guardrails-api 0.0.0a0__tar.gz

guardrails_api-0.0.0a0/LICENSE

@@ -0,0 +1,44 @@
+## THE FOLLOWING LICENSE HAS BEEN ADOPTED FROM THE ELSSTIC LICENSE ##
+
+Acceptance
+By using the software, you agree to all of the terms and conditions below.
+
+Copyright License
+The licensor grants you a non-exclusive, royalty-free, worldwide, non-sublicensable, non-transferable license to use, copy, distribute, make available, and prepare derivative works of the software, in each case subject to the limitations and conditions below.
+
+Limitations
+You may not provide the software to third parties as a hosted or managed service, where the service provides users with access to any substantial set of the features or functionality of the software.
+
+You may not move, change, disable, or circumvent the license key functionality in the software, and you may not remove or obscure any functionality in the software that is protected by the license key.
+
+You may not alter, remove, or obscure any licensing, copyright, or other notices of the licensor in the software. Any use of the licensor’s trademarks is subject to applicable law.
+
+Patents
+The licensor grants you a license, under any patent claims the licensor can license, or becomes able to license, to make, have made, use, sell, offer for sale, import and have imported the software, in each case subject to the limitations and conditions in this license. This license does not cover any patent claims that you cause to be infringed by modifications or additions to the software. If you or your company make any written claim that the software infringes or contributes to infringement of any patent, your patent license for the software granted under these terms ends immediately. If your company makes such a claim, your patent license ends immediately for work on behalf of your company.
+
+Notices
+You must ensure that anyone who gets a copy of any part of the software from you also gets a copy of these terms.
+
+If you modify the software, you must include in any modified copies of the software prominent notices stating that you have modified the software.
+
+No Other Rights
+These terms do not imply any licenses other than those expressly granted in these terms.
+
+Termination
+If you use the software in violation of these terms, such use is not licensed, and your licenses will automatically terminate. If the licensor provides you with a notice of your violation, and you cease all violation of this license no later than 30 days after you receive that notice, your licenses will be reinstated retroactively. However, if you violate these terms after such reinstatement, any additional violation of these terms will cause your licenses to terminate automatically and permanently.
+
+No Liability
+As far as the law allows, the software comes as is, without any warranty or condition, and the licensor will not be liable to you for any damages arising out of these terms or the use or nature of the software, under any kind of legal claim.
+
+Definitions
+The licensor is the entity offering these terms, and the software is the software the licensor makes available under these terms, including any portion of it.
+
+you refers to the individual or entity agreeing to these terms.
+
+your company is any legal entity, sole proprietorship, or other kind of organization that you work for, plus all organizations that have control over, are under the control of, or are under common control with that organization. control means ownership of substantially all the assets of an entity, or the power to direct its management and policies by vote, contract, or otherwise. Control can be direct or indirect.
+
+your licenses are all the licenses granted to you for the software under these terms.
+
+use means anything you do with the software requiring one of your licenses.
+
+trademark means trademarks, service marks, and similar rights.

