Skip to main content
GET
/
api
/
runtime-security
/
config
Read current workspace settings
curl --request GET \
  --url https://api.antidote.example.com/api/runtime-security/config \
  --header 'X-API-Key: <api-key>'
{
  "enabled": true,
  "injection_model": "<string>",
  "block_threshold": 0.85,
  "redact_threshold": 0.55,
  "max_text_length": 32000,
  "log_events": true,
  "pre_prompt": "<string>",
  "pre_prompt_placement": "prepend",
  "agentic": {
    "tool_allowlist": [
      "<string>"
    ],
    "tool_denylist": [
      "<string>"
    ],
    "max_arg_bytes": 32000,
    "allow_private_network": false
  }
}

Authorizations

X-API-Key
string
header
required

Antidote workspace API key (ak_live_…). Use this header for the scan API and the OpenAI proxy routes. The required permission scope is runtime_security.scan for scan endpoints, runtime_security.view for read-only analytics, and runtime_security.manage for configuration changes.

Response

200 - application/json

Current settings

enabled
boolean
default:true
injection_model
string

Hugging Face model id for the injection classifier.

block_threshold
number
default:0.85
Required range: 0 <= x <= 1
redact_threshold
number
default:0.55
Required range: 0 <= x <= 1
max_text_length
integer
default:32000
Required range: 256 <= x <= 200000
log_events
boolean
default:true
pre_prompt
string | null
Maximum string length: 20000
pre_prompt_placement
enum<string>
default:prepend
Available options:
prepend,
append,
sandwich
agentic
object