Lakera

Lakera Platform API

The Lakera Platform API lets Enterprise SaaS customers programmatically manage Lakera Guard policies and projects. Policies select detectors and per-detector sensitivity (L1–L5); projects bind a protected application to a policy and an API key scope. Self-hosted deployments expose additional /policies/lint and /policies/health endpoints plus Kubernetes startupz/readyz/livez probes for in-cluster operation.

GitHub OpenAPI

Documentation

📖
Documentation
https://platform.lakera.ai/docs/api

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/lakera-ai/refs/heads/main/openapi/lakera-platform-api-openapi.yml

OpenAPI Specification

lakera-platform-api-openapi.yml Raw ↑ 
openapi: 3.1.0
info:
  title: Lakera Platform API
  description: |
    The Lakera Platform API allows Enterprise SaaS customers to create and
    manage Lakera Guard policies and projects programmatically. Policies define
    which detectors apply and at what sensitivity; projects bind an application
    to a policy and an API key scope.
  version: "2.0.0"
  contact:
    name: Lakera
    url: https://www.lakera.ai
    email: support@lakera.ai
servers:
  - url: https://api.lakera.ai/v2
    description: Lakera Platform (Global)
security:
  - BearerAuth: []
tags:
  - name: Policies
    description: Create and manage Lakera Guard policies.
  - name: Projects
    description: Create and manage projects bound to policies.
paths:
  /policies:
    get:
      summary: List Policies
      description: List policies available to the authenticated organization.
      operationId: listPolicies
      tags:
        - Policies
      responses:
        '200':
          description: List of policies
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Policy'
    post:
      summary: Create Policy
      description: Create a new Lakera Guard policy that selects detectors and sensitivity.
      operationId: createPolicy
      tags:
        - Policies
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PolicyInput'
      responses:
        '201':
          description: Created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Policy'
  /policies/{policy_id}:
    parameters:
      - in: path
        name: policy_id
        required: true
        schema:
          type: string
    get:
      summary: Get Policy
      operationId: getPolicy
      tags:
        - Policies
      responses:
        '200':
          description: Policy
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Policy'
    put:
      summary: Update Policy
      operationId: updatePolicy
      tags:
        - Policies
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PolicyInput'
      responses:
        '200':
          description: Updated
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Policy'
    delete:
      summary: Delete Policy
      operationId: deletePolicy
      tags:
        - Policies
      responses:
        '204':
          description: Deleted
  /projects:
    get:
      summary: List Projects
      operationId: listProjects
      tags:
        - Projects
      responses:
        '200':
          description: List of projects
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Project'
    post:
      summary: Create Project
      operationId: createProject
      tags:
        - Projects
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ProjectInput'
      responses:
        '201':
          description: Created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Project'
  /projects/{project_id}:
    parameters:
      - in: path
        name: project_id
        required: true
        schema:
          type: string
    get:
      summary: Get Project
      operationId: getProject
      tags:
        - Projects
      responses:
        '200':
          description: Project
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Project'
    put:
      summary: Update Project
      operationId: updateProject
      tags:
        - Projects
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ProjectInput'
      responses:
        '200':
          description: Updated
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Project'
    delete:
      summary: Delete Project
      operationId: deleteProject
      tags:
        - Projects
      responses:
        '204':
          description: Deleted
components:
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: API Key
  schemas:
    Policy:
      type: object
      properties:
        id:
          type: string
        name:
          type: string
        description:
          type: string
        detectors:
          type: array
          items:
            type: object
            properties:
              type:
                type: string
                description: Detector identifier (e.g. `prompt_attack`, `pii`, `content_moderation`, `unknown_links`).
              sensitivity:
                type: string
                enum:
                  - L1
                  - L2
                  - L3
                  - L4
                  - L5
                description: Sensitivity threshold (L1 strictest, L5 most permissive).
              action:
                type: string
                enum:
                  - flag
                  - mask
                  - allow
        created_at:
          type: string
          format: date-time
        modified_at:
          type: string
          format: date-time
    PolicyInput:
      type: object
      required:
        - name
        - detectors
      properties:
        name:
          type: string
        description:
          type: string
        detectors:
          type: array
          items:
            type: object
            properties:
              type:
                type: string
              sensitivity:
                type: string
              action:
                type: string
    Project:
      type: object
      properties:
        id:
          type: string
        name:
          type: string
        policy_id:
          type: string
        created_at:
          type: string
          format: date-time
    ProjectInput:
      type: object
      required:
        - name
        - policy_id
      properties:
        name:
          type: string
        policy_id:
          type: string