guardrails_api-0.0.0a0/MANIFEST.in

@@ -0,0 +1,2 @@
+include guardrails_api/*
+exclude */__pycache__/*

guardrails_api-0.0.0a0/PKG-INFO

@@ -0,0 +1,127 @@
+Metadata-Version: 2.1
+Name: guardrails-api
+Version: 0.0.0a0
+Summary: Guardrails API
+Author-email: Guardrails AI <contact@guardrailsai.com>
+License: ## THE FOLLOWING LICENSE HAS BEEN ADOPTED FROM THE ELSSTIC LICENSE ##
+        
+        Acceptance
+        By using the software, you agree to all of the terms and conditions below.
+        
+        Copyright License
+        The licensor grants you a non-exclusive, royalty-free, worldwide, non-sublicensable, non-transferable license to use, copy, distribute, make available, and prepare derivative works of the software, in each case subject to the limitations and conditions below.
+        
+        Limitations
+        You may not provide the software to third parties as a hosted or managed service, where the service provides users with access to any substantial set of the features or functionality of the software.
+        
+        You may not move, change, disable, or circumvent the license key functionality in the software, and you may not remove or obscure any functionality in the software that is protected by the license key.
+        
+        You may not alter, remove, or obscure any licensing, copyright, or other notices of the licensor in the software. Any use of the licensor’s trademarks is subject to applicable law.
+        
+        Patents
+        The licensor grants you a license, under any patent claims the licensor can license, or becomes able to license, to make, have made, use, sell, offer for sale, import and have imported the software, in each case subject to the limitations and conditions in this license. This license does not cover any patent claims that you cause to be infringed by modifications or additions to the software. If you or your company make any written claim that the software infringes or contributes to infringement of any patent, your patent license for the software granted under these terms ends immediately. If your company makes such a claim, your patent license ends immediately for work on behalf of your company.
+        
+        Notices
+        You must ensure that anyone who gets a copy of any part of the software from you also gets a copy of these terms.
+        
+        If you modify the software, you must include in any modified copies of the software prominent notices stating that you have modified the software.
+        
+        No Other Rights
+        These terms do not imply any licenses other than those expressly granted in these terms.
+        
+        Termination
+        If you use the software in violation of these terms, such use is not licensed, and your licenses will automatically terminate. If the licensor provides you with a notice of your violation, and you cease all violation of this license no later than 30 days after you receive that notice, your licenses will be reinstated retroactively. However, if you violate these terms after such reinstatement, any additional violation of these terms will cause your licenses to terminate automatically and permanently.
+        
+        No Liability
+        As far as the law allows, the software comes as is, without any warranty or condition, and the licensor will not be liable to you for any damages arising out of these terms or the use or nature of the software, under any kind of legal claim.
+        
+        Definitions
+        The licensor is the entity offering these terms, and the software is the software the licensor makes available under these terms, including any portion of it.
+        
+        you refers to the individual or entity agreeing to these terms.
+        
+        your company is any legal entity, sole proprietorship, or other kind of organization that you work for, plus all organizations that have control over, are under the control of, or are under common control with that organization. control means ownership of substantially all the assets of an entity, or the power to direct its management and policies by vote, contract, or otherwise. Control can be direct or indirect.
+        
+        your licenses are all the licenses granted to you for the software under these terms.
+        
+        use means anything you do with the software requiring one of your licenses.
+        
+        trademark means trademarks, service marks, and similar rights.
+Keywords: Guardrails,Guardrails AI,Guardrails API,Guardrails API
+Requires-Python: >=3.8, <4
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: guardrails-ai>=0.5.0a2
+Requires-Dist: flask<4,>=3.0.3
+Requires-Dist: Flask-SQLAlchemy<4,>=3.1.1
+Requires-Dist: Flask-Caching<3,>=2.3.0
+Requires-Dist: Werkzeug<4,>=3.0.3
+Requires-Dist: jsonschema<5,>=4.22.0
+Requires-Dist: referencing<1,>=0.35.1
+Requires-Dist: Flask-Cors<5,>=4.0.1
+Requires-Dist: boto3<2,>=1.34.115
+Requires-Dist: gunicorn<23,>=22.0.0
+Requires-Dist: psycopg2-binary<3,>=2.9.9
+Requires-Dist: litellm<2,>=1.39.3
+Requires-Dist: typer<1,>=0.9.4
+Requires-Dist: opentelemetry-api<2,>=1.0.0
+Requires-Dist: opentelemetry-sdk<2,>=1.0.0
+Requires-Dist: opentelemetry-exporter-otlp-proto-grpc<2,>=1.0.0
+Requires-Dist: opentelemetry-exporter-otlp-proto-http<2,>=1.0.0
+Requires-Dist: opentelemetry-instrumentation-flask<1,>=0.12b0
+Provides-Extra: dev
+Requires-Dist: ruff; extra == "dev"
+Requires-Dist: pytest; extra == "dev"
+Requires-Dist: coverage; extra == "dev"
+Requires-Dist: pytest-mock; extra == "dev"
+
+# guardrails-poc
+Docker compose stub of Guardrails as a Service
+
+## Setting Up
+We strongly encourage you to use a virtual environment when developing in python.
+To set one up for this project run the following:
+```bash
+python3 -m venv ./.venv
+source ./.venv/bin/activate
+```
+Your terminal should now show that you are working from within the virtual environment.
+Now you can install the dependencies:
+```bash
+make install
+```
+
+And start the dev server:
+```bash
+make start
+```
+
+Once the service has launched, you should be able to navigate to the Swagger documenation for the guardrails-api at http://localhost:8000
+
+
+### Local Infrastructure
+By default, the server will start with an in-memory store for Guards.  As of June 4th, 2024 this store does not support write operations via the API.  In order to utilize all CRUD operations you will need a postgres database running locally and you will need to provide the following environment variables (sane defaults included for demonstration purposes):
+
+```sh
+export PGPORT=5432
+export PGDATABASE=postgres
+export PGHOST=localhost
+export PGUSER=${PGUSER:-postgres}
+export PGPASSWORD=${PGPASSWORD:-changeme}
+```
+
+You can create this database however you wish, but we do have a docker-compose configuration to stand up the database as well as a local opentelemetry stack.
+To use this make sure you have docker installed, then run:
+
+`docker compose --profile db up --build`
+to run just the database.
+
+`docker compose --profile infra up --build`
+to run the database and opentelemetry infrastructure
+
+or
+`docker compose --profile all up --build`
+to run everything including the guardrails-api
+
+
+The last option is useful when checking that everything will work as planned in a more productionized environment.  When developing, it's generally faster to just run the minimum infrastructure you need via docker and run the api on a bare process with the `make start` command.

