zuplo 6.67.32 → 6.68.0

package/docs/ai-gateway/integrations/goose.mdx

@@ -0,0 +1,104 @@
+---
+title: goose
+sidebar_label: Goose
+---
+
+[goose](https://block.github.io/goose/) is a local AI agent and CLI tool for
+automating engineering tasks. It's completely
+[open-source](https://github.com/block/goose) with no vendor lock-in, supports
+local LLMs, has extensive MCP (Model Context Protocol) support, and offers
+powerful extensibility through recipes.
+
+## Prerequisites
+
+In order to use the AI Gateway with goose you will need to complete these steps
+first:
+
+<Stepper>
+
+1. Create a [new provider](/ai-gateway/managing-providers) in the AI Gateway for
+   the provider you want to use with goose
+
+2. [Set up a new team](/ai-gateway/managing-teams)
+
+3. Create a [new app](/ai-gateway/managing-apps) to use specifically with goose
+   and assign it to the team you created
+
+4. Copy the API Key for the app you created, as well as the Gateway URL
+
+</Stepper>
+
+## Configure goose
+
+Because goose can be run as a standalone desktop app and a CLI there are two
+configuration approaches depending on which version you choose.
+
+### CLI
+
+<Stepper>
+
+1. Run `goose configure`
+
+2. Select **Configure Providers** from the menu
+
+3. Choose **OpenAI** as the provider you want to add (this will work for any
+   OpenAI compatible provider and model)
+
+4. Set the `OPENAI_API_KEY` to the API Key for the app you created for goose in
+   Zuplo
+
+5. Set the `OPENAI_HOST` to the URL of your AI Gateway using the Gateway URL
+   from your project
+
+6. The `OPENAI_BASE_PATH` may already be configured. If it's not, enter
+   `v1/chat/completions` as the value
+
+7. Enter the model you want to use with goose.
+
+</Stepper>
+
+:::note
+
+The provider model you want to use with goose must be selected in the provider
+you created in the Prerequisites step above
+
+:::
+
+After completing the steps, goose will check the configuration. If all is well
+it will save the configuration and you are ready to start working with goose via
+the AI Gateway.
+
+### Desktop App
+
+If you are using the goose desktop application you can add a Custom Provider for
+AI Gateway by following these steps:
+
+<Stepper>
+
+1. Open the goose desktop application
+
+2. Click on **Settings**
+
+3. Click on **Configure Providers** to open the Provider settings
+
+4. Click on **Add Custom Provider**
+
+5. Choose a **Provider Type** (both OpenAI Compatible and Anthropic compatible
+   will work)
+
+6. Enter a **Display Name** (for example Zuplo AI Gateway)
+
+7. Set the **API URL** to the URL of your Zuplo AI Gateway
+
+8. Set the **API Key** to the API key of the app you created for goose in Zuplo
+
+9. Set the list of **Available Models** to the same list you selected when you
+   set up the provider in the Prerequisites step (for example gpt-4o, gpt-5,
+   gpt-5-nano)
+
+10. Click on **Create Provider**
+
+</Stepper>
+
+The Zuplo AI Gateway and associated provider and models will now be available to
+use with the goose desktop application.

