CloakPipe speaks the OpenAI API dialect, so the simplest integration is changing one base URL. For the frameworks, gateways, and agent runtimes you already run, there's native middleware — no rewrites, no lock-in, and the same Rust pipeline underneath every connector.
The proxy is OpenAI-compatible and provider-agnostic. Point your app at a CloakPipe endpoint and route to closed models, managed clouds, or self-hosted weights. Different masking policies per provider — strict for closed models, lighter or bypassed for models inside your own perimeter.
Swap api.openai.com for your CloakPipe base URL. GPT-class models, function calling, and streaming SSE all keep working unchanged.
Pseudonymize prompts before they reach Claude, then rehydrate the streamed response in real time. Privileged content never leaves your control.
Mask financial and customer data on the way to Gemini, restore real values on return. Per-entity policy decides what Google ever sees.
Route to Bedrock-hosted models with the same detection pipeline in front. Vault and audit run inside your AWS account.
Azure deployments behave like any other OpenAI-compatible target. One config switch, full pseudonymization and rehydration.
Forward clean prompts to Mistral endpoints. Structurally valid replacements keep the model reasoning correctly about entities.
Cohere chat and command models route through the proxy with the same sub-50 ms overhead and full audit trail.
If it speaks the OpenAI API dialect, CloakPipe routes to it. No SDK fork required — just the base URL.
Run models inside your perimeter via vLLM, Ollama, or Text Generation Inference. Policy can bypass masking when the model is already yours.
For the orchestration frameworks you already build on, CloakPipe ships as a wrapper that slots into the existing data path. One line in your chain or agent — masking, vault, and policy come along for free.
CloakPipeRunnable middleware. Drop-in for any chain or agent. Streaming-safe.AutoGen and other multi-agent runtimes are covered by the same model: the orchestrator defines the security posture, each agent gets its own masking context, access level, and audit scope, and individual agents cannot override it. The framework changes; the trust layer underneath does not.
For platforms that route requests across many model providers, CloakPipe embeds as middleware in the existing proxy chain. A single integration protects all downstream calls for every user of the gateway.
Close the content-privacy gap on routed closed models. CloakPipe sits in the proxy chain, masking before the provider ever sees a prompt.
Add pseudonymization to multi-provider routing. One embed protects every model OpenRouter forwards to.
Run as a middleware plugin in the LiteLLM proxy chain so one config protects all downstream models at once.
Enterprise API gateway adding AI features. PII protection is the natural next layer in the request lifecycle.
Slot CloakPipe into Gravitee's AI gateway policy chain for masking and audit across every routed model call.
Add a privacy layer to edge-routed model traffic, with vault and audit hosted inside your own perimeter.
Embed masking middleware into Portkey's gateway so prompts are pseudonymized before reaching any configured provider.
Wrap TrueFoundry's model gateway with CloakPipe to keep sensitive data inside your infrastructure across every deployment.
The native Model Context Protocol server exposes CloakPipe's core operations as agent tools. Any MCP client can mask, unmask, scan, and apply policy without leaving the protocol — and every call lands in the audit trail.
mask_text, mask_file, and unmask_in_context let an agent pseudonymize content and reverse it under policy — vault-backed, authorized per request.
scan_directory detects sensitive data across files and data sources, returning entity types and confidence without ever exposing raw values.
Agents evaluate masking and unmask decisions against the same OPA / Cedar policy engine the proxy uses. The orchestrator's posture is enforced, not advisory.
Drop the server into Claude Desktop, Cursor, or any MCP-compatible runtime. Tool responses are intercepted, scanned, and policy-checked before the agent processes them.
The vault encrypts every real value with AES-256, and the root keys stay yours. Bring-your-own-key through your existing KMS — CloakPipe never holds the keys to your customer's data. Envelope encryption with automatic rotation.
Customer-managed keys in AWS KMS via envelope encryption. Keys rotate on your schedule; existing tokens stay decryptable.
Root keys in Google Cloud KMS. Per-tenant vault namespaces mean no cross-tenant access is possible at the cryptographic level.
Manage encryption keys in Azure Key Vault. Automatic rotation runs without disrupting active tokens.
Use Vault Transit as the key-management backend for BYOK envelope encryption across self-hosted and air-gapped deployments.
Single sign-on and provisioning plug into your existing identity provider. IdP roles map directly to CloakPipe policies, so who can unmask what is decided by the same directory that runs the rest of your stack.
Enterprise SSO via SAML 2.0. Authenticate operators against your IdP before any unmask or dashboard access.
OpenID Connect single sign-on for modern identity providers, with session and role claims flowing into policy decisions.
Automatic user provisioning and de-provisioning through SCIM. Lifecycle stays in sync with your directory.
Map directory groups and roles straight onto CloakPipe RBAC and CBAC rules — physicians unmask diagnoses, sales never can.
Every API call emits structured traces, metrics, and logs from day one. Export to any OTEL-compatible collector with pre-built dashboards for detection rates, entity distribution, latency percentiles, and unmask patterns.
Traces, metrics, and logs in OTEL format. The foundation every other observability integration builds on — no vendor lock-in.
Stream CloakPipe telemetry into Datadog dashboards and monitors for latency, detection, and policy-decision metrics.
Visualize entity-type distribution and proxy overhead in Grafana with the bundled OTEL-backed dashboards.
Forward structured events to Splunk for operational monitoring alongside the rest of your platform telemetry.
High-cardinality tracing in Honeycomb to debug per-request detection and rehydration behavior.
Scrape CloakPipe metrics with Prometheus for alerting on latency percentiles and detection-rate anomalies.
Audit logs are privacy-safe by design — they record what types of data were processed and what actions were taken, never the values. Wire them into the evidence and SIEM tools you already run for SOC 2 and security operations.
Automated SOC 2 evidence collection. CloakPipe's access-control and audit-logging controls feed Vanta continuously.
Continuous compliance monitoring with Drata, pulling encryption and change-management evidence from the audit layer.
Connect Comp AI for SOC 2 evidence automation across CloakPipe's logging, encryption, and access controls.
Webhook integration streams privacy-relevant events into Splunk, Microsoft Sentinel, or Elastic for security monitoring and alerting.
Need a connector that isn't listed? The proxy is OpenAI-compatible and the audit layer is OTEL-native, so most integrations are a base-URL switch or a webhook away. Talk to us about embedding CloakPipe into your gateway or platform — Email the team →