> ## Documentation Index
> Fetch the complete documentation index at: https://docs.arouter.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Guardrails

> Enforce organizational policies on every API request. Guardrails control which models can be used, set spending limits, and configure data retention — all from a central place.

ARouter Guardrails let organization admins enforce policies that apply to all API keys and all requests within their organization. Guardrails operate at the gateway layer — before any request reaches an upstream provider.

## What Guardrails Enforce

| Control                 | Description                                    |
| ----------------------- | ---------------------------------------------- |
| **Model allow-list**    | Restrict which models members can use          |
| **Provider allow-list** | Restrict which providers requests can route to |
| **Spending limits**     | Per-key and per-organization budget caps       |
| **Rate limits**         | Request rate limits per key or member          |
| **Data policies**       | ZDR enforcement, data collection restrictions  |

***

## Spending Limits

Set a hard credit limit on any API key. Requests that would exceed the limit are rejected with a `402` error.

### Via Dashboard

Go to [API Keys](https://arouter.ai/keys) → Edit Key → set **Credit Limit**.

### Via API

```bash theme={null}
curl -X PATCH https://api.arouter.ai/api/v1/keys/{key_hash} \
  -H "Authorization: Bearer lr_admin_xxxx" \
  -H "Content-Type: application/json" \
  -d '{"limit_usd": 50.00}'
```

| Field       | Type     | Description                                          |
| ----------- | -------- | ---------------------------------------------------- |
| `limit_usd` | `number` | Maximum cumulative spend in USD. `null` = unlimited. |

When the limit is reached:

```json theme={null}
{
  "error": {
    "code": 402,
    "message": "Credit limit exceeded for this API key.",
    "metadata": {
      "limit_usd": 50.00,
      "used_usd": 50.01
    }
  }
}
```

***

## Rate Limits

Restrict requests per minute or per day per API key.

### Via API

```bash theme={null}
curl -X PATCH https://api.arouter.ai/api/v1/keys/{key_hash} \
  -H "Authorization: Bearer lr_admin_xxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "rate_limit": {
      "requests_per_minute": 60,
      "requests_per_day": 1000
    }
  }'
```

| Field                 | Type      | Description                                  |
| --------------------- | --------- | -------------------------------------------- |
| `requests_per_minute` | `integer` | Max requests per minute. `null` = unlimited. |
| `requests_per_day`    | `integer` | Max requests per day. `null` = unlimited.    |

When the rate limit is exceeded, the API returns `429 Too Many Requests`.

***

## Model Allow-Lists

Restrict an API key to a specific set of models. Requests to other models are rejected.

### Via Dashboard

Go to [API Keys](https://arouter.ai/keys) → Edit Key → **Allowed Models**.

### Via API

```bash theme={null}
curl -X PATCH https://api.arouter.ai/api/v1/keys/{key_hash} \
  -H "Authorization: Bearer lr_admin_xxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "allowed_models": [
      "openai/gpt-5.4",
      "anthropic/claude-sonnet-4.6",
      "google/gemini-2.5-flash"
    ]
  }'
```

A request to a model not in `allowed_models` returns:

```json theme={null}
{
  "error": {
    "code": 403,
    "message": "Model 'openai/o3' is not permitted for this API key."
  }
}
```

***

## Provider Allow-Lists

Restrict which providers requests can route to. Combine with model allow-lists for fine-grained control.

```bash theme={null}
curl -X PATCH https://api.arouter.ai/api/v1/keys/{key_hash} \
  -H "Authorization: Bearer lr_admin_xxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "allowed_providers": ["OpenAI", "Anthropic"]
  }'
```

***

## Data Policy Enforcement

Enforce Zero Data Retention (ZDR) for all requests made with a key:

```bash theme={null}
curl -X PATCH https://api.arouter.ai/api/v1/keys/{key_hash} \
  -H "Authorization: Bearer lr_admin_xxxx" \
  -H "Content-Type: application/json" \
  -d '{"enforce_zdr": true}'
```

With `enforce_zdr: true`, ARouter only routes to providers that have signed Zero Data Retention agreements. See [ZDR](/en/guides/features/zdr) for details.

***

## Guardrail Hierarchy

Policies are applied in this order (most restrictive wins):

```
Organization defaults
  └── API Key overrides
        └── Per-request provider object
```

Example: if your organization default allows only OpenAI and Anthropic, a key-level override cannot add Google. But a key can be *more* restrictive (e.g., OpenAI-only within that org policy).

***

## Viewing Policy Violations

All guardrail rejections are logged in the [Activity](https://arouter.ai/activity) page with:

* Timestamp
* API key used
* Rejection reason (`rate_limit_exceeded`, `model_not_allowed`, `credit_limit_exceeded`, `provider_not_allowed`)
* Request metadata (model, tokens if applicable)

***

## Enterprise Controls

For enterprise organizations, additional controls are available:

* **Organization-wide model allow-lists** — Apply to all keys in the org automatically
* **Member-level budget allocation** — Assign individual spending budgets to team members
* **Audit logs** — Full request audit trail for compliance

Contact [support@arouter.ai](mailto:support@arouter.ai) for enterprise Guardrails configuration.

***

## Related

* [Key Management](/en/guides/key-management) — Create and manage API keys
* [ZDR](/en/guides/features/zdr) — Zero Data Retention enforcement
* [Organization Management](/en/guides/administration/organization-management) — Manage team members and shared resources
* [Usage Accounting](/en/guides/administration/usage-accounting) — Track spending per key and member