package/docs/ai-gateway/integrations/langchain.mdx

@@ -0,0 +1,66 @@
+---
+title: LangChain
+sidebar_label: LangChain SDK
+---
+
+LangChain is a framework for developing applications that are powered by Large
+Language Models (LLMs). It implements a standard interface for large language
+models and related technologies, such as embedding models and vector stores, and
+integrates with hundreds of providers.
+
+## Prerequisites
+
+In order to use the AI Gateway with any LangChain powered application you will
+need to complete these steps first:
+
+<Stepper>
+
+1. Create a [new provider](/ai-gateway/managing-providers) in the AI Gateway for
+   the provider you want to use with LangChain
+
+2. [Set up a new team](/ai-gateway/managing-teams)
+
+3. Create a [new app](/ai-gateway/managing-apps) to use specifically with
+   LangChain and assign it to the team you created
+
+4. Copy the API Key for the app you created, as well as the Gateway URL
+
+</Stepper>
+
+## Configure LangChain
+
+In this example we will configure LangChain to work with OpenAI (or OpenAI
+compatible models).
+
+To work with OpenAI in LangChain it's recommended to use their
+[ChatOpenAI integration](https://python.langchain.com/docs/integrations/chat/openai/).
+
+```python
+import os
+from langchain_openai import ChatOpenAI
+
+def init_chat_model():
+    """Initialize the ChatOpenAI model"""
+    api_key = os.getenv("ZUPLO_AI_GATEWAY_API_KEY")
+    if not api_key:
+        print("❌ Error: Please set your ZUPLO_AI_GATEWAY_API_KEY in a .env file")
+        exit(1)
+
+    # Check for custom BASE_URL - this is the AI Gateway URL from Zuplo
+    base_url = os.getenv("BASE_URL")
+
+    if base_url:
+        return ChatOpenAI(api_key=api_key, model="gpt-4o", base_url=base_url)
+    else:
+        return ChatOpenAI(api_key=api_key, model="gpt-4o")
+```
+
+In the code above, checks are performed for two environment variables:
+
+- `ZUPLO_AI_GATEWAY_API_KEY` - This is the API key of the app you have
+  configured to use with LangChain in Zuplo
+- `BASE_URL` - This is the Gateway URL of your AI Gateway project in Zuplo
+
+Both of these values are passed to `ChatOpenAI` when it's instantiated,
+switching the configuration from using default OpenAI APIs to using Zuplo's AI
+Gateway for all `gpt-4o` requests that the LangChain SDK will make.

package/docs/ai-gateway/integrations/openai.mdx

@@ -0,0 +1,99 @@
+---
+title: OpenAI SDK
+sidebar_label: OpenAI SDK
+---
+
+The
+[OpenAI Node.js SDK](https://platform.openai.com/docs/libraries/node-js-library)
+is the official SDK for working with LLMs provided by OpenAI as well as other
+OpenAI compatible models from other providers in Node.js.
+
+## Prerequisites
+
+In order to use the AI Gateway with any OpenAI SDK powered application you will
+need to complete these steps first:
+
+<Stepper>
+
+1. Create a [new provider](/ai-gateway/managing-providers) in the AI Gateway for
+   OpenAI
+
+2. [Set up a new team](/ai-gateway/managing-teams)
+
+3. Create a [new app](/ai-gateway/managing-apps) to use specifically with the
+   OpenAI SDK and assign it to the team you created
+
+4. Copy the API Key for the app you created, as well as the Gateway URL
+
+</Stepper>
+
+## Configure the OpenAI SDK
+
+To route all OpenAI SDK requests through Zuplo instead of directly to the OpenAI
+API, you must set the API `baseUrl` in the SDK configuration.
+
+For example, if your Zuplo application is hosted at
+https://my-ai-gateway.zuplo.app, you can change the base URL in your API client
+to https://my-ai-gateway.zuplo.app/v1.
+
+Additionally, change the value of `apiKey` to the API key of the app you have
+configured in Zuplo
+
+```typescript
+import OpenAI from "openai";
+
+const client = new OpenAI({
+  apiKey: process.env.ZUPLO_AI_GATEWAY_API_KEY,
+  baseURL: "https://my-ai-gateway.zuplo.app/v1",
+});
+
+const response = await client.chat.completions.create({
+  model: "gpt-4",
+  messages: [
+    {
+      role: "user",
+      content: "Write a one-sentence bedtime story about a unicorn.",
+    },
+  ],
+});
+
+console.log(response.choices[0].message.content);
+```
+
+When configured in this way, the SDK will switch from using the default OpenAI
+APIs to using Zuplo's AI Gateway for all requests.
+
+## Supported Endpoints
+
+The AI Gateway supports all major OpenAI API endpoints through the universal
+API:
+
+- **Chat Completions** (`/v1/chat/completions`) - For conversational AI
+  interactions
+- **Embeddings** (`/v1/embeddings`) - For generating vector embeddings
+- **Responses** (`/v1/responses`) - For OpenAI models that support the responses
+  endpoint (such as GPT-5 and other compatible models)
+
+## Using the Responses Endpoint
+
+For models that support the `/v1/responses` endpoint, you can use the OpenAI
+SDK's `responses` API:
+
+```typescript
+import OpenAI from "openai";
+
+const client = new OpenAI({
+  apiKey: process.env.ZUPLO_AI_GATEWAY_API_KEY,
+  baseURL: "https://my-ai-gateway.zuplo.app/v1",
+});
+
+const response = await client.responses.create({
+  model: "gpt-5",
+  input: "Write a one-sentence bedtime story about a unicorn.",
+});
+
+console.log(response.output_text);
+```
+
+The responses endpoint is automatically routed through the AI Gateway, providing
+the same monitoring, cost controls, and security features as other endpoints.

