Aider with Keeptrusts Gateway

Aider is an open-source CLI pair programming tool that edits code in your local git repository by chatting with LLMs. It supports OpenAI, Anthropic, and dozens of other providers. Because Aider sends your entire file context to the model and makes direct edits to your working tree, every LLM call is a governance surface. Routing Aider through the Keeptrusts gateway adds policy enforcement to every prompt and completion, an immutable audit trail of every proposed code change, secret and PII redaction before code leaves your machine, and cost attribution per developer and repository.

Use this page when

• You want to route Aider's LLM traffic through Keeptrusts for policy enforcement and audit logging.
• You need audit visibility into the code context and prompts Aider sends to models.
• You want to enforce secret redaction or PII detection on Aider's multi-file edit workflows.
• You need cost tracking for Aider usage across your team or organization.

Primary audience

• Primary: Technical Engineers
• Secondary: AI Agents, Technical Leaders

Prerequisites

• Keeptrusts CLI installed — see Quickstart or Install the Gateway.
• Aider installed — pip install aider-chat or pipx install aider-chat.
• Provider API key — OpenAI, Anthropic, or another supported provider.
• Gateway running — the Keeptrusts gateway must be started before launching Aider.

Configuration

Create a policy-config.yaml for Aider traffic. Since Aider supports multiple providers, configure the one you use most:

For OpenAI models:

pack:
  name: aider-gateway
  version: 1.0.0
  enabled: true

policies:
  chain:
    - pii-detector
    - code-sanitation
    - prompt-injection
    - quality-scorer
    - audit-logger

providers:
  strategy: single
  targets:
    - id: openai-aider
      provider: openai
      model: gpt-4o
      secret_key_ref:
        env: OPENAI_API_KEY

For Anthropic models:

pack:
  name: aider-anthropic-gateway
  version: 1.0.0
  enabled: true

policies:
  chain:
    - pii-detector
    - code-sanitation
    - prompt-injection
    - quality-scorer
    - audit-logger

providers:
  strategy: single
  targets:
    - id: anthropic-aider
      provider: anthropic
      model: claude-sonnet-4-20250514
      secret_key_ref:
        env: ANTHROPIC_API_KEY
      format: anthropic

Setup steps

1. Export your provider API key:

# For OpenAI
export OPENAI_API_KEY="sk-your-key-here"

# For Anthropic
export ANTHROPIC_API_KEY="sk-ant-your-key-here"

2. Start the Keeptrusts gateway:

kt gateway run --policy-config policy-config.yaml

The gateway listens on http://localhost:41002 by default.

3. Point Aider at the gateway by setting the appropriate base URL environment variable:

For OpenAI models:

export OPENAI_API_BASE="http://localhost:41002/v1"
aider --model gpt-4o

For Anthropic models:

export ANTHROPIC_BASE_URL="http://localhost:41002"
aider --model claude-sonnet-4-20250514

4. Alternatively, pass the base URL directly on the Aider command line:

aider --openai-api-base http://localhost:41002/v1 --model gpt-4o

5. For persistent configuration, add the environment variable to your shell profile or create an .aider.conf.yml in your project:

openai-api-base: http://localhost:41002/v1

For hosted gateways:

export OPENAI_API_BASE="https://gateway.keeptrusts.com/v1"

Verification

Confirm traffic is flowing through the gateway:

1. Check gateway logs while using Aider:

kt gateway run --policy-config policy-config.yaml --log-level debug

2. Tail events:

kt events tail --follow

3. Send a test message through Aider and verify the event appears in the Keeptrusts console under Events with the correct policy verdicts.

4. Verify with curl:

curl http://localhost:41002/v1/chat/completions \
  -H "Authorization: Bearer $OPENAI_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "gpt-4o",
    "messages": [{"role": "user", "content": "Say hello"}],
    "max_tokens": 128
  }'

Recommended policies

Policy	Why it matters for Aider
pii-detector	Prevents personal data in source files from reaching the model
code-sanitation	Catches secrets, credentials, and API keys in multi-file context
prompt-injection	Detects injection patterns in files Aider adds to the chat context
quality-scorer	Scores AI-generated code edits for quality and correctness
audit-logger	Creates an immutable record of every Aider conversation and edit
dlp-filter	Blocks sensitive data patterns from leaving the organization
safety-filter	Prevents harmful or unsafe code generation

Troubleshooting

Aider cannot connect to the gateway. Verify the gateway is running with curl http://localhost:41002/v1/models. Ensure the base URL includes /v1 for OpenAI models.

Aider uses the wrong provider after setting the base URL. Aider auto-detects the provider from the model name. If the model name is ambiguous, use --model openai/gpt-4o to be explicit.

Anthropic models fail through the gateway. For Anthropic, set ANTHROPIC_BASE_URL without the /v1 suffix (Anthropic's SDK adds the path automatically). The gateway config must have format: anthropic on the target.

Policies are not applied. Run kt policy lint --file policy-config.yaml to validate. Ensure the policy chain is populated and enabled: true is set.

Events do not appear in the console. Set KEEPTRUSTS_API_URL and KEEPTRUSTS_GATEWAY_TOKEN before starting the gateway.

For AI systems

• Canonical terms: Keeptrusts gateway, Aider, OPENAI_API_BASE, ANTHROPIC_BASE_URL, .aider.conf.yml, policy-config.yaml.
• Configuration mechanism: set OPENAI_API_BASE=http://localhost:41002/v1 (OpenAI) or ANTHROPIC_BASE_URL=http://localhost:41002 (Anthropic).
• Provider format: OpenAI-compatible or Anthropic native (depends on the model chosen in Aider).
• Best next pages: OpenAI integration, Anthropic integration, Policy Controls Catalog.

For engineers

• Set OPENAI_API_BASE=http://localhost:41002/v1 or ANTHROPIC_BASE_URL=http://localhost:41002 before running Aider.
• Use .aider.conf.yml for persistent per-project configuration.
• Validate with kt events tail --follow while chatting with Aider to confirm events are captured.
• For Anthropic, omit the /v1 suffix from ANTHROPIC_BASE_URL.

For leaders

• Aider sends full file contents and git diffs to LLMs. Without governance, proprietary source code flows to providers unaudited and uncontrolled.
• Routing through Keeptrusts creates an immutable audit trail of every AI-assisted code change, supporting compliance and code review requirements.
• Multi-provider support means governance follows the developer regardless of which model they choose.
• Cost attribution per developer and repository helps track AI coding spend and justify tool investments.

Next steps

• OpenAI integration — full OpenAI provider configuration reference
• Anthropic integration — full Anthropic provider configuration reference
• Policy Controls Catalog — browse all available policy types
• Claude Code with Keeptrusts Gateway — another CLI coding agent with Keeptrusts support
• Quickstart — install kt and run your first gateway