Bastio
Integration Guide

Integration Guide

Learn how to integrate Bastio security into your AI applications.

Integration Guide

This guide walks you through integrating Bastio's security platform into your existing AI applications.

Overview

Bastio acts as a security proxy between your application and AI providers. Instead of calling OpenAI, Anthropic, or other providers directly, you route requests through Bastio's secure endpoints.

Step 1: Get Your API Keys

  1. Sign up for a Bastio account
  2. Create an organization
  3. Generate API keys from the dashboard
  4. Configure your security policies

Step 2: Update Your Code

Python Example

Replace your existing OpenAI client configuration:

# Before (direct to OpenAI)
import openai
client = openai.OpenAI(api_key="sk-...")

# After (through Bastio)
import openai
client = openai.OpenAI(
    api_key="your-bastio-api-key",
    base_url="https://api.bastio.com/v1"
)

# Non-streaming usage
response = client.chat.completions.create(
    model="gpt-4",
    messages=[{"role": "user", "content": "Hello!"}]
)
print(response.choices[0].message.content)

# Streaming usage - same API, just set stream=True
stream = client.chat.completions.create(
    model="gpt-4",
    messages=[{"role": "user", "content": "Tell me a story"}],
    stream=True
)

for chunk in stream:
    if chunk.choices[0].delta.content:
        print(chunk.choices[0].delta.content, end="", flush=True)

JavaScript/Node.js Example

// Before (direct to OpenAI)
import OpenAI from 'openai';
const client = new OpenAI({
  apiKey: process.env.OPENAI_API_KEY
});

// After (through Bastio)
import OpenAI from 'openai';
const client = new OpenAI({
  apiKey: process.env.BASTIO_API_KEY,
  baseURL: 'https://api.bastio.com/v1'
});

// Non-streaming usage
const response = await client.chat.completions.create({
  model: 'gpt-4',
  messages: [{ role: 'user', content: 'Hello!' }]
});
console.log(response.choices[0].message.content);

// Streaming usage - same API, just set stream: true
const stream = await client.chat.completions.create({
  model: 'gpt-4',
  messages: [{ role: 'user', content: 'Tell me a story' }],
  stream: true
});

for await (const chunk of stream) {
  process.stdout.write(chunk.choices[0]?.delta?.content || '');
}

cURL Example

curl -X POST https://api.bastio.com/v1/chat/completions \
  -H "Authorization: Bearer your-bastio-api-key" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "gpt-4",
    "messages": [
      {"role": "user", "content": "Hello!"}
    ]
  }'

Step 3: Configure Security Policies

Threat Detection Levels

Configure your organization's security sensitivity:

  • Low: Basic threat detection, minimal blocking
  • Medium: Balanced security with good user experience
  • High: Strict security, may block more benign requests
  • Custom: Define your own rules and thresholds

Content Filtering

Enable specific filters based on your use case:

  • PII Detection: Automatically detect and handle personal information
  • Profanity Filter: Block inappropriate language
  • Jailbreak Prevention: Prevent prompt injection attacks
  • Custom Patterns: Add your own detection patterns

Step 4: Monitor and Analyze

Use the Bastio dashboard to:

  • View real-time threat detection
  • Analyze usage patterns
  • Configure alerts and notifications
  • Review blocked requests
  • Monitor API performance

Advanced Configuration

Custom Headers

Pass additional context to improve threat detection:

const response = await client.chat.completions.create({
  model: 'gpt-4',
  messages: [{ role: 'user', content: 'Hello!' }],
  // Custom headers for enhanced detection
  headers: {
    'X-User-ID': 'user-123',
    'X-Session-ID': 'session-456',
    'X-App-Context': 'customer-support'
  }
});

Webhook Notifications

Configure webhooks to receive real-time security alerts:

{
  "event": "threat.detected",
  "data": {
    "request_id": "req-123",
    "threat_score": 0.85,
    "detected_threats": ["jailbreak_attempt"],
    "user_id": "user-123",
    "timestamp": "2024-01-15T10:30:00Z"
  }
}

Migration Checklist

  • Create Bastio account and organization
  • Generate API keys
  • Update base URLs in your code
  • Replace API keys with Bastio keys
  • Test with sample requests
  • Configure security policies
  • Set up monitoring and alerts
  • Deploy to production
  • Monitor threat detection dashboard

Need Help?

Error Codes

Previous Page

Python SDK

Next Page