package/docs/ai-gateway/introduction.mdx

@@ -0,0 +1,85 @@
+---
+title: Zuplo AI Gateway
+sidebar_label: Introduction
+---
+
+Zuplo's AI Gateway acts as an intelligent proxy layer that sits between your
+engineering team's applications and LLM providers like OpenAI, Google Gemini,
+and others. Instead of your applications communicating directly with these
+providers, all requests flow through the Zuplo AI Gateway, which streams
+responses while applying policies, controls, and monitoring.
+
+## Key Benefits
+
+**Provider Independence**: Switch between LLM providers (OpenAI, Google Gemini,
+etc.) dynamically without modifying application code. Configure your provider
+choice through the gateway rather than hard coding it into your applications.
+
+**Cost Control**: Set spending limits at organization, team, and application
+levels with hierarchical budgets that cascade down through your structure.
+Configure daily and monthly thresholds with enforcement or warning
+notifications.
+
+**Security & Compliance**: Apply guardrails to detect and block prompt injection
+attempts and prevent PII leakage in both requests and responses through
+integrated AI firewall policies.
+
+**Self-Service Access**: Developers can create applications and access LLMs
+without needing direct access to provider API keys. Administrators configure
+providers once, and teams consume them securely.
+
+**Performance Optimization**: Enable semantic caching to identify and return
+cached responses for similar prompts, reducing costs and improving response
+times.
+
+**Full Observability**: Real-time dashboards show request counts, token usage,
+time-to-first-byte metrics, and spending patterns across your organization.
+
+## How It Works
+
+Your applications send requests to the Zuplo AI Gateway URL using your Zuplo API
+key. The gateway authenticates the request, applies configured policies (cost
+controls, security guardrails), routes to the selected LLM provider, and streams
+the response back to your application. Throughout this process, the gateway
+captures metrics and enforces limits without exposing underlying provider
+credentials.
+
+## Core Features
+
+### Multi-Provider Support
+
+Configure multiple LLM providers within a single gateway project. Supported
+providers include OpenAI (GPT-4, GPT-4.5, and other models) and Google Gemini
+(all model variants). Select which models are available to your teams when
+configuring each provider.
+
+### Team Hierarchy & Budgets
+
+Organize users into teams with hierarchical structures. Set budget limits at
+each level that cascade down:
+
+- **Root Team**: Organization-wide limits (for example, $1,000/day)
+- **Sub-Teams**: Team-specific limits that can't exceed parent limits (for
+  example, $500/day for the Credit Team)
+- **Applications**: Per-app limits for granular control
+
+### Application Configuration
+
+Each application gets its own:
+
+- **Unique Gateway URL**: Single endpoint regardless of underlying provider
+- **API Key**: Zuplo-managed key that never exposes provider credentials
+- **Model Selection**: Choose specific models from configured providers
+- **Budget Thresholds**: Daily and monthly limits with enforcement or warnings
+- **Semantic Caching**: Optional caching of similar prompts to reduce costs
+
+## Use Cases
+
+- **Multi-tenant AI Applications**: Enforce spending limits per customer or team
+- **Agent Development**: Build AI agents that can switch providers without code
+  changes
+- **Cost Management**: Control and monitor LLM spending across your organization
+- **Security Compliance**: Ensure PII and prompt injection protection across all
+  LLM interactions
+- **Performance**: Reduce costs and latency with semantic caching for common
+  queries

package/docs/ai-gateway/managing-apps.mdx

@@ -0,0 +1,46 @@
+---
+title: Managing Apps
+---
+
+Apps in the AI Gateway represent any app or integration that will call the AI
+Gateway. For example, you might have a custom support chatbot on your website -
+that chatbot would be an App in the AI Gateway. Each App has its own API Key so
+that usage is tracked independently. Apps are owned by a specific
+[team](./teams.mdx) and can access the AI Providers assigned to that team.
+
+## Creating an App
+
+<Stepper>
+
+1. Navigate to the **Apps** tab of your AI Gateway project in the
+   [Zuplo Portal](https://portal.zuplo.com).
+
+1. Click on the **Create App** button.
+
+1. Enter the name of your app.
+
+1. Select the team that will own the app.
+
+1. Configure the AI Model that the app will use. You will select the provider,
+   model, and embedding model (if applicable).
+
+1. Optionally, you can set usage limits for the app. If you don't set limits,
+   the app will use the limits for the team.
+
+1. Click **Create**
+
+</Stepper>
+
+## Editing an App
+
+To edit an app, navigate to the **Apps** tab of your AI Gateway project in the
+[Zuplo Portal](https://portal.zuplo.com). Select the app you want to edit.
+Select the tab you want to edit (Policies or Settings). Make your changes and
+click the **Save** button.
+
+## Deleting an App
+
+To delete an app, navigate to the **Apps** tab of your AI Gateway project in the
+[Zuplo Portal](https://portal.zuplo.com). Select the app you want to delete and
+scroll to the bottom of the page and click the **Delete App** button. You will
+be prompted to confirm the deletion.

