Protect prompts before GPT
Replace direct calls to OpenAI with calls to the Privian gateway so prompts are masked before they leave your trust boundary.
Before
ts
// Direct: prompt with PII leaves your trust boundary unmasked.
await fetch("https://api.openai.com/v1/chat/completions", {
method: "POST",
headers: {
Authorization: `Bearer ${process.env.OPENAI_API_KEY!}`,
"Content-Type": "application/json",
},
body: JSON.stringify({
model: "gpt-4o-mini",
messages: [{ role: "user", content: "Email john@acme.com about Friday." }],
}),
});After
ts
// Via Privian: the masked prompt is forwarded; the response is rehydrated.
await fetch("https://api.privian.io/v1/gateway", {
method: "POST",
headers: {
Authorization: `Bearer ${process.env.PRIVIAN_API_KEY!}`,
"Content-Type": "application/json",
},
body: JSON.stringify({
prompt: "Email john@acme.com about Friday.",
model: "openai/gpt-5.5",
}),
});Steps
- Create a Privian gateway key in the dashboard.
- Add your OpenAI key once as a BYOK provider credential. See BYOK.
- Replace the OpenAI endpoint with
https://api.privian.io/v1/gateway. - Replace the OpenAI
modelwith a provider-namespaced ID likeopenai/gpt-5.5. - Read the rehydrated answer from
response.
What you gain
- OpenAI sees masked prompts only.
- Your application never holds the OpenAI key.
- Diagnostic counts (
entitiesDetected, latency split) without storing the prompt.
Limitations
- The beta exposes a gateway-native JSON shape (
prompt+model), not a drop-in OpenAI SDK replacement. - Tool calling, function calling, and structured outputs are not yet exposed via the gateway.