create_policy_gate
Configure an account-wide policy gate to block violating LLM calls by restricting models, PII, or secrets before execution.
Instructions
Create a runtime policy gate (Pro+ only). Configures an account-wide model allowlist / PII block / secret block; the SDK (policyGate opt-in) blocks violating calls before execution. At least one rule (modelAllowlist / blockPii / blockSecrets) is required. One per account (409 if one exists). A redact mode is not supported (block only). Example phrasing: "only allow gpt-5.5 and claude-fable-5" / "block calls containing PII"
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| enabled | No | Whether the gate is enabled (default true) | |
| blockPii | No | Block on PII detection. Coverage = email / card numbers (Luhn-verified) / delimited phone numbers / delimited national ID numbers / IPv4 / IPv6 (full and common compressed forms). Undelimited digit runs for phone / national ID numbers are excluded to avoid false blocking | |
| enforceMode | No | Behavior when the backend is unreachable (default fail_open) | |
| blockSecrets | No | Block on detection of API-key / private-key-like tokens | |
| modelAllowlist | No | Array of allowed model names (1-100 entries, exact match). Omit = no model restriction |