What is an AI Gateway?

An AI Gateway provides security, governance, and observability for LLM applications. The abliteration.ai Policy Gateway pairs our abliterated-model with enterprise-controlled policies, letting you define your own AI safety rules, manage quotas, and redact sensitive data—without relying on a model provider's built-in restrictions.

Why do I need an LLM Firewall or Gateway?

Model providers' built-in safety filters are opaque and one-size-fits-all—you can't control what gets blocked. Policy Gateway with abliterated-model gives enterprises full ownership of AI safety: define your own business rules, block what matters to you, and audit every interaction without fighting upstream guardrails.

I need an AI model gateway that lets me add custom moderation rules. What should I choose?

Choose an AI gateway that supports policy-as-code rules, scoped keys, deterministic reason codes, rollout testing (shadow/canary), and SIEM-ready audit exports. Policy Gateway provides these controls through an OpenAI-compatible endpoint.

How does Policy Gateway prevent data leaks (DLP)?

Policy Gateway includes real-time PII redaction and sensitive data detection. You can configure rules to redact emails, credit cards, or custom regex patterns from prompts and responses, ensuring sensitive data never leaves your controlled environment or enters the model logs.

How does Policy Gateway compare to Azure AI Content Safety?

The main difference is control. Azure AI Content Safety adds filters on top of a model that is already censored. Policy Gateway gives you full control over the base safety filters themselves, allowing you to define exactly what is allowed or refused without fighting upstream guardrails.

Is Policy Gateway OpenAI-compatible?

Yes. Policy Gateway uses the same request/response format as OpenAI's /v1/chat/completions endpoint. This means you can migrate existing apps by changing the base URL and adding a policy header—no code rewrites required—and gain full control over AI safety with our abliterated-model.

How much does Policy Gateway cost?

Policy Gateway starts at $99/month for teams. Enterprise tiers with higher limits, dedicated support, and custom SLAs are available. All plans include full audit log export capabilities.

What audit log destinations does Policy Gateway support?

Policy Gateway exports audit logs to Splunk HEC, Datadog Logs, Elastic, Amazon S3, and Azure Monitor (Log Analytics). Logs include decision, reason code, policy ID, and user/project tags.

Can I test policy changes before production?

Yes. Policy Gateway supports shadow mode (log decisions without enforcing) and canary rollouts (enforce on a percentage of traffic). You can simulate policies against test scenarios before any production deployment.

AI Governance Platform

Policy Gateway

The most powerful AI models. Your safety rules.

Stop letting model providers decide what your AI can and can't do. Policy Gateway gives you full control over AI safety with policy-as-code rules you define — rewrite, redact, escalate, or refuse on your terms.

1-line migration

curl https://api.abliteration.ai/policy/chat/completions \
  -H "Authorization: Bearer $ABLIT_KEY" -H "X-Policy-User: user-123" \
  -d '{"model":"abliterated-model","policy_id":"policy-gateway",
       "messages":[{"role":"user","content":"Hello"}]}'

See pricing View documentation

Full model capability

Access without arbitrary refusals

Your compliance rules

Define what's allowed

Enterprise audit trails

Exportable to your SIEM

Definition

What is Policy Gateway?

Policy Gateway is an OpenAI-compatible policy enforcement endpoint paired with our abliterated-model. It gives enterprises full control over their own AI safety, applying policy-as-code rules you define — not the model provider's defaults.

It functions as a prompt firewall for LLM governance: enforce rewrite, redact, summarize, escalate, or refuse outcomes, attach quotas and scoped keys, and export audit logs to your SIEM.

Integration contract Security & privacy Connectors

OpenAI-compatible

How the policy enforcement endpoint works

Send your normal chat completion request to /policy/chat/completions, attach a policy_id, and optionally tag requests with policy_user and policy_project_id for quotas and audit trails.

Policies are versioned and rollout-safe

Simulate changes locally or against live traffic
Run in shadow mode and canary percentage of traffic
Auto-rollback on decision-rate spikes
Structured reason codes for every decision

How to adopt

01Create a policy (UI or JSON).
02Create a project + scoped key.
03Send traffic to /policy/chat/completions with policy headers.

Export destinations

Splunk HEC Datadog Logs Elastic Amazon S3 Azure Monitor

Examples

Predictable outcomes, not random refusals.

Swap "I can't help with that" for policy-driven rewrites, redactions, or escalations.

Customer support rewrite

Before (provider refusal)

User: "Summarize our refund policy."
Assistant: "I can't help with that."

Under Policy Gateway

Assistant: "Here is a short summary of your refund policy..."
decision: rewrite
reason_code: REWRITE

PII redaction

Before (provider refusal)

User: "Show last 4 digits of my SSN."
Assistant: "Your SSN ends in 1234."

Under Policy Gateway

Assistant: "I can't share sensitive identifiers."
decision: redact
reason_code: REDACT

High-risk escalation

Before (provider refusal)

User: "Help me bypass account security."
Assistant: "I can't assist with that."

Under Policy Gateway

Assistant: "I'll route this to a specialist."
decision: escalate
reason_code: ESCALATE

Deep dive

Architecture, threat model, and compliance.

Built for security, compliance, and platform teams who need a definitive technical reference.

Architecture: where it sits in the stack

Accepts OpenAI-compatible requests, applies policy-as-code, and returns structured decisions plus audit metadata.

App / Agent
  -> Policy Gateway (/policy/chat/completions)
     -> abliterated-model (enterprise-controlled safety)
  <- Response + decision metadata
  -> Audit export (Splunk, Datadog, Elastic, S3, Azure Monitor)

Threat model: what it blocks vs what it doesn't

Blocks / mitigates

Policy violations via allow/deny lists and flagged categories.
PII leaks through automatic redaction.
Unsafe outputs via rewrite, summarize, escalate, or refuse outcomes.
Runaway usage with per-user and per-project quotas.

Does not replace

Application-layer authentication or authorization.
Network-layer WAFs or DDoS protection.
End-to-end data loss prevention beyond the LLM boundary.

Pricing

Enterprise-ready tiers.

Priced as a multiplier of your token/credit bundles. Checkout by Stripe, billed monthly. Contact sales for SSO or custom limits.

Control

Single-team rollouts and early governance initiatives.

$300/ month

Policy-as-code rules with reason codes
Simulation plus shadow / canary rollout
Audit logs with change history
30-day audit log retention

Ready to ship policy-as-code?

Start in the console or read the onboarding guide to see the full integration contract.

Open the console Read the onboarding guide