Client Integration Guide
This guide covers client integration only: how your application should call KoreShield to secure LLM requests and RAG content. It does not include internal operations or backend implementation details.
Integration Paths
Choose one of the following:
- SDKs (recommended)
- Python SDK: https://github.com/koreshield/python-sdk
- JavaScript/Node SDK: https://github.com/koreshield/node-sdk
- Direct REST API
- Use the OpenAI-compatible proxy endpoints in /docs/api/rest-api
How It Works
- Your app sends requests to KoreShield instead of the LLM provider.
- KoreShield authenticates the request (API key or JWT).
- KoreShield applies security policies and logs events.
- Safe requests are forwarded to the configured provider.
Core Endpoints (Client-Facing)
POST /v1/chat/completionsPOST /v1/rag/scanGET /v1/rag/scansandGET /v1/rag/scans/{scan_id}GET /v1/rag/scans/{scan_id}/pack(download request + response bundle)POST /v1/scanPOST /v1/scan/batchGET /v1/scansandGET /v1/scans/{scan_id}
RAG scan history is persisted server-side for authenticated users, so you can revisit results and export a full scan pack later.
Authentication
All protected endpoints accept either:
Authorization: Bearer <jwt>X-API-Key: ks_...ks_access_tokenhttpOnly cookie
Next Steps
- Follow the SDK setup instructions in the SDK repos above.
- Review /docs/getting-started/quick-start for a minimal end-to-end flow.
- Use /docs/api/rest-api for the full endpoint contract.