API Documentation
Add AI governance to any agent, model, or AI-powered workflow in minutes. TrustLoop works as a drop-in proxy for OpenAI, Anthropic, and Google — or via direct REST API, MCP, SDK, browser extension, or n8n. No SDK required.
Quickstart
The fastest integration is the drop-in proxy — change base_url to TrustLoop and your existing code is governed immediately. Or use the Direct Intercept API for any framework.
from openai import OpenAI client = OpenAI( api_key="sk-your-openai-key", base_url="https://api.trustloop.live/v1", # ← only change default_headers={"x-api-key": "tl_your_key"} # ← add this ) # All existing code works unchanged — TrustLoop intercepts automatically response = client.chat.completions.create( model="gpt-4o-mini", messages=[{"role": "user", "content": "Transfer £5000 to supplier"}], tools=[...] )
Authentication
All API requests require a TrustLoop API key passed in the x-api-key header.
# Header (recommended) x-api-key: tl_your_api_key_here # Query parameter (SSE / browser export) GET /sse?api_key=tl_your_api_key_here
Get your API key from trustloop.live/signup or your dashboard settings.
Base URL
https://api.trustloop.live
Drop-in Proxies
TrustLoop provides transparent proxies for the three major AI provider APIs. Point your existing client at TrustLoop — no other code changes. Every request is logged, governed, and blockchain-anchored.
OpenAI & compatible providers
Pass your provider key in Authorization: Bearer as usual. For non-OpenAI providers, add the x-upstream-base header to route to the correct endpoint:
from openai import OpenAI client = OpenAI( api_key="gsk_your_groq_key", base_url="https://api.trustloop.live/v1", default_headers={ "x-api-key": "tl_your_key", "x-upstream-base": "https://api.groq.com/openai/v1" # route to Groq } )
Supported values for x-upstream-base:
Anthropic / Claude
import anthropic client = anthropic.Anthropic( api_key="sk-ant-your-key", base_url="https://api.trustloop.live/proxy/anthropic", default_headers={"x-api-key": "tl_your_key"} )
Google Gemini
import google.generativeai as genai genai.configure( api_key="AIza-your-key", client_options={"api_endpoint": "https://api.trustloop.live/proxy/google"} ) # Pass your TrustLoop key in x-api-key header
Proxy response format
All proxy responses pass through the provider's normal response unchanged, with a _trustloop metadata field appended:
{ "choices": [...], "_trustloop": { "status": "allowed", "tool": "read_file" } }{
"choices": [{ "message": { "content": "Tool 'delete_file' is blocked by governance policy." } }],
"_trustloop": { "blocked": true, "tool": "delete_file", "rule": "Block all file deletions" }
}{
"choices": [{ "message": { "content": "Action requires human approval. Retry once approved." } }],
"_trustloop": { "status": "pending_approval", "approval_id": "uuid", "tool": "wire_transfer" }
}Direct Intercept API
For any framework that doesn't use an OpenAI-compatible SDK — LangChain custom tools, AutoGen, Llama Index, custom agents — call the intercept endpoint directly in your tool execution logic.
Request body
| Field | Type | Description |
|---|---|---|
| tool_name | string | Name of the tool being called |
| arguments | object | Tool arguments (optional but recommended for rule matching) |
| agent_name | string | Agent identifier shown in dashboard (optional) |
import requests def trustloop_check(tool_name, args): res = requests.post( "https://api.trustloop.live/api/intercept", headers={"x-api-key": "tl_your_key"}, json={"tool_name": tool_name, "arguments": args, "agent_name": "my-agent"} ).json() if not res["allowed"]: raise PermissionError(res["message"]) # In your tool executor: trustloop_check("delete_records", {"table": "customers"})
MCP Protocol
Connect Claude Desktop, Cursor, or any MCP-compatible client via Server-Sent Events. Every tool call made by the client is intercepted and governed before execution.
claude_desktop_config.json:
Browser Extension Shadow AI
The TrustLoop browser extension monitors employee use of AI chat interfaces — ChatGPT, Claude.ai, Gemini, Microsoft Copilot, Perplexity, and Poe — without any agent or API integration required.
How it works
The extension patches window.fetch in the page context to intercept outgoing AI requests. Prompts are captured before they leave the browser, PII-masked, and sent to your TrustLoop tenant via /api/browser-intercept.
Supported platforms
Request body
| Field | Type | Description |
|---|---|---|
| source | string | AI platform (e.g. chatgpt, claude, gemini) |
| prompt | string? | Intercepted message text (PII-masked before storage) |
| model | string? | Model name if detectable |
| url | string? | Page URL |
| employee_name | string? | Set by employee in extension popup |
SDKs & Framework Integrations
Official SDKs wrap the REST API with a clean interface. Zero config beyond your API key.
