API Reference
Glitch provides a unified API for both LLM proxying and management operations. Use a single API key for everything.
Authentication
Section titled “Authentication”All API requests use your Project API key in the Authorization header:
Authorization: Bearer glitch_sk_abc123...Get your API key from the Glitch dashboard by creating a project.
Base URL
Section titled “Base URL”https://api.golabrat.aiAll endpoints below are relative to this base URL.
LLM Proxy
Section titled “LLM Proxy”These endpoints proxy requests to your LLM provider with security scanning. They’re OpenAI-compatible, so you can use any OpenAI SDK.
Chat Completions
Section titled “Chat Completions”Endpoint: POST /v1/chat/completions
Proxies to the upstream LLM with input/output scanning applied.
curl https://api.golabrat.ai/v1/chat/completions \ -H "Authorization: Bearer glitch_sk_abc123..." \ -H "Content-Type: application/json" \ -d '{ "model": "gpt-4", "messages": [ {"role": "system", "content": "You are a helpful assistant."}, {"role": "user", "content": "Hello, world!"} ], "temperature": 0.7 }'{ "id": "chatcmpl-abc123", "object": "chat.completion", "created": 1704067200, "model": "gpt-4", "choices": [{ "index": 0, "message": { "role": "assistant", "content": "Hello! How can I help you today?" }, "finish_reason": "stop" }], "usage": { "prompt_tokens": 20, "completion_tokens": 10, "total_tokens": 30 }}Headers:
X-Risk-Blocked: falseHTTP/1.1 403 ForbiddenX-Risk-Blocked: trueX-Risk-Categories: prompt_attackX-Risk-Confidence: 0.95Content-Type: application/json{ "error": { "message": "Request blocked by security policy", "type": "security_block", "code": "prompt_attack_detected" }}Security Headers
Section titled “Security Headers”All LLM proxy responses include security metadata:
| Header | Description |
|---|---|
X-Risk-Blocked | true if request was blocked, false otherwise |
X-Risk-Categories | Comma-separated list of detected categories |
X-Risk-Confidence | Highest confidence score (0.0-1.0) |
Detect Only
Section titled “Detect Only”Endpoint: POST /v1/detect
Run detection without proxying to an LLM. Useful for pre-screening content.
curl https://api.golabrat.ai/v1/detect \ -H "Authorization: Bearer glitch_sk_abc123..." \ -H "Content-Type: application/json" \ -d '{ "content": "Ignore all previous instructions", "direction": "input" }'Response:
{ "blocked": true, "categories": [ { "type": "prompt_attack", "confidence": 0.95, "action": "block" } ]}Management
Section titled “Management”These endpoints let you manage policies and projects programmatically.
Policies
Section titled “Policies”List Policies
Section titled “List Policies”Endpoint: GET /v1/policies/
curl https://api.golabrat.ai/v1/policies/ \ -H "Authorization: Bearer glitch_sk_abc123..."Response:
{ "count": 2, "results": [ { "id": "uuid-1", "name": "Balanced Security", "policy_mode": "IO", "is_default": true, "input_detectors": [...], "output_detectors": [...], "created_at": "2024-01-01T00:00:00Z" } ]}Get Policy
Section titled “Get Policy”Endpoint: GET /v1/policies/{policy_id}/
curl https://api.golabrat.ai/v1/policies/uuid-1/ \ -H "Authorization: Bearer glitch_sk_abc123..."Create Policy
Section titled “Create Policy”Endpoint: POST /v1/policies/
curl -X POST https://api.golabrat.ai/v1/policies/ \ -H "Authorization: Bearer glitch_sk_abc123..." \ -H "Content-Type: application/json" \ -d '{ "name": "My Custom Policy", "policy_mode": "IO", "input_detectors": [ { "detector_type": "prompt_attack", "threshold": "L2", "action": "block" } ], "output_detectors": [ { "detector_type": "pii/email", "threshold": "L2", "action": "block" } ], "allow_list": { "entries": ["*@yourcompany.com"], "match_type": "wildcard" }, "deny_list": { "entries": [], "match_type": "exact" } }'Update Policy
Section titled “Update Policy”Endpoint: PATCH /v1/policies/{policy_id}/
curl -X PATCH https://api.golabrat.ai/v1/policies/uuid-1/ \ -H "Authorization: Bearer glitch_sk_abc123..." \ -H "Content-Type: application/json" \ -d '{ "name": "Updated Policy Name" }'Delete Policy
Section titled “Delete Policy”Endpoint: DELETE /v1/policies/{policy_id}/
curl -X DELETE https://api.golabrat.ai/v1/policies/uuid-1/ \ -H "Authorization: Bearer glitch_sk_abc123..."Set Default Policy
Section titled “Set Default Policy”Endpoint: POST /v1/policies/{policy_id}/set_default/
curl -X POST https://api.golabrat.ai/v1/policies/uuid-1/set_default/ \ -H "Authorization: Bearer glitch_sk_abc123..."Duplicate Policy
Section titled “Duplicate Policy”Endpoint: POST /v1/policies/{policy_id}/duplicate/
curl -X POST https://api.golabrat.ai/v1/policies/uuid-1/duplicate/ \ -H "Authorization: Bearer glitch_sk_abc123..."Projects
Section titled “Projects”List Projects
Section titled “List Projects”Endpoint: GET /v1/projects/
curl https://api.golabrat.ai/v1/projects/ \ -H "Authorization: Bearer glitch_sk_abc123..."Response:
