Ship AI features with policy, redaction, approval, and audit — from one gateway.
Airlock sits between your applications and AI providers. Route every call through a governed pipeline that enforces your policies, redacts sensitive data, requires human approval when needed, and writes an immutable audit trail.

Principles
Airlock makes trust boundaries explicit instead of implicit.
Every request is matched to a versioned policy. No policy match, no call. Decisions are explicit, reviewable, and reproducible.
Built-in detectors for email, phone, SSN, credit card, and custom regex. Redact, warn, block, or route for approval — per policy.
Send high-risk requests to a human approval queue. Approvals resume the pipeline transparently — no bespoke plumbing per app.
Every request writes a tamper-evident audit event with correlation IDs, the timeline, the policy version, and the decision reasoning.
What counts as an application?
In Airlock, an application is any product, service, workflow, or integration that sends AI requests through Airlock.
That can include internally built software, backend services, customer portals, support tools, document workflows, or integrations connected to enterprise systems like CRMs, ticketing platforms, or knowledge bases.
The key requirement is control of the request path. If your team can route the AI call through Airlock — directly, through an SDK, or through middleware — Airlock can govern it.
Airlock is not designed to inspect closed SaaS tools where the AI request is made entirely inside a vendor's system and cannot be routed through your gateway.
Integrate in under an hour
Point your existing OpenAI-compatible client at the Airlock gateway. Attach your API key. Every call is governed, audited, and returned transparently.
# One HTTP call, fully governed.
curl -X POST "$AIRLOCK_URL/api/public/v1/completions" \
-H "authorization: Bearer $AIRLOCK_API_KEY" \
-H "x-correlation-id: job-4821" \
-H "content-type: application/json" \
-d '{
"purpose": "support_reply",
"model": "gpt-4o-mini",
"messages": [{"role": "user", "content": "..."}]
}'
