🛡 The AI Firewall — Drop-in Proxy

One line of code.
Every AI request protected.

Change your base_url and every AI call flows through the firewall. No SDK, no rewrite, no downtime.

Try the Demo → See How It Works
your_app.py
1 import openai
2
3 client = openai.OpenAI(
4 base_url="https://api.openai.com/v1",
4 base_url="https://api.onlyallow.ai/v1", # ← only change
5 api_key=os.environ["OPENAI_KEY"]
6 )
That's it. Your AI calls now flow through the OnlyAllowAI firewall.
The Problem
Your AI has the same keys as your engineers
Every other API gateway checks identity. None of them check if the AI actually understands what it's about to do.

🚫 Without the Proxy

# Your app talks directly to OpenAI client = openai.OpenAI( base_url="https://api.openai.com/v1" ) # AI has full access immediately # No competence check # One hallucination = DROP TABLE # Logs show nothing useful

✅ With the Proxy

# Same code — just a different URL client = openai.OpenAI( base_url="https://api.onlyallow.ai/v1" ) # AI must solve a riddle first # 100% score or no access # Glass Box shows every verdict # Self-hardening riddles evolve
Architecture
How the Proxy works — step by step
Your app sends a normal OpenAI request. The proxy intercepts it, tests the AI, and only forwards it if it passes.
①  Your App sends a normal API call
💻

Your App

POST /v1/chat/completions
(standard OpenAI format)

🌐

OnlyAllowAI Proxy

api.onlyallow.ai/v1
Receives every request

②  The Firewall checks the AI

Speed Pass

Already proved itself?
Skip to ④ (< 400ms)

🧩

Riddle Gate

AI solves a knowledge test
built from your real data

Score

100% correct = pass
Anything less = blocked

③  Proxy forwards to real provider
🔑

Cert Issued

Temporary key (5 min)
Cached for Speed Pass

🚀

Forward Request

Sent to OpenAI / Claude /
Groq / Bedrock / any LLM

📡

Response Returns

Your app gets the normal
response — nothing changes

④  Everything logged to Glass Box
🔍

Glass Box Dashboard

Live feed: which AI, what riddle, what score, what happened — in real time

Under the Hood
What happens inside the proxy on every request
From the moment your request arrives until the response comes back.
🔒

1. Decrypt

Request is decrypted with AES-256-GCM. Data was encrypted in your browser/app before it left — even if intercepted in transit, no one can read it.

Pillar 0 — Platform

2. Check Capability Certificate

Does this AI already have a cached cert for this domain? If yes — skip straight to forwarding. Repeat access takes under 400ms.

Speed Pass
🧩

3. Generate Riddle

No cert? The proxy builds a riddle from your actual system data — database table names, service endpoints, project config — whatever the AI should know to work in this domain.

Pillar 2 — Riddle Matrix
📝

4. AI Solves the Riddle

The AI receives messy, real-world data (raw server logs, config files) and must extract the correct answers. An AI that knows the system will solve it instantly. An outsider can't even begin.

5. Grade & Decide

Every field checked — exact match, contains, or regex. 100% correct = pass. Anything less = denied. No partial credit, no negotiation. A temporary key (5 min TTL) and Capability Certificate are issued.

Pillar 1 — Gate Layer
🚀

6. Forward to Provider

The proxy sends the original request to the real LLM provider (OpenAI, Claude, Groq, Bedrock, or any custom endpoint). Your app receives the normal response — zero changes to your code.

🔍

7. Log to Glass Box

Every action — riddle generated, answer submitted, score computed, cert issued or denied — is streamed live to the Glass Box Dashboard via SSE.

Observable
Use Cases
How businesses deploy the proxy
Same one-line change. Different industries, different riddles, same protection.
SaaS / DevOps

🖥 AI deploys to production

An AI agent runs CI/CD pipelines. The riddle tests: "What's the main branch name? What's the staging URL? Which service owns the /api/users endpoint?"