guardrails_api-0.0.0a0/README.md

@@ -0,0 +1,50 @@
+# guardrails-poc
+Docker compose stub of Guardrails as a Service
+
+## Setting Up
+We strongly encourage you to use a virtual environment when developing in python.
+To set one up for this project run the following:
+```bash
+python3 -m venv ./.venv
+source ./.venv/bin/activate
+```
+Your terminal should now show that you are working from within the virtual environment.
+Now you can install the dependencies:
+```bash
+make install
+```
+
+And start the dev server:
+```bash
+make start
+```
+
+Once the service has launched, you should be able to navigate to the Swagger documenation for the guardrails-api at http://localhost:8000
+
+
+### Local Infrastructure
+By default, the server will start with an in-memory store for Guards.  As of June 4th, 2024 this store does not support write operations via the API.  In order to utilize all CRUD operations you will need a postgres database running locally and you will need to provide the following environment variables (sane defaults included for demonstration purposes):
+
+```sh
+export PGPORT=5432
+export PGDATABASE=postgres
+export PGHOST=localhost
+export PGUSER=${PGUSER:-postgres}
+export PGPASSWORD=${PGPASSWORD:-changeme}
+```
+
+You can create this database however you wish, but we do have a docker-compose configuration to stand up the database as well as a local opentelemetry stack.
+To use this make sure you have docker installed, then run:
+
+`docker compose --profile db up --build`
+to run just the database.
+
+`docker compose --profile infra up --build`
+to run the database and opentelemetry infrastructure
+
+or
+`docker compose --profile all up --build`
+to run everything including the guardrails-api
+
+
+The last option is useful when checking that everything will work as planned in a more productionized environment.  When developing, it's generally faster to just run the minimum infrastructure you need via docker and run the api on a bare process with the `make start` command.

guardrails_api-0.0.0a0/guardrails_api/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.0.0a0"