package/docs/ai-gateway/managing-providers.mdx

@@ -0,0 +1,66 @@
+---
+title: Managing AI Providers
+sidebar_label: Managing Providers
+---
+
+Zuplo's AI Gateway supports integration with various
+[AI providers](./providers.mdx), allowing you to leverage different models and
+services for your AI applications.
+
+## Adding a New AI Provider
+
+To add a new AI provider to your Zuplo AI Gateway, follow these steps:
+
+<Stepper>
+
+1. Navigate to the **Settings** > **AI Providers** section of your AI Gateway
+   project in the [Zuplo Portal](https://portal.zuplo.com).
+
+1. Click on the **Add Provider** button.
+
+1. Select the desired provider from the list of
+   [supported providers](./providers.mdx), or
+   [add a custom provider](./custom-providers.mdx).
+
+1. Specify a label for the provider instance to easily identify it later. You
+   can change the label later if required.
+
+1. Enter the API Key for the selected provider. For instructions on how to
+   create an API key for each provider see the
+   [provider documentation](./providers.mdx).
+
+1. Select the model or models you want to use with this provider. The available
+   models will depend on the selected provider. This can be changed later.
+
+   :::tip
+
+   Click "Select All" to enable all models.
+
+   :::
+
+1. Click save
+
+</Stepper>
+
+## Editing an AI Provider
+
+Existing providers can be modified by navigating to the **Settings** > **AI
+Providers** section and clicking the **Edit** button next to the provider you
+want to modify.
+
+You can modify the label, API key, and selected models for the provider. After
+making your changes, click **Save** to apply them. Changes are effective
+immediately.
+
+:::caution
+
+Be careful removing models from a provider that's in use as it may break
+existing applications that rely on the provider.
+
+:::
+
+## Deleting an AI Provider
+
+Providers that are no longer used within your project can be deleted. To delete
+a provider, navigate to the **Settings** > **AI Providers** section and click
+the **Delete** button next to the provider you want to remove.

package/docs/ai-gateway/managing-teams.mdx

@@ -0,0 +1,63 @@
+---
+title: Managing Teams
+---
+
+Teams in the Zuplo AI Gateway are how users are granted access to AI Providers
+and Apps. Teams are hierarchical with access propagating downward. Teams are
+also where you define usage limits.
+
+## Creating a Team
+
+<Stepper>
+
+1. Navigate to the **Teams** tab of your AI Gateway project in the
+   [Zuplo Portal](https://portal.zuplo.com).
+
+1. Click on the **Create Team** button.
+
+1. Enter the name of your team.
+
+1. Click **Create**
+
+</Stepper>
+
+## Adding Team Members
+
+Team members are the users who belong to a team and can access the AI Providers
+and Apps associated with that team.
+
+<Stepper>
+
+1. Navigate to the **Teams** tab of your AI Gateway project in the
+   [Zuplo Portal](https://portal.zuplo.com).
+
+1. Select the team you want to add members to.
+
+1. Click the **Members** tab.
+
+1. Click **Add Member**.
+
+1. Type the email address of the user you want to add. If the user is already a
+   member of your Zuplo account they will be directly added to the team. If they
+   don't have an account, they will be invited to join the account and then
+   added to the team.
+
+1. Select the role for the user (if your plan supports RBAC). The available
+   roles are:
+   - **Member**: Can access AI Providers and Apps assigned to the team.
+   - **Admin**: Can manage team settings, members, and access AI Providers and
+     Apps assigned to the team.
+
+     :::note
+
+     RBAC is an optional enterprise add-on. For more information see the
+     [document on roles and permissions](../articles/accounts/roles-and-permissions.mdx).
+
+     :::
+
+1. Click **Add Member** to confirm.
+
+1. The user will receive an email notification if they're being invited to the
+   Zuplo account.
+
+</Stepper>

