@noirstack/openaiguardrails
v0.2.0
Published
Official JavaScript/TypeScript client for Open AI Guardrails policy distribution, audit evidence, and OPA control-plane APIs.
Maintainers
Readme
@noirstack/openaiguardrails
Official JavaScript/TypeScript client for the Open AI Guardrails runtime API.
Install
npm install @noirstack/openaiguardrailsQuick start
import { createClient } from '@noirstack/openaiguardrails';
const guardrails = createClient({
baseUrl: 'https://openaiguardrails.org',
token: process.env.OPENAIGUARDRAILS_API_TOKEN,
});
const policy = await guardrails.getPolicy('prod-safety-alpha');
const skills = await guardrails.listSkills();Pass a bearer token for protected routes (policy manager, blog review, admin publish). Public catalog and health endpoints work without a token against the hosted API.
API surface
Core
| Method | HTTP | Auth |
|--------|------|------|
| health() | GET /health | — |
| getOpenApi() | GET /openapi.json | — |
| listEntries() | GET /api/entries | — |
| listDiscussions() | GET /api/discussions | — |
Policy manager & OPA
| Method | HTTP | Auth |
|--------|------|------|
| listPolicies() | GET /api/policies | optional* |
| getPolicy(policyId) | GET /v1/policy/:id | — |
| togglePolicyControl(policyId, key, value) | POST /api/policies/:id/toggles | policy manager |
| runPolicyAction(policyId, action, payload) | POST /api/policies/:id/actions | policy manager |
| exportAudit(policyId) | GET /api/policies/:id/audit-export | policy manager |
| listOpaImports() | GET /api/opa/imports | policy manager |
| importOpaPolicy(payload) | POST /api/opa/imports | policy manager |
| simulateOpaImport(importId, input) | POST /api/opa/imports/:id/simulate | policy manager |
| exportOpaImport(importId, target) | GET .../export/:target | policy manager |
| publishOpaImport(importId, payload) | POST .../publish | policy manager |
*Hosted production may require Auth0 when POLICY_MANAGER_REQUIRE_AUTH=true.
Agent Skills platform
| Method | HTTP |
|--------|------|
| listSkills() | GET /api/skills |
| getSkill(skillId) | GET /api/skills/:id |
| listProfessions() | GET /api/professions |
| getProfession(professionId) | GET /api/professions/:id |
| getMcpRegistry() | GET /api/mcp/registry |
| getMcpTool(skillId) | GET /api/mcp/tools/:skillId |
Blog workflow
| Method | HTTP | Auth |
|--------|------|------|
| listBlogPendingPosts() | GET /api/blog/pending-posts | read:blog_submissions or admin |
| submitBlogPost(payload) | POST /api/blog/pending-posts | submit:blog or user/admin |
| getBlogReview(reviewId) | GET /api/blog/reviews/:id | read:blog_submissions or admin |
| approveBlogReview(reviewId, payload) | POST .../approve | manage:blog or admin |
| rejectBlogReview(reviewId, payload) | POST .../reject | manage:blog or admin |
| publishBlogReview(reviewId, payload) | POST .../publish | manage:blog or admin |
| publishBlogPost(payload) | POST /api/blog/publish | manage:blog or admin |
Operations
| Method | HTTP | Auth |
|--------|------|------|
| getSmtpStatus() | GET /api/ops/smtp-status | manage:system or admin |
Use request(path, options) for forward-compatible access to new OpenAPI routes.
Errors
Failed responses throw OpenAIGuardrailsError with status, statusText, and parsed body.
Requirements
- Node.js 18+ (native
fetch), or passfetchin options - Zero runtime dependencies
Links
Changelog
See CHANGELOG.md.
