Prerequisites
- Node.js 18+ installed
- The Portkey Gateway repository cloned locally
- An API key for any external service your guardrail calls (optional)
How gateway plugins work
Portkey’s open-source gateway supports a plugin system specifically designed for guardrails. Each plugin:- Lives in the
/pluginsdirectory of the gateway repository - Declares its configuration in a
manifest.jsonfile - Exports a handler function that receives the request/response context and returns a verdict
- Can hook into
beforeRequestHook(input guardrail) orafterRequestHook(output guardrail)
Step 1: Create the plugin folder structure
Inside the gateway repository, create a new folder under/plugins:
Step 2: Define the manifest
Themanifest.json file declares your plugin’s identity, required credentials, and the guardrail functions it exposes.
manifest.json
Step 3: Implement the handler
Create your main TypeScript file (e.g.,main.ts) that exports the guardrail handler:
main.ts
Handler parameters
Return values
Step 4: Write tests
Create a test file to validate your guardrail logic:main.test.ts
Step 5: Configure the gateway
Edit theconf.json file in the root of the gateway repository to enable your plugin and provide credentials:
conf.json
plugins_enabled— List of plugin IDs to load."default"includes the built-in plugins.credentials— Maps plugin IDs to their credential values. Keys must match thecredentials.propertiesdefined in yourmanifest.json.
Step 6: Build and run locally
Build the plugins and start the gateway:http://localhost:8787 by default.
Step 7: Test with a live request
Send a request through your local gateway to verify the guardrail works:verdict: true), the request proceeds to the LLM. If it fails (verdict: false), the gateway returns a 446 status code (when deny is enabled) or a 246 status code (when deny is disabled).
The
x-portkey-config header accepts an inline JSON config. For production use, create a config through the Portkey app and reference it by ID instead.Example: profanity filter guardrail
Here’s a complete example of a simple profanity filter plugin:1
Create the plugin folder
2
Add the manifest
plugins/profanity-filter/manifest.json
3
Implement the handler
plugins/profanity-filter/main.ts
4
Configure and run
Update Build and start:
conf.json:Next steps
- Learn about guardrail actions and orchestration to configure what happens when a guardrail fails
- Explore existing partner guardrail integrations for reference implementations
- Use Bring Your Own Guardrails if you prefer a webhook-based approach instead of a gateway plugin
- Join the Portkey community for support

