LockLLM
Go back

REST API

Overview

The LockLLM REST API delivers prompt security scanning through simple HTTP endpoints. Submit text for analysis and receive immediate threat assessment including injection detection, policy violation checks, and content moderation results.

Built for production environments with pay-per-detection pricing (you only pay when threats are found), configurable scan modes, and support for custom content policies. Integrates seamlessly into any language or framework via standard HTTP requests.

How it Works

Make authenticated POST requests to the /v1/scan endpoint with your prompt text and optional parameters. The API returns a structured JSON response indicating whether the prompt is safe, along with detailed threat detection data including injection patterns, jailbreak attempts, and confidence scores.

Responses include request IDs for audit logging and webhook correlation. Failed requests return clear error messages with retry guidance.

Key Capabilities

  • Pay-per-detection pricing: FREE for safe prompts, $0.0001-$0.0002 only when threats detected
  • Multiple scan modes: core security, custom policies, or combined analysis
  • Custom content policies: enforce brand-specific rules and compliance requirements
  • Built-in content moderation: 14 safety categories including hate speech, violence, and privacy
  • Configurable sensitivity: low, medium, or high detection thresholds
  • Automatic text chunking for documents up to 100,000 characters
  • Tier-based rate limits: 300 to 200,000 requests/minute with free monthly credits
  • Sub-100ms p95 latency for real-time protection

Authentication

API requests require a Bearer token passed in the Authorization header. Generate API keys in the dashboard.

Use Cases

  • Pre-flight Validation: Analyze prompts before forwarding to LLM providers
  • Input Sanitization: Filter user-submitted text in chatbots and AI assistants
  • RAG Pipeline Protection: Verify retrieved documents for context poisoning attacks
  • Custom Workflows: Integrate scanning into multi-step processing pipelines
  • Policy Enforcement: Block medical advice, competitor mentions, or compliance violations
  • Batch Processing: Scan historical data or bulk content imports
  • Compliance Logging: Audit trail for security events and policy violations

Advanced Features

For automatic scanning and advanced capabilities, consider Proxy Mode which offers:

  • Zero-code integration (just change base URL)
  • Smart routing to optimize costs and quality
  • AI abuse detection for bot-generated requests
  • Support for 17+ providers with custom endpoints
  • Automatic policy enforcement with configurable actions

Getting Started

Generate an API key in the dashboard and start scanning. View complete API reference for endpoints, request schemas, response formats, and integration examples in multiple languages.