OpenAI-compatible drop-in

Make every LLM call safe, auditable, and policy‑controlled.

One OpenAI-compatible URL. Every prompt scanned, every response scrubbed, every action audited — before it reaches the model.

Get API Key — Free Read Docs →

ms p95 added latency

100

% requests audited

/10 OWASP LLM covered

bash — autrace gateway

$ curl https://gateway.autrace.dev/v1/chat/completions \
-H "Authorization: Bearer $AUTRACE_KEY" \
-H "Content-Type: application/json" \
-d '{
"model": "gpt-4o",
"messages": [{"role": "user", "content": "..."}]
}'█

✓ policy: ALLOW✓ pii: none⚡ latency: 38ms

MIT LicensedSelf-hostableOpenAI-compatible

Works withOpenAIAnthropicMistralGoogle GeminiMeta Llama— and any OpenAI-compatible provider

Core capabilities

Built for production AI systems.

Autrace sits in-path. Every request is evaluated, every response scrubbed, every action logged.

Zero-Trust Execution

Every request treated as untrusted. Policy evaluation in-path, before the model sees the prompt. No exceptions.

Policy Engine

Define rules for PII handling, prompt injection detection, rate limits, model routing, and content filtering. Applied atomically.

Tamper-Evident Audit Trail

Hash-chained log entries. Modifying any record breaks the chain — detectable instantly. Full request/response capture with redaction.

How it works

In-path. Every time.

Request comes in

Your app hits the Autrace gateway instead of the provider directly. No SDK changes.

Policy engine runs

PII scan, injection detection, rule matching, rate limit — all in-path, < 50ms p95.

Routed to model

Passes through LiteLLM to your configured provider: OpenAI, Anthropic, Mistral, Google.

Logged & hashed

Response scrubbed, logged, hash-chained to the tamper-evident audit trail.

Architecture

One URL. Full control.

Change one base URL. Zero SDK changes. Instant policy enforcement and audit coverage.

Your App

any client

Autrace Gateway

policy + audit

LiteLLM

routing

OpenAI

gpt-4o

Anthropic

claude-3-5

Mistral

mistral-large

PII FilterPolicy EngineRate LimitingPrompt InjectionAudit Logging

Before

# Direct to OpenAI — no control plane

curl https://api.openai.com/v1/chat/completions \

  -H "Authorization: Bearer $OPENAI_KEY"

# No policy enforcement

# No PII scanning

# No audit trail

With Autrace

# Via Autrace gateway — full control plane

curl https://gateway.autrace.dev/v1/chat/completions \

  -H "Authorization: Bearer $AUTRACE_KEY"

# ✓ Policy engine: active

# ✓ PII filter:    active

# ✓ Audit log:     active

Audit Trail

Tamper-evident by design.

Every log entry includes a hash of the previous. Modifying any record breaks the chain — detectable instantly.

#1req_01HXK7aALLOW38ms

prev:genesis→9f2c3a…

✓ verified

#2req_01HXK7bALLOW41ms

prev:9f2c3a…→4e1b8d…

✓ verified

#3req_01HXK7cBLOCK12ms

prev:4e1b8d…→b72fa1…

✓ verified

#4req_01HXK7dALLOW44ms

prev:b72fa1…→c93ed0…

✓ verified

Pricing

Predictable pricing. No surprises.

Start free. Scale when you need to. Full comparison →

Free

$0/forever

Explore Autrace with real workloads.

Get started free

100K requests / month

Policy engine (basic rules)

PII filtering

7-day audit log retention

Single organization

How Autrace stacks up.

Honest comparison. Verify independently.

Feature	Autrace	Portkey	Helicone	Cloudflare AI
OpenAI-compatible drop-in
PII filtering in-path
Prompt injection detection
Policy rules engine
Hash-chained audit log
Self-hostable
Multi-provider routing
OWASP LLM Top 10	5/10	3/10	2/10	2/10

Your AI. Under your control.

Start scanning every AI request in under 5 minutes. One URL change. No code rewrites. Full audit trail from day one.

Get started free Talk to sales

Live in 5 minutes

SOC 2 in progress

GDPR compliant

Human support