Lakera

Lakera Platform API

The Lakera Platform API lets Enterprise SaaS customers programmatically manage Lakera Guard policies and projects. Policies select detectors and per-detector sensitivity (L1–L5); projects bind a protected application to a policy and an API key scope. Self-hosted deployments expose additional /policies/lint and /policies/health endpoints plus Kubernetes startupz/readyz/livez probes for in-cluster operation.

Lakera Platform API is one of 2 APIs that Lakera publishes on the APIs.io network, described by a machine-readable OpenAPI specification.

This API exposes 1 machine-runnable capability that can be deployed as REST, MCP, or Agent Skill surfaces via Naftiko.

Tagged areas include AI Security, Administration, Policies, Projects, and Enterprise. The published artifact set on APIs.io includes API documentation, an OpenAPI specification, and 1 Naftiko capability spec.

GitHub OpenAPI

Documentation

📖
Documentation
https://platform.lakera.ai/docs/api

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/lakera-ai/refs/heads/main/openapi/lakera-platform-api-openapi.yml

Other Resources

🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/lakera-ai/refs/heads/main/capabilities/platform-policies.yaml

OpenAPI Specification

lakera-platform-api-openapi.yml Raw ↑ 
openapi: 3.1.0
info:
  title: Lakera Platform API
  description: |
    The Lakera Platform API allows Enterprise SaaS customers to create and
    manage Lakera Guard policies and projects programmatically. Policies define
    which detectors apply and at what sensitivity; projects bind an application
    to a policy and an API key scope.
  version: "2.0.0"
  contact:
    name: Lakera
    url: https://www.lakera.ai
    email: [email protected]
servers:
  - url: https://api.lakera.ai/v2
    description: Lakera Platform (Global)
security:
  - BearerAuth: []
tags:
  - name: Policies
    description: Create and manage Lakera Guard policies.
  - name: Projects
    description: Create and manage projects bound to policies.
paths:
  /policies:
    get:
      summary: List Policies
      description: List policies available to the authenticated organization.
      operationId: listPolicies
      tags:
        - Policies
      responses:
        '200':
          description: List of policies
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Policy'
    post:
      summary: Create Policy
      description: Create a new Lakera Guard policy that selects detectors and sensitivity.
      operationId: createPolicy
      tags:
        - Policies
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PolicyInput'
      responses:
        '201':
          description: Created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Policy'
  /policies/{policy_id}:
    parameters:
      - in: path
        name: policy_id
        required: true
        schema:
          type: string
    get:
      summary: Get Policy
      operationId: getPolicy
      tags:
        - Policies
      responses:
        '200':
          description: Policy
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Policy'
    put:
      summary: Update Policy
      operationId: updatePolicy
      tags:
        - Policies
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PolicyInput'
      responses:
        '200':
          description: Updated
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Policy'
    delete:
      summary: Delete Policy
      operationId: deletePolicy
      tags:
        - Policies
      responses:
        '204':
          description: Deleted
  /projects:
    get:
      summary: List Projects
      operationId: listProjects
      tags:
        - Projects
      responses:
        '200':
          description: List of projects
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Project'
    post:
      summary: Create Project
      operationId: createProject
      tags:
        - Projects
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ProjectInput'
      responses:
        '201':
          description: Created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Project'
  /projects/{project_id}:
    parameters:
      - in: path
        name: project_id
        required: true
        schema:
          type: string
    get:
      summary: Get Project
      operationId: getProject
      tags:
        - Projects
      responses:
        '200':
          description: Project
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Project'
    put:
      summary: Update Project
      operationId: updateProject
      tags:
        - Projects
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ProjectInput'
      responses:
        '200':
          description: Updated
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Project'
    delete:
      summary: Delete Project
      operationId: deleteProject
      tags:
        - Projects
      responses:
        '204':
          description: Deleted
components:
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: API Key
  schemas:
    Policy:
      type: object
      properties:
        id:
          type: string
        name:
          type: string
        description:
          type: string
        detectors:
          type: array
          items:
            type: object
            properties:
              type:
                type: string
                description: Detector identifier (e.g. `prompt_attack`, `pii`, `content_moderation`, `unknown_links`).
              sensitivity:
                type: string
                enum:
                  - L1
                  - L2
                  - L3
                  - L4
                  - L5
                description: Sensitivity threshold (L1 strictest, L5 most permissive).
              action:
                type: string
                enum:
                  - flag
                  - mask
                  - allow
        created_at:
          type: string
          format: date-time
        modified_at:
          type: string
          format: date-time
    PolicyInput:
      type: object
      required:
        - name
        - detectors
      properties:
        name:
          type: string
        description:
          type: string
        detectors:
          type: array
          items:
            type: object
            properties:
              type:
                type: string
              sensitivity:
                type: string
              action:
                type: string
    Project:
      type: object
      properties:
        id:
          type: string
        name:
          type: string
        policy_id:
          type: string
        created_at:
          type: string
          format: date-time
    ProjectInput:
      type: object
      required:
        - name
        - policy_id
      properties:
        name:
          type: string
        policy_id:
          type: string