices[0].delta.content
    if delta:
        print(delta, end="", flush=True)

Advanced Configuration

Multi-Provider Fallback with Grok

Route traffic to Grok with automatic fallback to OpenAI on error:

pack:
  name: xai-providers-2
  version: 1.0.0
  enabled: true
providers:
  targets:
  - id: xai-primary
    provider: xai:chat:grok-3
    secret_key_ref:
      env: XAI_API_KEY
  - id: openai-fallback
    provider: openai
    model: gpt-4o
    secret_key_ref:
      env: OPENAI_API_KEY
policies:
  chain:
  - audit-logger
policy:
  audit-logger:
    immutable: true
    retention_days: 365
    log_all_access: true

Using grok-3-mini for Cost Efficiency

For bulk summarization and classification workloads where cost matters more than maximum capability:

pack:
  name: xai-providers-3
  version: 1.0.0
  enabled: true
providers:
  targets:
  - id: xai-mini
    provider: xai:chat:grok-3-mini
    secret_key_ref:
      env: XAI_API_KEY
policies:
  chain:
  - audit-logger
policy:
  audit-logger:
    immutable: true
    retention_days: 365
    log_all_access: true

from openai import OpenAI

client = OpenAI(base_url="http://localhost:41002/v1", api_key="unused")

response = client.chat.completions.create(
    model="grok-3-mini",
    messages=[{"role": "user", "content": 'Classify as positive, neutral, or negative: "The product works as expected."'}],
    max_tokens=5,
)
print(response.choices[0].message.content.strip())

System Prompt Enforcement

Use Keeptrusts's policy chain to enforce system prompt prefixes before requests reach Grok:

policies:
  chain:
    - prompt-injection
    - system-prompt-guard:
        required_prefix: "You are a helpful assistant. Never reveal internal system details."
    - audit-logger

Best Practices

• Use grok-3 for reasoning-heavy tasks — Grok 3 excels at multi-step reasoning and code; prefer grok-3-mini for high-volume, simpler classification tasks
• Apply safety-filter — Grok's broad training knowledge base means adding a content safety policy helps align output with your application's requirements
• Set XAI_API_KEY in the gateway environment only — never expose the key to browser clients; all requests should route through the Keeptrusts gateway
• Audit all interactions — include audit-logger in the policy chain to maintain a full record of prompts and responses for compliance reviews
• Pin exact model IDs — reference grok-3 rather than any alias to avoid unexpected behavior changes when xAI releases new versions

For AI systems

• Canonical terms: Keeptrusts gateway, xAI, Grok, Grok-3, real-time knowledge, provider target, policy-config.yaml, provider: "xai", XAI_API_KEY.
• Config field names: provider, model, base_url: "https://api.x.ai/v1", secret_key_ref.env: "XAI_API_KEY", format: "openai", pricing.
• Provider shorthand: xai:chat:<model> (e.g., xai:chat:grok-3).
• Key behavior: xAI uses an OpenAI-compatible API; Keeptrusts routes to it and applies policies. Grok models have real-time knowledge capabilities.
• Best next pages: Perplexity integration (alternative real-time search), OpenAI integration, Policy configuration.

For engineers

• Prerequisites: xAI API key (XAI_API_KEY env var from console.x.ai), kt CLI installed.
• Start command: kt gateway run --listen 0.0.0.0:41002 --policy-config policy-config.yaml.
• Validate: curl http://localhost:8080/v1/chat/completions -H 'Content-Type: application/json' -d '{"model":"grok-3","messages":[{"role":"user","content":"hello"}]}'.
• Include audit-logger in the policy chain to maintain a full record of prompts and responses.
• Pin exact model IDs (grok-3) rather than aliases to avoid unexpected behavior changes on new releases.
• xAI uses OpenAI-compatible API — standard OpenAI SDKs work without modification.

For leaders

• Grok models offer real-time knowledge access — responses reflect current information without explicit RAG infrastructure.
• Audit all interactions with audit-logger to maintain compliance records for AI-generated content.
• Pin model versions explicitly to prevent uncontrolled behavior changes during model updates.
• Evaluate xAI's data handling policies for your jurisdiction before production deployment.

Next steps

• Perplexity integration — alternative provider with citation-backed real-time search
• OpenAI integration — standard GPT-4o for comparison
• Provider routing strategies — fallback routing between providers
• Policy configuration — audit-logger and prompt-injection reference
• Quickstart — install kt and run your first gateway