Agent Integration
Govern autonomous AI agent actions with real-time policy evaluation and automatic session tracking.
Overview
The Agent integration is designed for governing autonomous AI agents -- chatbots, code assistants, support agents, and any system that makes tool calls or decisions on behalf of users. It uses the same evaluate endpoint as the REST API with one additional capability:
sessionId is provided. Every evaluation is tracked in a session by default.Setup
Create an agent integration
Navigate to Integrations in the Aguardic dashboard, click Add Integration, and select Agent. Give it a name and copy the API key.
API keys are shown only once. Store it securely in your environment variables. If you lose it, regenerate it from the integration settings.
Bind policies
Go to Policy Bindings and bind your governance policies to the Agent integration. Only bound policies are evaluated.
Install the SDK
npm install @aguardic/sdkEvaluating Agent Actions
Use the SDK to evaluate each tool call or action before your agent executes it.
import Aguardic from "@aguardic/sdk";
const aguardic = new Aguardic(process.env.AGUARDIC_API_KEY);
// Create a session for this agent conversation
const session = await aguardic.sessions.create({
metadata: { agentId: "customer-support-bot", userId: "user-456" },
});
// Evaluate a tool call before executing it
const result = await aguardic.evaluate({
sessionId: session.id,
input: {
tool: "send_email",
args: { to: "customer@example.com", subject: "Account Update", body: "..." },
},
targetKey: "send_email",
});
switch (result.enforcementAction) {
case "BLOCK":
// Do not execute
console.log("Blocked:", result.violations);
break;
case "APPROVAL_REQUIRED":
// Wait for human review
const review = await aguardic.reviews.get(result.reviewRequestId!);
if (review.status === "APPROVED") {
await executeToolCall("send_email", args);
}
break;
case "WARN":
// Execute but log the warning
console.warn("Policy warning:", result.violations);
await executeToolCall("send_email", args);
break;
case "ALLOW":
await executeToolCall("send_email", args);
break;
}
// End the session when the conversation is done
await aguardic.sessions.end(session.id);Automatic Sessions
Agent integrations automatically create a session if you call evaluate() without a sessionId. The auto-created session ID is returned in the response. This means every evaluation is tracked in a session by default, giving you full audit trail and context-aware policy evaluation without extra setup.
For more control over session lifecycle, create sessions explicitly using sessions.create() and sessions.end(). See Evaluation Sessions.
Agent vs REST API vs MCP
All three integration types evaluate content against the same policy engine. Choose based on your use case:
| Field | Type | Description |
|---|---|---|
Agent | integration | Best for AI agents. Auto-creates sessions for full audit trail and context-aware evaluation. |
REST API | integration | Best for custom applications, pipelines, and microservices. No auto-session -- you manage sessions explicitly if needed. |
MCP Server | integration | Best for MCP-compatible agents (Claude, Cursor, ChatGPT). Exposes an evaluate tool via Model Context Protocol. |
Next Steps
- JavaScript / TypeScript SDK -- Full SDK reference
- Evaluation Sessions -- Session management and context-aware policies
- MCP Server -- Integrate with MCP-compatible agents
- REST API -- Use the evaluate API for non-agent integrations