guardrails_api-0.0.0a0/guardrails_api/app.py

@@ -0,0 +1,99 @@
+import os
+from typing import Optional
+from flask import Flask
+from flask.json.provider import DefaultJSONProvider
+from flask_cors import CORS
+from werkzeug.middleware.proxy_fix import ProxyFix
+from urllib.parse import urlparse
+from guardrails import configure_logging
+from opentelemetry.instrumentation.flask import FlaskInstrumentor
+from guardrails_api.clients.postgres_client import postgres_is_enabled
+from guardrails_api.otel import otel_is_disabled, initialize
+from guardrails_api.clients.cache_client import CacheClient
+
+
+# TODO: Move this to a separate file
+class OverrideJsonProvider(DefaultJSONProvider):
+    def default(self, o):
+        if isinstance(o, set):
+            return list(o)
+        if callable(o):
+            return str(o)
+        return super().default(o)
+
+
+class ReverseProxied(object):
+    def __init__(self, app):
+        self.app = app
+
+    def __call__(self, environ, start_response):
+        self_endpoint = os.environ.get("SELF_ENDPOINT", "http://localhost:8000")
+        url = urlparse(self_endpoint)
+        environ["wsgi.url_scheme"] = url.scheme
+        return self.app(environ, start_response)
+
+
+def register_config(config: Optional[str] = None):
+    default_config_file = os.path.join(os.path.dirname(__file__), "config.py")
+
+    config_file = config or default_config_file
+    config_file_path = os.path.abspath(config_file)
+    if os.path.isfile(config_file_path):
+        from importlib.machinery import SourceFileLoader
+
+        # This creates a module named "validators" with the contents of the init file
+        # This allow statements like `from validators import StartsWith`
+        # But more importantly, it registers all of the validators imported in the init
+        SourceFileLoader("config", config_file_path).load_module()
+
+
+def create_app(env: Optional[str] = None, config: Optional[str] = None, port: Optional[int] = None):
+    if os.environ.get("APP_ENVIRONMENT") != "production":
+        from dotenv import load_dotenv
+
+        default_env_file = os.path.join(os.path.dirname(__file__), "default.env")
+        env_file = env or default_env_file
+        env_file_path = os.path.abspath(env_file)
+        load_dotenv(env_file_path)
+
+    set_port = port or os.environ.get("PORT", 8000)
+    host = os.environ.get("HOST", "http://localhost")
+    self_endpoint = os.environ.get("SELF_ENDPOINT", f"{host}:{set_port}")
+    os.environ["SELF_ENDPOINT"] = self_endpoint
+
+    register_config(config)
+
+    app = Flask(__name__)
+    app.json = OverrideJsonProvider(app)
+
+    app.config["APPLICATION_ROOT"] = "/"
+    app.config["PREFERRED_URL_SCHEME"] = "https"
+    app.wsgi_app = ReverseProxied(app.wsgi_app)
+    CORS(app)
+
+    app.wsgi_app = ProxyFix(app.wsgi_app, x_for=1, x_proto=1, x_host=1, x_port=1)
+
+    guardrails_log_level = os.environ.get("GUARDRAILS_LOG_LEVEL", "INFO")
+    configure_logging(log_level=guardrails_log_level)
+
+    if not otel_is_disabled():
+        FlaskInstrumentor().instrument_app(app)
+        initialize()
+
+    # if no pg_host is set, don't set up postgres
+    if postgres_is_enabled():
+        from guardrails_api.clients.postgres_client import PostgresClient
+
+        pg_client = PostgresClient()
+        pg_client.initialize(app)
+        
+    cache_client = CacheClient()
+    cache_client.initialize(app)
+
+    from guardrails_api.blueprints.root import root_bp
+    from guardrails_api.blueprints.guards import guards_bp
+
+    app.register_blueprint(root_bp)
+    app.register_blueprint(guards_bp)
+
+    return app