package/docs/ai-gateway/policies/akamai-ai-firewall.mdx

@@ -0,0 +1,125 @@
+---
+title: Akamai AI Firewall
+sidebar_label: Akamai AI Firewall
+---
+
+The Akamai AI Firewall policy integrates
+[Akamai Firewall for AI](https://www.akamai.com/products/firewall-for-ai) with
+the Zuplo AI Gateway, providing enterprise-grade security for AI-powered
+applications, large language models (LLMs), and AI-driven APIs.
+
+The Akamai AI Firewall policy secures both inbound AI queries and outbound AI
+responses, protecting against emerging cyber threats specific to generative AI
+applications. By analyzing AI interactions in real-time, the policy detects and
+mitigates AI-specific vulnerabilities that traditional security tools can't
+address.
+
+### Key Security Capabilities
+
+The Akamai AI Firewall provides comprehensive protection against AI-specific
+threats:
+
+- **Prompt injection defense**: Protects against attackers manipulating AI
+  models through deceptive inputs
+- **Data loss prevention (DLP)**: Detects and blocks sensitive data leaks in
+  AI-generated responses and incoming requests
+- **Toxic and harmful content filtering**: Flags hate speech, misinformation,
+  and offensive content before delivery
+- **Adversarial AI security**: Protects against remote code execution, model
+  back doors, and data poisoning attacks
+- **Denial-of-service mitigation**: Controls excessive query usage and model
+  overload
+
+## Benefits with Zuplo AI Gateway
+
+Integrating Akamai AI Firewall with the Zuplo AI Gateway provides several
+advantages:
+
+### Unified Security Posture
+
+Standardized AI security across your entire infrastructure, whether deployed at
+the edge, in the cloud, hybrid, or on-premises environments.
+
+### Automated Threat Detection
+
+AI-specific protections work automatically without manual rule tuning,
+leveraging Akamai's global threat intelligence to continuously adapt to emerging
+threats.
+
+### Seamless WAAP Integration
+
+Extends web application and API protection (WAAP) capabilities with AI-specific
+defenses, providing comprehensive security for your API gateway.
+
+### Compliance and Governance
+
+Helps meet security and compliance standards including data privacy regulations,
+ethical AI usage requirements, and corporate governance mandates through
+detailed audit logs and real-time security analytics.
+
+### Zero Performance Impact
+
+The policy operates inline with minimal latency, preserving application
+performance while providing enterprise-grade security.
+
+## How It Works
+
+### AI Traffic Analysis
+
+The policy monitors and analyzes AI interactions by inspecting:
+
+1. **Incoming user prompts**: Analyzed before reaching the AI model
+2. **AI-generated outputs**: Inspected before delivery to end users
+
+This dual-layer inspection prevents security risks while maintaining
+performance.
+
+### Risk Scoring
+
+AI interactions are evaluated against multiple security indicators, including:
+
+- Prompt injection attempts
+- Sensitive data exposure
+- Adversarial exploits
+- Toxic content patterns
+- Abnormal query patterns
+
+### Security Enforcement Actions
+
+Based on risk scores and configured policies, the firewall takes one of three
+actions:
+
+- **Monitor**: Logs detected threats for analysis without interfering with AI
+  queries or responses
+- **Modify**: Adjusts AI-generated outputs inline, removing or altering unsafe
+  content while maintaining natural conversation flow
+- **Deny**: Blocks high-risk inputs from reaching the AI model and prevents
+  unsafe responses from being returned to users
+
+## Use Cases
+
+### Protecting Customer-Facing AI Chatbots
+
+Secure AI-powered customer service applications from prompt injection attacks
+and ensure responses don't leak sensitive customer data or generate toxic
+content.
+
+### Safeguarding Internal AI Tools
+
+Protect internal AI assistants and copilots from adversarial exploits while
+preventing unauthorized access to proprietary information.
+
+### Regulatory Compliance
+
+Maintain compliance with data protection regulations (GDPR, CCPA, etc.) by
+automatically detecting and blocking sensitive data leaks in AI interactions.
+
+### API Security for AI Services
+
+Extend your API security posture to cover AI-specific threats that traditional
+API gateways can't detect.
+
+**Additional Resources**
+
+- [Akamai Firewall for AI Product Page](https://www.akamai.com/products/firewall-for-ai)
+- [Akamai AI Security Solutions](https://www.akamai.com/solutions/security/ai-security)