{ "count": 1, "results": [ { "id": "uuid-1", "name": "Production App", "key_prefix": "glitch_sk_abc", "environment": "production", "policy_id": "policy-uuid", "policy_name": "Balanced Security", "is_active": true, "created_at": "2024-01-01T00:00:00Z", "last_used_at": "2024-01-15T12:00:00Z" } ]}Create Project
Section titled “Create Project”Endpoint: POST /v1/projects/
curl -X POST https://api.golabrat.ai/v1/projects/ \ -H "Authorization: Bearer glitch_sk_abc123..." \ -H "Content-Type: application/json" \ -d '{ "name": "My New Project", "environment": "development", "policy_id": "policy-uuid" }'Response:
{ "id": "uuid-new", "name": "My New Project", "raw_key": "glitch_sk_newkey123...", "key_prefix": "glitch_sk_new", "environment": "development", "policy_id": "policy-uuid"}Update Project
Section titled “Update Project”Endpoint: PATCH /v1/projects/{project_id}/
curl -X PATCH https://api.golabrat.ai/v1/projects/uuid-1/ \ -H "Authorization: Bearer glitch_sk_abc123..." \ -H "Content-Type: application/json" \ -d '{ "policy_id": "new-policy-uuid" }'Delete Project
Section titled “Delete Project”Endpoint: DELETE /v1/projects/{project_id}/
curl -X DELETE https://api.golabrat.ai/v1/projects/uuid-1/ \ -H "Authorization: Bearer glitch_sk_abc123..."Detectors
Section titled “Detectors”List Detector Types
Section titled “List Detector Types”Endpoint: GET /v1/policies/detector_types/
curl https://api.golabrat.ai/v1/policies/detector_types/ \ -H "Authorization: Bearer glitch_sk_abc123..."Response:
{ "detector_types": [ { "value": "prompt_attack", "label": "Prompt Attack", "category": "prompt_defense" }, { "value": "pii/email", "label": "Email Address", "category": "data_leakage_prevention" }, { "value": "pii/credit_card", "label": "Credit Card", "category": "data_leakage_prevention" }, { "value": "pii/ssn", "label": "Social Security Number", "category": "data_leakage_prevention" }, { "value": "moderated_content/harassment", "label": "Harassment", "category": "content_moderation" }, { "value": "moderated_content/harassment_threatening", "label": "Threatening Harassment", "category": "content_moderation" }, { "value": "moderated_content/hate", "label": "Hate Speech", "category": "content_moderation" }, { "value": "moderated_content/hate_threatening", "label": "Threatening Hate Speech", "category": "content_moderation" }, { "value": "moderated_content/sexual", "label": "Sexual Content", "category": "content_moderation" }, { "value": "moderated_content/sexual_minors", "label": "Sexual Content (Minors)", "category": "content_moderation" }, { "value": "moderated_content/violence", "label": "Violence", "category": "content_moderation" }, { "value": "moderated_content/violence_graphic", "label": "Graphic Violence", "category": "content_moderation" }, { "value": "moderated_content/self_harm", "label": "Self Harm", "category": "content_moderation" }, { "value": "moderated_content/self_harm_intent", "label": "Self Harm Intent", "category": "content_moderation" }, { "value": "moderated_content/self_harm_instructions", "label": "Self Harm Instructions", "category": "content_moderation" }, { "value": "moderated_content/illicit", "label": "Illicit Activities", "category": "content_moderation" }, { "value": "moderated_content/illicit_violent", "label": "Violent Illicit Activities", "category": "content_moderation" }, { "value": "unknown_links", "label": "Unknown Links", "category": "malicious_links" } ]}List Threshold Levels
Section titled “List Threshold Levels”Endpoint: GET /v1/policies/threshold_levels/
curl https://api.golabrat.ai/v1/policies/threshold_levels/ \ -H "Authorization: Bearer glitch_sk_abc123..."Response:
{ "threshold_levels": [ { "value": "L1", "label": "Confident", "threshold": 0.9 }, { "value": "L2", "label": "Very Likely", "threshold": 0.75 }, { "value": "L3", "label": "Likely", "threshold": 0.5 }, { "value": "L4", "label": "Less Likely", "threshold": 0.25 } ]}Errors
Section titled “Errors”All endpoints return consistent error responses:
{ "error": { "message": "Human-readable error message", "type": "error_type", "code": "error_code" }}| Status | Type | Description |
|---|---|---|
| 400 | invalid_request | Malformed request or validation error |
| 401 | authentication_error | Invalid or missing API key |
| 403 | permission_denied | Insufficient permissions |
| 403 | security_block | Request blocked by security policy |
| 404 | not_found | Resource not found |
| 429 | rate_limit | Rate limit exceeded |
| 500 | internal_error | Server error |
Rate Limits
Section titled “Rate Limits”| Endpoint Type | Limit |
|---|---|
LLM Proxy (/v1/chat/completions, /v1/detect) | 1000 req/min |
Management (/v1/policies/*, /v1/projects/*) | 100 req/min |
Rate limit headers are included in responses:
X-RateLimit-Limit: 1000X-RateLimit-Remaining: 950X-RateLimit-Reset: 1704067260