Python — pip install trustloop-sdk
pip install trustloop-sdk # With LangChain integration pip install trustloop-sdk[langchain] # With CrewAI integration pip install trustloop-sdk[crewai] # With async support (httpx) pip install trustloop-sdk[async]
from trustloop import TrustLoop tl = TrustLoop(api_key="tl_your_key", agent_name="my-agent") # Manual check before any action result = tl.intercept("send_email", {"to": "ceo@bank.com"}) if not result["allowed"]: raise RuntimeError(result["message"]) # Or use the decorator — cleaner for existing tools @tl.guard("delete_records") def delete_records(table, where): ... # only runs if TrustLoop allows it
LangChain integration
from trustloop.integrations.langchain import wrap_tools # Wrap all LangChain tools in one line — no changes to individual tools tools = wrap_tools(raw_tools, tl) agent = create_tool_calling_agent(llm, tools, prompt)
CrewAI integration
from trustloop.integrations.crewai import governed_tool @governed_tool(tl) class SendEmailTool(BaseTool): name = "send_email" description = "Send an email" def _run(self, to, subject, body): ... # intercepted automatically
Node.js — npm install trustloop
import TrustLoop from 'trustloop'; const tl = new TrustLoop({ apiKey: 'tl_your_key', agentName: 'my-agent' }); const result = await tl.intercept('send_email', { to: 'ceo@bank.com' }); if (!result.allowed) throw new Error(result.message);
No-code — n8n, Make, Zapier
TrustLoop is available as a native community node in n8n, and can be connected to Make and Zapier via the REST API with no coding required.
n8n Community Node
n8n-nodes-trustloop. The TrustLoop node will appear in your workflow palette.
Supported operations in the n8n node:
| Operation | Description |
|---|---|
| Intercept | Check a tool call before executing it — returns ALLOWED / BLOCKED / PENDING |
| Get Logs | Retrieve recent audit log entries |
| Get Stats | Usage counts and block rate |
| Get Pending | List pending human approval requests |
| Decide | Approve or deny a pending request programmatically |
| Block Tool | Add a tool to the kill-switch list |
Make / Zapier
Use the HTTP module in Make or Zapier's Webhooks action to call POST /api/intercept with your API key. Connect TrustLoop as a step between your trigger and any sensitive action.
Custom GPTs (OpenAI Enterprise)
Add TrustLoop as a GPT Action so every Custom GPT in your organisation is governed — no code changes, just configuration.
Step 1 — Import the TrustLoop action
- Open your Custom GPT in the OpenAI editor → Configure → Add actions
- Click Import from URL and paste:
https://trustloop.live/openapi.json - Under Authentication → select API Key → Auth type: Custom → Header name:
x-api-key→ paste your TrustLoop API key - Save the action.
Step 2 — Add to system prompt
Before taking any sensitive action — sending emails, accessing databases, calling external APIs, transferring data, modifying files, or any operation that affects systems outside this conversation — you MUST call the TrustLoop interceptToolCall action first. Pass the action name as tool_name and all relevant parameters as arguments. Set agent_name to the name of this GPT. - If allowed: true → proceed. - If allowed: false and status BLOCKED → do NOT proceed. Tell the user: "This action was blocked by your organisation's AI governance policy." - If allowed: false and status PENDING → do NOT proceed. Tell the user: "This action requires human approval. Your administrator has been notified." Never skip this check for sensitive operations.
agent_name (e.g. finance-assistant, hr-copilot). TrustLoop tracks each agent separately in the dashboard with per-agent kill-switch controls.
Audit Logs
Approval Rules
Plain-English rules evaluated by AI against every tool call. No need to specify exact tool names.
Create a rule
| Field | Type | Description |
|---|---|---|
| rule_text | string | Plain-English rule — e.g. "Any wire transfer over £1,000 needs approval" |
| action | approve | block | approve = route for human approval. block = reject immediately. |
| approver_email | string? | Email to notify. Defaults to notification settings if omitted. |
Pending Approvals
Notification Settings
| Field | Type | Description |
|---|---|---|
| notify_email | string? | Default approver email |
| slack_webhook_url | string? | Slack incoming webhook URL |
| teams_webhook_url | string? | Microsoft Teams incoming webhook URL |
Blocked Tools (Kill Switch)
Block any tool name across all agents instantly — takes effect on the next call within milliseconds.
Policy Desk New
Upload an existing policy document — GDPR policy, AI use policy, ISO 42001 framework, or any internal guidelines — and TrustLoop will extract enforceable governance rules from it. Each proposed rule shows the source clause it came from. You review and approve before anything goes live.
Available in the dashboard under the Policy Desk tab, and via API below.
Upload a policy document
Accepts multipart file upload (PDF, .docx, .txt) or JSON with a text field. Rule extraction runs in the background — the response returns immediately with a doc_id to poll.
| Field | Type | Description |
|---|---|---|
| file | multipart | PDF, Word (.docx), or plain text file — up to 10MB |
| text | string | Alternatively, paste policy text directly (JSON body) |
| filename | string? | Optional label when using text body |
Returns: { doc_id, filename, status: "processing" }
Check extraction status
Poll until status is done. Returns the document record plus a rules array of proposed rules — each with rule_text, action, source_clause, and explanation.
Approve or reject a proposed rule
| Field | Type | Description |
|---|---|---|
| decision | approve | reject | Approve adds the rule to your live governance layer immediately. Reject discards it. |
| rule_text | string? | Optional — override the rule text before approving |
| action | approve | block | Optional — override the action before approving |
List all uploaded documents
Returns all policy documents uploaded by this tenant, with filename, status, and number of rules extracted.
Response Format
All /api/intercept responses follow this structure:
| Field | Type | Description |
|---|---|---|
| allowed | boolean | Whether the action is permitted to proceed |
| status | string | allowed | blocked | pending_approval |
| message | string | Human-readable reason (safe to show to end users) |
| rule_matched | string? | The governance rule text that triggered this decision |
| approval_id | string? | UUID of the pending approval record (if status is pending) |
Errors
| Status | Meaning |
|---|---|
| 401 | Missing or invalid x-api-key |
| 402 | Usage limit reached — upgrade your plan |
| 400 | Missing required field in request body |
| 403 | Agent limit reached for current plan |
| 500 | Internal server error — contact support if this persists |