Skip to content
POST/api/v1/firewall/check

Run firewall scan against text input

Synchronous firewall scan: runs the ensemble layers against the input and returns the verdict (blocked, score, category, hits). Optional sensitivity L1–L4 dial. If a subject (email/id) is supplied with projectId, a consent gate may reject with 451 CONSENT_REVOKED.

Authentication

Send Authorization: Bearer YOUR_API_KEY on every request. Generate API keys at /dashboard/api-keys.

Request body required

Example

{
  "input": "<Prompt or output text to scan.>",
  "rules": [
    "string"
  ],
  "projectId": "00000000-0000-0000-0000-000000000000",
  "useLearnedCorpus": false,
  "explain": false,
  "subject_email": "user@example.com",
  "subject_id": "<Snake_case alias for subjectId.>",
  "subjectEmail": "user@example.com",
  "subjectId": "<Optional consent-gate subject id.>"
}
Schema
{
  "application/json": {
    "schema": {
      "type": "object",
      "properties": {
        "input": {
          "type": "string",
          "minLength": 1,
          "maxLength": 1000000,
          "description": "Prompt or output text to scan."
        },
        "rules": {
          "maxItems": 50,
          "type": "array",
          "items": {
            "type": "string",
            "maxLength": 120
          },
          "description": "Optional attack categories to force-block, e.g. [\"prompt-injection\",\"jailbreak\"]."
        },
        "sensitivity": {
          "anyOf": [
            {
              "type": "string",
              "enum": [
                "monitor",
                "balanced",
                "strict",
                "lockdown"
              ]
            },
            {
              "type": "integer",
              "minimum": 1,
              "maximum": 4
            }
          ],
          "description": "Optional L1–L4 sensitivity dial. Level name or ordinal. Defaults to the L2 balanced baseline."
        },
        "projectId": {
          "type": "string",
          "format": "uuid",
          "pattern": "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$",
          "description": "Optional — telemetry/audit + consent-gate org resolution."
        },
        "useLearnedCorpus": {
          "type": "boolean"
        },
        "explain": {
          "type": "boolean"
        },
        "subject_email": {
          "type": "string",
          "maxLength": 254,
          "format": "email",
          "pattern": "^(?!\\.)(?!.*\\.\\.)([A-Za-z0-9_'+\\-\\.]*)[A-Za-z0-9_+-]@([A-Za-z0-9][A-Za-z0-9\\-]*\\.)+[A-Za-z]{2,}$",
          "description": "Snake_case alias for subjectEmail."
        },
        "subject_id": {
          "type": "string",
          "maxLength": 200,
          "description": "Snake_case alias for subjectId."
        },
        "subjectEmail": {
          "type": "string",
          "maxLength": 254,
          "format": "email",
          "pattern": "^(?!\\.)(?!.*\\.\\.)([A-Za-z0-9_'+\\-\\.]*)[A-Za-z0-9_+-]@([A-Za-z0-9][A-Za-z0-9\\-]*\\.)+[A-Za-z]{2,}$",
          "description": "Optional consent-gate subject email."
        },
        "subjectId": {
          "type": "string",
          "maxLength": 200,
          "description": "Optional consent-gate subject id."
        }
      },
      "required": [
        "input"
      ],
      "additionalProperties": false
    }
  }
}

Response

200 example

{
  "success": true
}

All status codes

200Scan result (blocked, score, category, subcategory, sensitivity, latencyMs, hits).
400(no description)
401(no description)
429(no description)
451Consent revoked for the supplied subject (CONSENT_REVOKED).

Code samples

cURL

curl -X POST \
  https://evalguard.ai/api/v1/firewall/check \
  -H "Authorization: Bearer $EVALGUARD_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{ "input": "<Prompt or output text to scan.>", "rules": [ "string" ], "projectId": "00000000-0000-0000-0000-000000000000", "useLearnedCorpus": false, "explain": false, "subject_email": "user@example.com", "subject_id": "<Snake_case alias for subjectId.>", "subjectEmail": "user@example.com", "subjectId": "<Optional consent-gate subject id.>" }'

TypeScript

import { EvalGuard } from "@evalguard/sdk";

const client = new EvalGuard({ apiKey: process.env.EVALGUARD_API_KEY });

const response = await client.request({
  method: "POST",
  path: "/api/v1/firewall/check",
  body: {
    "input": "<Prompt or output text to scan.>",
    "rules": [
      "string"
    ],
    "projectId": "00000000-0000-0000-0000-000000000000",
    "useLearnedCorpus": false,
    "explain": false,
    "subject_email": "user@example.com",
    "subject_id": "<Snake_case alias for subjectId.>",
    "subjectEmail": "user@example.com",
    "subjectId": "<Optional consent-gate subject id.>"
  },
});
console.log(response);

Python

from evalguard import EvalGuard
import os

client = EvalGuard(api_key=os.environ["EVALGUARD_API_KEY"])

response = client.request(
    method="POST",
    path="/api/v1/firewall/check",
    body={
    "input": "<Prompt or output text to scan.>",
    "rules": [
        "string"
    ],
    "projectId": "00000000-0000-0000-0000-000000000000",
    "useLearnedCorpus": False,
    "explain": False,
    "subject_email": "user@example.com",
    "subject_id": "<Snake_case alias for subjectId.>",
    "subjectEmail": "user@example.com",
    "subjectId": "<Optional consent-gate subject id.>"
},
)
print(response)

Go

package main

import (
	"context"
	"fmt"
	"net/http"
	"os"
	"strings"
)

func main() {
	body := strings.NewReader(`{"input":"<Prompt or output text to scan.>","rules":["string"],"projectId":"00000000-0000-0000-0000-000000000000","useLearnedCorpus":false,"explain":false,"subject_email":"user@example.com","subject_id":"<Snake_case alias for subjectId.>","subjectEmail":"user@example.com","subjectId":"<Optional consent-gate subject id.>"}`)
	req, _ := http.NewRequestWithContext(context.Background(), "POST", "https://evalguard.ai/api/v1/firewall/check", body)
	req.Header.Set("Authorization", "Bearer "+os.Getenv("EVALGUARD_API_KEY"))
	req.Header.Set("Content-Type", "application/json")
	resp, err := http.DefaultClient.Do(req)
	if err != nil { panic(err) }
	defer resp.Body.Close()
	fmt.Println(resp.Status)
}

Errors

400401429451

Other Firewall endpoints