Get Started with Javelin
Using Javelin with Portkey
1. Add Javelin Credentials to Portkey
- Navigate to the
Plugins
page underSidebar
- Click on the edit button for the Javelin integration
- Add your Javelin API key, domain information, and application name (refer to Javelin’s documentation for how to obtain these credentials)
- The application name is required as it determines which guardrails policy will be applied
Javelin’s unified guardrails approach automatically applies all enabled guardrails configured in your Javelin application policy. You manage which guardrails are active (Trust & Safety, Prompt Injection Detection, Language Detection, etc.) and their thresholds directly in the Javelin platform.
2. Add Javelin’s Guardrail Check
- Navigate to the
Guardrails
page and click theCreate
button - Search for “Javelin Guardrails” and click
Add
- Set any actions you want on your check, and create the Guardrail!
Guardrail Actions allow you to orchestrate your guardrails logic. You can learn about them here
Check Name | Description | Parameters | Supported Hooks |
---|---|---|---|
Javelin Guardrails | Auto-applies all enabled guardrails in your Javelin application policy including Trust & Safety, Prompt Injection Detection, Language Detection, and more | None - configured via Javelin policy | beforeRequestHook , afterRequestHook |
- Trust & Safety: Detect harmful content across categories including violence, weapons, hate speech, crime, sexual content, and profanity
- Prompt Injection Detection: Detect prompt injection attempts and jailbreak techniques to prevent model manipulation
- Language Detection: Detect the language of input text with confidence scores and enforce allowed languages
- Custom Guardrails: Any additional guardrails configured in your Javelin application policy
3. Add Guardrail ID to a Config and Make Your Request
- When you save a Guardrail, you’ll get an associated Guardrail ID - add this ID to the
input_guardrails
oroutput_guardrails
params in your Portkey Config - Create these Configs in Portkey UI, save them, and get an associated Config ID to attach to your requests. More here.
- NodeJS
- Python
- OpenAI NodeJS
- OpenAI Python
- cURL
Using Raw Guardrails with Javelin
You can define Javelin guardrails directly in your code for more programmatic control without using the Portkey UI. This “raw guardrails” approach lets you dynamically configure guardrails based on your application’s needs.We recommend that you create guardrails using the Portkey UI whenever possible. Raw guardrails are more complex and require you to manage credentials and configurations directly in your code.
Key Configuration Properties
Key Configuration Properties
Unified Javelin Guardrails
Javelin now provides a unified guardrails endpoint that automatically applies all enabled guardrails in your application policy. This simplifies configuration and ensures all your security checks are consistently applied.Guardrail Name | ID | Description | Parameters |
---|---|---|---|
Javelin Guardrails | javelin.guardrails | Auto-applies all enabled guardrails in your Javelin application policy (Trust & Safety, Prompt Injection Detection, Language Detection, etc.) | None - configured via Javelin policy |
Implementation Properties
type
: Always set to"guardrail"
for guardrail checksid
: A unique identifier for your guardrailcredentials
: Authentication details for JavelinapiKey
: Your Javelin API keydomain
: Your Javelin backend URL (e.g.,api-dev.javelin.live
)application
: Required - Application name for policy-specific guardrails
checks
: Array of guardrail checks to runid
: Usejavelin.guardrails
for the unified endpointparameters
: Not needed - all configuration is managed in Javelin policy
deny
: Whether to block the request if guardrail fails (true/false)async
: Whether to run guardrail asynchronously (true/false)on_success
/on_fail
: Optional callbacks for success/failure scenariosfeedback
: Data for logging and analyticsweight
: Importance of this feedback (0-1)value
: Feedback score (-10 to 10)
Unified Guardrails Example (Recommended)
Multiple Guardrails Configuration Example
You can apply Javelin guardrails to both inputs and outputs:When using raw guardrails, you must provide valid credentials for the Javelin service directly in your config. Make sure to handle these credentials securely and consider using environment variables or secrets management.The
application
field is required as it determines which guardrails policy from your Javelin platform will be applied to your requests.How Javelin Unified Guardrails Work
The unified guardrails approach offers several advantages:Centralized Policy Management
- Configure all guardrail rules, thresholds, and behaviors in the Javelin platform
- Changes to your security policy are instantly reflected across all applications
- No need to update code or configurations when adjusting security parameters
Comprehensive Protection
When you use Javelin guardrails, the system automatically checks for:- Trust & Safety: Content filtering across violence, weapons, hate speech, crime, sexual content, and profanity
- Prompt Injection Detection: Protection against manipulation attempts and jailbreaks
- Language Detection: Language compliance and allowlisting
- Custom Policies: Any additional guardrails configured in your Javelin application
Response Structure
The guardrail returns detailed assessment information including:- Which guardrails were triggered
- Category scores for each assessment
- Specific violations detected
- Reject prompts for failed checks
Portkey Orchestration
When Javelin guardrails detect violations, Portkey can orchestrate your request based on guardrail actions:With deny: false
(Default)
- Request continues even if guardrails fail
- Response includes detailed violation information
- Status code: 246 (non-blocking failure)
- Useful for logging and monitoring
With deny: true
- Request is blocked if guardrails fail
- Error response is returned immediately
- Status code: 446 (blocking failure)
- Useful for critical security checks
Example with Fallback Strategy
- Check inputs with Javelin guardrails
- If violations are detected, try the fallback provider
- Log all guardrail results for monitoring
Key Features
Trust & Safety
Javelin’s Trust & Safety processor provides comprehensive content filtering across multiple categories:- Violence & Weapons: Detect content related to violence, weapons, or harmful activities
- Hate Speech: Identify discriminatory language and hate speech
- Crime: Flag content related to criminal activities
- Sexual Content: Detect inappropriate sexual content
- Profanity: Filter profane language and offensive content
Prompt Injection Detection
Protect your AI agents & applications from sophisticated manipulation attempts:- Injection Pattern Recognition: Detect known prompt injection techniques
- Jailbreak Detection: Identify attempts to bypass model safety measures
- Malicious Command Filtering: Block attempts to execute unintended commands
- Real-time Analysis: Process inputs in real-time with configurable thresholds
Language Detection
Ensure content compliance with language policies:- Multi-language Support: Detect content in over 100 languages
- Confidence Scoring: Configurable confidence thresholds for accurate detection
- Language Allowlisting: Restrict content to specific languages
- Cultural Compliance: Maintain cultural and regional content standards