Anthropic Integration

Enforce policies on Anthropic Claude model interactions.

Overview

The Anthropic integration acts as a proxy between your application and the Anthropic API. Requests pass through Aguardic for policy evaluation before reaching Anthropic. If a request violates a policy, it can be blocked before it ever leaves your infrastructure.

The proxy supports all Anthropic API endpoints. Policy evaluation is triggered on the messages endpoint (/v1/messages). Other endpoints pass through without evaluation.

Setup

1. Create an Anthropic Integration

Navigate to Integrations in the Aguardic dashboard, click Add Integration, and select Anthropic. Provide your Anthropic API key and give the integration a name.

Aguardic stores your Anthropic API key securely (encrypted with AES-256-GCM). When you create the integration, you receive a proxy URL and an Aguardic API key.

Store your Aguardic API key securely. It is shown only once. If you lose it, revoke it and create a new one.

2. Bind Policies

Go to Policy Bindings and bind your governance policies to the Anthropic integration.

3. Replace Your Base URL

Point your application at the Aguardic proxy URL instead of the Anthropic API directly.

Proxy URL

https://api.aguardic.com/v1/integrations/anthropic/proxy/{integrationId}

Replace {integrationId} with the ID returned when you created the integration.

Never expose the proxy URL in client-side code. The proxy should only be called from your server to prevent API key leakage.

How the Proxy Works

Your application sends a request to the Aguardic proxy URL
Aguardic extracts text content from the request (system prompt, messages)
Input evaluation: Content is evaluated against all bound policies
If BLOCK: Returns 403 with violation details. The request never reaches Anthropic.
If APPROVAL_REQUIRED: Returns 403 with a review request ID for polling.
If ALLOW or WARN: The request is forwarded to Anthropic with your stored API key
The Anthropic response is streamed back to your application
Output evaluation: The response content is evaluated asynchronously (up to 1MB buffer)

Code Example

Since Aguardic stores your Anthropic API key, you authenticate to the proxy with your Aguardic API key:

import Anthropic from "@anthropic-ai/sdk";
 
const anthropic = new Anthropic({
  apiKey: process.env.AGUARDIC_API_KEY, // Your Aguardic API key
  baseURL:
    "https://api.aguardic.com/v1/integrations/anthropic/proxy/YOUR_INTEGRATION_ID",
});
 
// Use the Anthropic SDK as normal
const message = await anthropic.messages.create({
  model: "claude-sonnet-4-20250514",
  max_tokens: 1024,
  messages: [{ role: "user", content: "Summarize our compliance requirements" }],
});
 
console.log(message.content[0].text);

Or with curl:

curl -X POST https://api.aguardic.com/v1/integrations/anthropic/proxy/YOUR_INTEGRATION_ID/v1/messages \
  -H "Authorization: Bearer ag_live_abc123def456" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "claude-sonnet-4-20250514",
    "max_tokens": 1024,
    "messages": [
      { "role": "user", "content": "Summarize our compliance requirements" }
    ]
  }'

Input Evaluation

Before forwarding to Anthropic, Aguardic extracts text from your request:

System prompt: The system field is included in the evaluation
Messages: All message content (user and assistant) is concatenated and evaluated
Multimodal requests: Text parts are extracted from content arrays. Image and document presence is detected and available as metadata (hasImages, hasFiles, fileTypes)

The evaluation input also includes the model name, endpoint path, and streaming flag.

Output Evaluation

After Anthropic responds, the output content is evaluated asynchronously:

Response body is buffered during streaming (up to 1MB)
Text blocks from the assistant response are extracted and evaluated
For SSE streaming, content_block_delta events are assembled into the full response
Output violations are logged but do not block the response (already streamed)
Output evaluation does not count against your evaluation quota

Streaming Support

Streaming responses (stream: true) are fully supported. Aguardic streams SSE events to your application in real time while buffering for post-response evaluation. If the response exceeds 1MB, output evaluation is skipped.

Error Responses

When a request is blocked, the proxy returns a 403 in Anthropic's error format:

{
  "type": "error",
  "error": {
    "type": "policy_violation",
    "message": "Request blocked by policy. 2 violation(s) detected."
  },
  "run_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
  "review_request_id": null,
  "poll_url": null
}

When approval is required, review_request_id and poll_url are populated so you can poll for the review decision.

Enforcement Modes

BLOCK -- Returns 403 before the request reaches Anthropic. The request is never sent.
APPROVAL_REQUIRED -- Returns 403 with a review request. The request is held until approved.
WARN -- Forwards the request to Anthropic. Violations are logged in Aguardic for review.
MONITOR_ONLY -- Forwards the request to Anthropic. Violations are logged silently.

Next Steps

OpenAI Integration -- Same proxy pattern for OpenAI GPT models
Gemini Integration -- Same proxy pattern for Google Gemini
Your First Policy -- Create policies to evaluate against

OpenAI Gemini