> ## Documentation Index
> Fetch the complete documentation index at: https://docs.portkey.ai/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Prompt Security

> Prompt Security detects and protects against prompt injection, sensitive data exposure, and other AI security threats.

[Prompt Security](https://www.prompt.security/solutions/employees) provides advanced protection for your AI applications against various security threats including prompt injections and sensitive data exposure, helping ensure safe interactions with LLMs.

To get started with Prompt Security, visit their website:

<Card title="Get Started with Prompt Security" href="https://www.prompt.security/solutions/employees" />

## Using Prompt Security with Portkey

### 1. Add Prompt Security Credentials to Portkey

* Click on the `Admin Settings` button on Sidebar
* Navigate to `Plugins` tab under Organisation Settings
* Click on the edit button for the Prompt Security integration
* Add your Prompt Security API Key and API Domain (obtain these from your Prompt Security account)

### 2. Add Prompt Security's Guardrail Check

* Navigate to the `Guardrails` page and click the `Create` button
* Search for either **"Prompt Security Prompt"** or **"Prompt Security Response"** depending on your needs and click `Add`
* (Optional) Configure the check parameters (Backend `v1.16.0+`):
  * **Policy** (`policy`, object) — Prompt Security policy JSON used to configure individual detectors (e.g. Prompt Injection Engine, Sensitive Data, Secrets, Harmful Content Moderator, Topics Detector, Language Detector, Regex, Code Detector, URLs Detector, Sentiment, Token Limitation, Token Rate Limit, Unicode Detector, Data Privacy Guidelines, Natural Language Guardrails). The Response check supports a subset focused on output (e.g. Prompt Leak Detector).
  * **Enable Redaction** (`redact`, boolean, default `false`) — Apply text modifications returned by detectors (e.g. PII sanitization, secret redaction, regex redaction) to the request/response.
  * **Monitor Only** (`monitorOnly`, boolean, default `false`) — Run detectors and log findings without blocking the request/response.
  * **User** (`user`, string) — User identifier for identity-aware policies and per-user token rate limiting.
  * **User Groups** (`userGroups`, array) — User group memberships for group-based policy enforcement.
* Set any `actions` you want on your check, and create the Guardrail!

<Note>
  Guardrail Actions allow you to orchestrate your guardrails logic. You can learn more about them [here](/product/guardrails#there-are-6-types-of-guardrail-actions)
</Note>

| Check Name               | Description                                                                                       | Parameters                                                                                            | Supported Hooks     |
| ------------------------ | ------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------------------- |
| Prompt Security Prompt   | Protect a user prompt before it is sent to the LLM. Supports configurable per-detector policy.    | `policy` (object), `redact` (boolean), `monitorOnly` (boolean), `user` (string), `userGroups` (array) | `beforeRequestHook` |
| Prompt Security Response | Protect an LLM response before it is sent to the user. Supports configurable per-detector policy. | `policy` (object), `redact` (boolean), `monitorOnly` (boolean), `user` (string), `userGroups` (array) | `afterRequestHook`  |

### 3. Add Guardrail ID to a Config and Make Your Request

* When you save a Guardrail, you'll get an associated Guardrail ID - add this ID to the `before_request_hooks` or `after_request_hooks` params in your Portkey Config
* Create these Configs in Portkey UI, save them, and get an associated Config ID to attach to your requests. [More here](/product/ai-gateway/configs).

Here's an example configuration:

```json theme={"system"}
{
  "input_guardrails": ["guardrails-id-xxx"],
  "output_guardrails": ["guardrails-id-yyy"],
}
```

<Tabs>
  <Tab title="NodeJS">
    ```js theme={"system"}
    const portkey = new Portkey({
        apiKey: "PORTKEY_API_KEY",
        config: "pc-***" // Supports a string config id or a config object
    });
    ```
  </Tab>

  <Tab title="Python">
    ```py theme={"system"}
    portkey = Portkey(
        api_key="PORTKEY_API_KEY",
        config="pc-***" # Supports a string config id or a config object
    )
    ```
  </Tab>

  <Tab title="OpenAI NodeJS">
    ```js theme={"system"}
    const openai = new OpenAI({
      apiKey: 'OPENAI_API_KEY',
      baseURL: PORTKEY_GATEWAY_URL,
      defaultHeaders: createHeaders({
        apiKey: "PORTKEY_API_KEY",
        config: "CONFIG_ID"
      })
    });
    ```
  </Tab>

  <Tab title="OpenAI Python">
    ```py theme={"system"}
    client = OpenAI(
        api_key="OPENAI_API_KEY", # defaults to os.environ.get("OPENAI_API_KEY")
        base_url=PORTKEY_GATEWAY_URL,
        default_headers=createHeaders(
            provider="openai",
            api_key="PORTKEY_API_KEY", # defaults to os.environ.get("PORTKEY_API_KEY")
            config="CONFIG_ID"
        )
    )
    ```
  </Tab>

  <Tab title="cURL">
    ```sh theme={"system"}
    curl https://api.portkey.ai/v1/chat/completions \
      -H "Content-Type: application/json" \
      -H "Authorization: Bearer $OPENAI_API_KEY" \
      -H "x-portkey-api-key: $PORTKEY_API_KEY" \
      -H "x-portkey-config: $CONFIG_ID" \
      -d '{
        "model": "gpt-3.5-turbo",
        "messages": [{
            "role": "user",
            "content": "Hello!"
          }]
      }'
    ```
  </Tab>
</Tabs>

For more, refer to the [Config documentation](/product/ai-gateway/configs).

Your requests are now guarded by Prompt Security's protection mechanisms, and you can see the verdict and any actions taken directly in your Portkey logs!

## Get Support

If you face any issues with the Prompt Security integration, join the [Portkey community forum](https://discord.gg/portkey-llms-in-prod-1143393887742861333) for assistance.