guardrails_api-0.0.0a0/guardrails_api/blueprints/guards.py

@@ -0,0 +1,326 @@
+import json
+import os
+from guardrails.hub import *  # noqa
+from string import Template
+from typing import Any, Dict, cast
+from flask import Blueprint, Response, request, stream_with_context
+from urllib.parse import unquote_plus
+from guardrails import Guard
+from guardrails.classes import ValidationOutcome
+from opentelemetry.trace import Span
+from guardrails_api_client import Guard as GuardStruct
+from guardrails_api.classes.http_error import HttpError
+from guardrails_api.clients.cache_client import CacheClient
+from guardrails_api.clients.memory_guard_client import MemoryGuardClient
+from guardrails_api.clients.pg_guard_client import PGGuardClient
+from guardrails_api.clients.postgres_client import postgres_is_enabled
+from guardrails_api.utils.handle_error import handle_error
+from guardrails_api.utils.get_llm_callable import get_llm_callable
+
+
+guards_bp = Blueprint("guards", __name__, url_prefix="/guards")
+
+
+# if no pg_host is set, use in memory guards
+if postgres_is_enabled():
+    guard_client = PGGuardClient()
+else:
+    guard_client = MemoryGuardClient()
+    # Will be defined at runtime
+    import config  # noqa
+
+    exports = config.__dir__()
+    for export_name in exports:
+        export = getattr(config, export_name)
+        is_guard = isinstance(export, Guard)
+        if is_guard:
+            guard_client.create_guard(export)
+            
+cache_client = CacheClient()
+
+
+@guards_bp.route("/", methods=["GET", "POST"])
+@handle_error
+def guards():
+    if request.method == "GET":
+        guards = guard_client.get_guards()
+        return [g.to_dict() for g in guards]
+    elif request.method == "POST":
+        if not postgres_is_enabled():
+            raise HttpError(
+                501,
+                "NotImplemented",
+                "POST /guards is not implemented for in-memory guards.",
+            )
+        payload = request.json
+        guard = GuardStruct.from_dict(payload)
+        new_guard = guard_client.create_guard(guard)
+        return new_guard.to_dict()
+    else:
+        raise HttpError(
+            405,
+            "Method Not Allowed",
+            "/guards only supports the GET and POST methods. You specified"
+            " {request_method}".format(request_method=request.method),
+        )
+
+
+@guards_bp.route("/<guard_name>", methods=["GET", "PUT", "DELETE"])
+@handle_error
+def guard(guard_name: str):
+    decoded_guard_name = unquote_plus(guard_name)
+    if request.method == "GET":
+        as_of_query = request.args.get("asOf")
+        guard = guard_client.get_guard(decoded_guard_name, as_of_query)
+        if guard is None:
+            raise HttpError(
+                404,
+                "NotFound",
+                "A Guard with the name {guard_name} does not exist!".format(
+                    guard_name=decoded_guard_name
+                ),
+            )
+        return guard.to_dict()
+    elif request.method == "PUT":
+        if not postgres_is_enabled():
+            raise HttpError(
+                501,
+                "NotImplemented",
+                "PUT /<guard_name> is not implemented for in-memory guards.",
+            )
+        payload = request.json
+        guard = GuardStruct.from_dict(payload)
+        updated_guard = guard_client.upsert_guard(decoded_guard_name, guard)
+        return updated_guard.to_dict()
+    elif request.method == "DELETE":
+        if not postgres_is_enabled():
+            raise HttpError(
+                501,
+                "NotImplemented",
+                "DELETE /<guard_name> is not implemented for in-memory guards.",
+            )
+        guard = guard_client.delete_guard(decoded_guard_name)
+        return guard.to_dict()
+    else:
+        raise HttpError(
+            405,
+            "Method Not Allowed",
+            "/guard/<guard_name> only supports the GET, PUT, and DELETE methods."
+            " You specified {request_method}".format(request_method=request.method),
+        )
+
+
+def collect_telemetry(
+    *,
+    guard: Guard,
+    validate_span: Span,
+    validation_output: ValidationOutcome,
+    prompt_params: Dict[str, Any],
+    result: ValidationOutcome,
+):
+    # Below is all telemetry collection and
+    # should have no impact on what is returned to the user
+    prompt = guard.history.last.inputs.prompt
+    if prompt:
+        prompt = Template(prompt).safe_substitute(**prompt_params)
+        validate_span.set_attribute("prompt", prompt)
+
+    instructions = guard.history.last.inputs.instructions
+    if instructions:
+        instructions = Template(instructions).safe_substitute(**prompt_params)
+        validate_span.set_attribute("instructions", instructions)
+
+    validate_span.set_attribute("validation_status", guard.history.last.status)
+    validate_span.set_attribute("raw_llm_ouput", result.raw_llm_output)
+
+    # Use the serialization from the class instead of re-writing it
+    valid_output: str = (
+        json.dumps(validation_output.validated_output)
+        if isinstance(validation_output.validated_output, dict)
+        else str(validation_output.validated_output)
+    )
+    validate_span.set_attribute("validated_output", valid_output)
+
+    validate_span.set_attribute("tokens_consumed", guard.history.last.tokens_consumed)
+
+    num_of_reasks = (
+        guard.history.last.iterations.length - 1
+        if guard.history.last.iterations.length > 0
+        else 0
+    )
+    validate_span.set_attribute("num_of_reasks", num_of_reasks)
+
+
+@guards_bp.route("/<guard_name>/validate", methods=["POST"])
+@handle_error
+def validate(guard_name: str):
+    # Do we actually need a child span here?
+    # We could probably use the existing span from the request unless we forsee
+    #   capturing the same attributes on non-GaaS Guard runs.
+    if request.method != "POST":
+        raise HttpError(
+            405,
+            "Method Not Allowed",
+            "/guards/<guard_name>/validate only supports the POST method. You specified"
+            " {request_method}".format(request_method=request.method),
