API Integration
Integrate KoreShield into your applications and workflows
API Integration
KoreShield provides a simple OpenAI-compatible API that makes integration seamless. No code changes required for most applications.
OpenAI-Compatible API
KoreShield acts as a transparent proxy with the same API as OpenAI:
import openai
# Instead of direct OpenAI calls
client = openai.OpenAI(api_key="sk-your-key")
# Route through KoreShield for security
client = openai.OpenAI(
api_key="sk-your-key", # Your actual OpenAI key
base_url="http://localhost:8000/v1" # KoreShield proxy
)
# All your existing code works unchanged
response = client.chat.completions.create(
model="gpt-4",
messages=[{"role": "user", "content": "Hello, world!"}]
)REST API
For direct API access, KoreShield provides a comprehensive REST API:
# Health check
curl http://localhost:8000/health
# Get security statistics
curl http://localhost:8000/api/v1/stats
# List security events
curl http://localhost:8000/api/v1/events?limit=10SDKs and Libraries
Python SDK
from koreshield import KoreShield
# Initialize client
ks = KoreShield(
api_key="sk-your-key",
base_url="http://localhost:8000/v1"
)
# Secure API calls
response = ks.chat.completions.create(
model="gpt-4",
messages=[{"role": "user", "content": "Secure prompt"}]
)JavaScript/TypeScript SDK
import { KoreShield } from 'koreshield-sdk';
const ks = new KoreShield({
apiKey: 'sk-your-key',
baseURL: 'http://localhost:8000/v1'
});
const response = await ks.chat.completions.create({
model: 'gpt-4',
messages: [{ role: 'user', content: 'Secure prompt' }]
});Webhook Integration
Receive real-time security events via webhooks:
webhooks:
security_events:
url: "https://your-app.com/webhooks/security"
secret: "your-webhook-secret"
events: ["prompt_injection", "policy_violation"]
alerts:
url: "https://slack-webhook-url"
events: ["high_severity"]CI/CD Integration
Integrate security scanning into your deployment pipeline:
# .github/workflows/security.yml
name: Security Scan
on: [push, pull_request]
jobs:
security-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run KoreShield Security Tests
run: |
pip install koreshield
koreshield test-prompts --config security-config.yamlEnterprise Integration
Single Sign-On (SSO)
auth:
sso:
provider: "okta" # okta, auth0, azure_ad
client_id: "your-client-id"
client_secret: "your-client-secret"
domain: "your-domain.com"API Gateway Integration
Works with popular API gateways:
- Kong Gateway: Custom plugins available
- AWS API Gateway: Lambda integration
- Azure API Management: Policy integration
- NGINX: Reverse proxy configuration
Monitoring Integration
monitoring:
datadog:
api_key: "your-datadog-key"
tags: ["env:production", "service:koreshield"]
prometheus:
enabled: true
port: 9090
path: "/metrics"Migration Guide
From Direct API Calls
- Install KoreShield
- Configure your LLM providers
- Change
base_urlto point to KoreShield - Test with a subset of traffic
- Gradually migrate all requests
From Other Security Tools
KoreShield can complement existing security tools:
- Before: App → Security Tool → LLM
- After: App → KoreShield → Security Tool → LLM
Or replace them entirely for LLM-specific protection.
KoreShield stores your request history so you can analyze past traffic patterns. The retention period depends on your subscription plan:
- Free Plan: 3 days retention
- Ray Plan: 14 days retention
- Beam Plan: 30 days retention
- Pulse Plan: 90 days retention