Riddle: "Extract the deploy target from these CI logs…" AI answer: staging-us-east-1 Expected: staging-us-east-1
Finance / Banking

💰 AI accesses transaction data

An AI runs financial reports. The riddle tests: "Who is the CFO? What's the payroll DB table? What's the quarterly tax deadline?"

Riddle: "Parse this financial config and extract the CFO name…" AI answer: Sarah Chen Expected: Sarah Chen
Healthcare

🏥 AI reads patient records

HIPAA compliance requires proof of authorization. The riddle tests domain knowledge: "What EHR system is active? What's the patient ID format? What department owns this data?"

Riddle: "From these system headers, extract the EHR platform…" AI answer: Epic-FHIR-R4 Expected: Epic-FHIR-R4
Cloud Infrastructure

☁️ AI manages AWS/GCP resources

An AI modifies cloud infrastructure. The riddle tests: "What VPC is production? What's the CIDR block? Which IAM role has deploy access?"

Riddle: "Extract the VPC ID from this AWS config dump…" AI answer: vpc-0a1b2c3d4e Expected: vpc-0a1b2c3d4e
E-Commerce

🛒 AI updates product catalog

An AI writes to the product database. The riddle tests: "What's the price table name? What currency format? What's the max discount policy?"

Riddle: "Parse the DB schema and find the products table…" AI answer: catalog.products_v3 Expected: catalog.products_v3
Legal / Compliance

⚖️ AI reviews contracts

An AI accesses confidential legal documents. The riddle tests: "What jurisdiction? What case management system? What document classification level?"

Riddle: "From the case metadata, identify the management system…" AI answer: Clio-Enterprise Expected: Clio-Enterprise
Glass Box
Watch every AI decision — live
Not just logs. A real-time feed showing exactly what AI tried to access, what riddle it received, how it scored, and what happened next.
Live Feed — Glass Box Dashboard
agent-gpt4o-deploy
cloud_infrastructure → backend-prod
100% — PASSED
agent-claude-finance
finance_ops → payroll
60% — DENIED
agent-gpt4o-cicd
ci_cd → github-actions
SPEED PASS ⚡ 180ms
agent-groq-db
database_ops → postgres-main
100% — PASSED
agent-unknown-42
cloud_infrastructure → vpc-prod
0% — BLOCKED
agent-gpt4o-deploy
cloud_infrastructure → backend-staging
SPEED PASS ⚡ 210ms
Two Modules
Choose how the riddle gets built
The proxy works the same either way. The difference is where the riddle knowledge comes from.

👤 Module 1 — Human-Led

# A person onboards the AI # with system knowledge Human tells the firewall: → DB table = "users_v3" → CFO name = "Sarah Chen" → Deploy target = "staging-east" # These become the riddle clues # Only an AI with this knowledge # can solve the riddle

🧠 Module 2 — AI Brain

# An AI Brain auto-scans # your systems automatically AI Brain discovers: → DB table = "users_v3" → CFO name = "Sarah Chen" → Deploy target = "staging-east" # Same riddle, same security # No human intervention needed # Brain keeps riddles fresh
Security
Everything built into the proxy
Drop-in simplicity with enterprise security under the hood.
🔌

OpenAI-Compatible

Works with any app that talks to OpenAI, Claude, Groq, or Bedrock. Change one URL — that's it.

🔒

AES-256-GCM

End-to-end encryption. Data is encrypted in your browser before it leaves — even OnlyAllowAI can't read it in transit.

🧬

Self-Hardening

When pass rates climb above 90%, riddles automatically evolve to stay ahead. Security improves without human intervention.

Speed Pass

Trusted AI skips the riddle with a cached Capability Certificate. Repeat access in under 400ms.

🔐

Safe Room + Auto-Wipe

Extra Security Layer: locked sandbox with no internet, auto-destroyed when done. Applied to either module.

📊

12 Defense Layers

From transport encryption to evolutionary riddle hardening — 12 layers between an AI and your infrastructure.

One line. Full protection.

See the complete walkthrough in our interactive demo, or log in to your dashboard.

Try the Demo → Client Login