+        )
+    payload = request.json
+    openai_api_key = request.headers.get(
+        "x-openai-api-key", os.environ.get("OPENAI_API_KEY")
+    )
+    decoded_guard_name = unquote_plus(guard_name)
+    guard_struct = guard_client.get_guard(decoded_guard_name)
+
+    llm_output = payload.pop("llmOutput", None)
+    num_reasks = payload.pop("numReasks", None)
+    prompt_params = payload.pop("promptParams", {})
+    llm_api = payload.pop("llmApi", None)
+    args = payload.pop("args", [])
+    stream = payload.pop("stream", False)
+
+    # service_name = os.environ.get("OTEL_SERVICE_NAME", "guardrails-api")
+    # otel_tracer = get_tracer(service_name)
+
+    payload["api_key"] = payload.get("api_key", openai_api_key)
+
+    # with otel_tracer.start_as_current_span(
+    #     f"validate-{decoded_guard_name}"
+    # ) as validate_span:
+    # guard: Guard = guard_struct.to_guard(openai_api_key, otel_tracer)
+    guard = guard_struct
+    if not isinstance(guard_struct, Guard):
+        guard: Guard = Guard.from_dict(guard_struct.to_dict())
+
+    # validate_span.set_attribute("guardName", decoded_guard_name)
+    if llm_api is not None:
+        llm_api = get_llm_callable(llm_api)
+        if openai_api_key is None:
+            raise HttpError(
+                status=400,
+                message="BadRequest",
+                cause=(
+                    "Cannot perform calls to OpenAI without an api key.  Pass"
+                    " openai_api_key when initializing the Guard or set the"
+                    " OPENAI_API_KEY environment variable."
+                ),
+            )
+    elif num_reasks and num_reasks > 1:
+        raise HttpError(
+            status=400,
+            message="BadRequest",
+            cause=(
+                "Cannot perform re-asks without an LLM API.  Specify llm_api when"
+                " calling guard(...)."
+            ),
+        )
+
+    if llm_output is not None:
+        if stream:
+            raise HttpError(
+                status=400,
+                message="BadRequest",
+                cause="Streaming is not supported for parse calls!",
+            )
+        result: ValidationOutcome = guard.parse(
+            llm_output=llm_output,
+            num_reasks=num_reasks,
+            prompt_params=prompt_params,
+            llm_api=llm_api,
+            # api_key=openai_api_key,
+            **payload,
+        )
+    else:
+        if stream:
+
+            def guard_streamer():
+                guard_stream = guard(
+                    # llm_api=llm_api,
+                    prompt_params=prompt_params,
+                    num_reasks=num_reasks,
+                    stream=stream,
+                    # api_key=openai_api_key,
+                    *args,
+                    **payload,
+                )
+
+                for result in guard_stream:
+                    # TODO: Just make this a ValidationOutcome with history
+                    validation_output: ValidationOutcome = ValidationOutcome(
+                        result.validation_passed,
+                        result.validated_output,
+                        guard.history,
+                        result.raw_llm_output,
+                    )
+
+                    yield validation_output, cast(ValidationOutcome, result)
+
+            def validate_streamer(guard_iter):
+                next_result = None
+                # next_validation_output = None
+                for validation_output, result in guard_iter:
+                    next_result = result
+                    # next_validation_output = validation_output
+                    fragment = json.dumps(validation_output.to_response())
+                    yield f"{fragment}\n"
+
+                final_validation_output: ValidationOutcome = ValidationOutcome(
+                    validation_passed=next_result.validation_passed,
+                    validated_output=next_result.validated_output,
+                    history=guard.history,
+                    raw_llm_output=next_result.raw_llm_output,
+                )
+                # I don't know if these are actually making it to OpenSearch
+                # because the span may be ended already
+                # collect_telemetry(
+                #     guard=guard,
+                #     validate_span=validate_span,
+                #     validation_output=next_validation_output,
+                #     prompt_params=prompt_params,
+                #     result=next_result
+                # )
+                final_output_json = final_validation_output.to_json()
+                yield f"{final_output_json}\n"
+
+            return Response(
+                stream_with_context(validate_streamer(guard_streamer())),
+                content_type="application/json",
+                # content_type="text/event-stream"
+            )
+
+        result: ValidationOutcome = guard(
+            llm_api=llm_api,
+            prompt_params=prompt_params,
+            num_reasks=num_reasks,
+            # api_key=openai_api_key,
+            *args,
+            **payload,
+        )
+
+    # TODO: Just make this a ValidationOutcome with history
+    # validation_output = ValidationOutcome(
+    #     validation_passed = result.validation_passed,
+    #     validated_output=result.validated_output,
+    #     history=guard.history,
+    #     raw_llm_output=result.raw_llm_output,
+    # )
+
+    # collect_telemetry(
+    #     guard=guard,
+    #     validate_span=validate_span,
+    #     validation_output=validation_output,
+    #     prompt_params=prompt_params,
+    #     result=result
+    # )
+    serialized_history = [
+        call.to_dict() for call in guard.history
+    ]
+    cache_key = f"{guard.name}-{result.call_id}"
+    cache_client.set(cache_key, serialized_history, 300)
+    return result.to_dict()
+
+@guards_bp.route("/<guard_name>/history/<call_id>", methods=["GET"])
+@handle_error
+def guard_history(guard_name: str, call_id: str):
+    if request.method == "GET":
+        cache_key = f"{guard_name}-{call_id}"
+        return cache_client.get(cache_key)