API Reference

REST API Reference

Complete reference for the DriftRail API. All endpoints require authentication via API key.

Base URL

Production: https://api.driftrail.com/v1

Authentication

Include your API key in the Authorization header:

Authorization: Bearer dr_prod_your_api_key_here

Endpoints

POST /guard Inline Protection

Real-time content safety check. Blocks dangerous outputs before they reach users. <50ms latency.

Request Body

{
  "output": "The LLM response to check",
  "input": "Optional user prompt for context",
  "mode": "strict",
  "timeout_ms": 100
}

Response

{
  "allowed": true,
  "action": "allow",
  "output": "The LLM response to check",
  "triggered": [],
  "classification": {
    "risk_score": 15,
    "pii": { "detected": false, "types": [] },
    "toxicity": { "detected": false, "severity": "none" },
    "prompt_injection": { "detected": false, "risk": "none" }
  },
  "latency_ms": 42,
  "fallback": false
}

Fail-Open: If classification times out, allowed: true and fallback: true are returned.

POST /ingest

Log an LLM inference event for classification and monitoring.

Request Body

{
  "model": "gpt-5",
  "provider": "openai",
  "input": { "prompt": "What is the capital of France?" },
  "output": { "text": "The capital of France is Paris." },
  "metadata": {
    "latency_ms": 420,
    "tokens_in": 25,
    "tokens_out": 12
  }
}

Response

{
  "event_id": "evt_a1b2c3d4...",
  "status": "queued"
}
GET /events

Query logged inference events with optional filters.

Query Parameters

limitintegerMax results (default: 50) offsetintegerPagination offset risk_levelstringFilter by risk: low, medium, high, critical modelstringFilter by model name
GET /events/:id

Retrieve a single event by ID, including classification results.

GET /stats

Get aggregated statistics for your application.

GET /classifications

List all classifications with risk scores and detected issues.

Rate Limits

Plan Requests/min Burst
Starter60100
Growth300500
Pro1,0002,000
EnterpriseCustomCustom

Error Codes

400Bad Request - Invalid parameters
401Unauthorized - Invalid or missing API key
403Forbidden - Insufficient permissions
429Too Many Requests - Rate limit exceeded
500Internal Server Error