Product

Privacy-first LLM gateway for secure AI prompts

Provider-agnostic. BYOK by default. Sensitive data masked before any provider call.

One endpoint in front of OpenAI, Anthropic and other providers — with PII masking and rehydration applied at the edge so the model never sees personal or secret values.

Definition

What is an LLM gateway?

A privacy-first gateway changes both where requests are routed and what content crosses the provider boundary.

Privian runs masking and rehydration before any provider call. See the glossary entry for a longer definition, or the AI Security Layer category page for how it fits into the broader stack.

LLM gateway request flowApplication request passes through gateway policy checks and provider routing before the response returns.Applicationone endpointGatewayauthenticatePolicy checksdetect and maskProvider routingcustomer BYOKResponserehydratedApplication request passes through gateway policy checks and provider routing before the response returns.
LLM gateway request flow

Why it matters

Why privacy-first routing matters

A pure routing gateway changes nothing about what the provider sees. Customer emails, internal documents, support transcripts and developer scratch prompts all reach the model verbatim. A privacy-first gateway shrinks that exposure surface at the edge.

  • Customer identifiers in product AI features
  • Employee data in internal copilots
  • Ticket content in customer support workflows
  • Secrets and API keys in developer experimentation

How it works

Inside a gateway request

  1. Step 1

    Client → Privian

    Your app POSTs prompt + model to a single Privian endpoint with a gateway API key.

  2. Step 2

    Detection

    Inbound prompt is scanned for personal and sensitive entities.

  3. Step 3

    Masking

    Detected values are replaced with deterministic placeholders (PERSON_1, EMAIL_2, ...) for the request.

  4. Step 4

    Provider call

    Masked prompt is forwarded to the configured provider using your decrypted BYOK credentials.

  5. Step 5

    Rehydration

    The provider response is scanned and placeholders are restored from the in-memory mapping.

  6. Step 6

    Response

    Your app receives a normal, rehydrated response. The mapping is discarded.

Framework

Gateway request sequence

  1. 01

    Authenticate

    Validate the gateway key and request shape.

  2. 02

    Protect

    Detect and mask supported sensitive values.

  3. 03

    Route

    Select the provider from the namespaced model id.

  4. 04

    Restore

    Rehydrate the provider response in memory.

Technical

Technical implementation

Provider-namespaced models

Models are addressed as provider/id, e.g. openai/gpt-4o-mini or anthropic/claude-sonnet-4-5. The full list lives in the models catalog.

BYOK credentials

Provider keys are stored AES-GCM encrypted at rest. They are decrypted in-process only while routing a request.

OpenAI-compatible

Drop-in OpenAI Chat Completions endpoint. Use the OpenAI SDK by setting baseURL to https://api.privian.io/v1.

Zero retention

Raw prompts and responses are never persisted. Only structural counters are kept for observability.

Example

Example request

Privian is OpenAI Chat Completions-compatible — point the OpenAI SDK (or any HTTP client) at https://api.privian.io/v1/chat/completions.

curl -sS -X POST "https://api.privian.io/v1/chat/completions" \
  -H "Authorization: Bearer $PRIVIAN_GATEWAY_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "openai/gpt-4o-mini",
    "messages": [
      { "role": "user", "content": "Email me at michael@example.com about ticket #4821." }
    ]
  }'

Provider-namespaced model ids from the Privian catalog. The legacy /v1/gateway endpoint with the { prompt, model } shape also remains supported. See the API reference for the full request and response shape.

Application to gateway

Application sends: "Email michael@example.com about ticket #4821."

Gateway to provider

Provider receives: "Email EMAIL_1 about ticket #4821."

Capabilities

Supported capabilities

  • Multi-provider routing

    OpenAI, Anthropic and other providers behind one endpoint.

  • PII masking

    Personal and secret entities replaced before the provider call.

  • Rehydration

    Placeholders restored in the response so your app sees real values.

  • BYOK

    Your provider credentials, encrypted at rest, used at request time.

  • Gateway API keys

    Scoped Privian keys (sk-gw_live_… / sk-gw_test_…) for your apps.

  • Structural observability

    Counters and metadata without storing raw prompts.

Transparency

Current limitations

  • No streaming yet (stream: true is rejected)
  • No tool / function calling
  • No JSON mode / structured outputs
  • No multimodal content (text only)
  • No Responses API
  • No HIPAA / SOC 2 / PCI claims at this time

FAQ

Frequently asked questions

What is an LLM gateway?
An LLM gateway is a routing layer that accepts AI requests from your application and forwards them to one or more model providers. It is where authentication, model selection and observability live. Privian adds PII masking, prompt privacy and rehydration on top of that routing layer.
How is Privian different from a generic AI gateway?
A generic AI gateway just routes traffic — whatever you POST, the provider sees. Privian is privacy-first: sensitive values are detected and replaced with deterministic placeholders before the provider call, then restored in the response.
Does Privian support the OpenAI SDK as a drop-in?
Yes — for non-streaming Chat Completions. Point the OpenAI Python or Node SDK at https://api.privian.io/v1 as the base URL and call /chat/completions with model + messages[]. Streaming, tool/function calling, JSON mode, multimodal content, and the Responses API are not yet supported.
Does the LLM provider see personal data?
No. Detected entities are masked at the edge with stable placeholders. Only the masked prompt reaches the provider.
How does BYOK work?
You add your provider credentials (OpenAI, Anthropic, etc.) in the dashboard. They are encrypted at rest using AES-GCM and decrypted in-process at request time. Token usage continues to bill against your provider account — Privian does not resell tokens.
Does the gateway store prompts or responses?
No. Raw prompts and responses are never persisted. Only structural counters are kept for observability.

Enterprise review

Questions buyers commonly ask

Can we use our own provider account?
Yes. Privian uses your encrypted provider credentials at request time; provider usage remains on your account.
Does Privian route requests?
Yes. The gateway selects the configured provider from the provider-namespaced model id after applying request controls.
Can providers be changed later?
Yes. Applications use one gateway endpoint while model selection identifies the target provider.
Are prompts retained?
No. Raw prompts and responses are not persisted; structural counters support observability.

Start building

Send your first masked prompt

Scope

What this does NOT solve

Plans & pricing

See pricing for Privian's privacy-first LLM gateway

Pricing is published transparently. BYOK, zero retention, provider-agnostic. Beta plans may change.