IAGA Sentinel
Available on request

One endpoint in front of every LLM provider.

IAGA Gateway is a single OpenAI-compatible endpoint that sits in front of the major LLM providers and adds what the providers alone do not: reliability, cost control, security and safety, and compliance. Your application code does not change. You point the base URL at IAGA.

Request accessinfo@iaga.tech
A separate product

IAGA Gateway is not IAGA Sentinel. Sentinel is the EU AI Act conformity-evidence layer that produces signed, offline-verifiable proof of what autonomous agents do. The Gateway governs and optimizes live LLM traffic. Different product, different purpose. The Gateway is offered to enterprises on request.

The path of a call

Your app
any OpenAI SDK
IAGA Gateway
routing · cache · safety · policy · audit
  • OpenAI
  • Anthropic
  • Groq
  • Google Gemini
  • OpenRouter

What it does

Four columns of value, on top of whichever provider answers.

01

Reliability

Stay up when a provider does not.

  • Intelligent routing across providers with automatic cascading fallback.
  • Self-heal prunes decommissioned models and repairs stale routing targets.
  • A circuit breaker (three-failure threshold) and a five-minute health tracker isolate failing providers.
  • Native passthrough when a model is served directly, plus cause-aware error classification, so no more opaque 424s.
02

Cost control

Pay for the tokens you actually need.

  • Exact cache with a context-sensitive key (tools, format, seed, multimodal) and no false hits.
  • Semantic cache over similar queries via embeddings, skipped automatically for tool, vision, and JSON calls.
  • Per-workspace budgets and token budgets, cost alerts, and usage metering.
  • Tool Call Control trims needless tool calls and prices the saving against official 2026 rates.
  • Measured at around 94% cache hit ratio in a 5,000-call load test.
03

Security and safety

Guardrails on the request and the response.

  • A resilient critique chain (OpenRouter, then Groq, then OpenAI) scores each response, with optional fail-closed.
  • PII redaction on the way in and the way out (opt-in).
  • Tool-abuse guard against exfiltration and remote code execution.
  • Per-workspace crypto envelope (data key plus master key, with rotation) for provider credentials.
  • Account and infrastructure defenses: TOTP MFA (argon2id), HIBP breach checks, SSRF URL guard, CSRF, row-level security, IP allowlists, anomaly detection.
04

Governance and compliance

Bring your keys, keep the audit trail.

  • BYOK multi-key: your own provider keys, several per provider per workspace, with rotation and expiry.
  • Per-workspace policy and a complete audit log.
  • Observability through OpenTelemetry, Sentry, and metrics, with consistent _iaga.* telemetry even on blocked calls.
  • Bilingual legal and compliance pages (EN and FR): Trust, Security, Subprocessors, DPA, Privacy, Terms.
  • SAML and SCIM foundations for enterprise SSO.

How a request flows

Every call passes the same ordered pipeline, before and after it reaches a provider.

  1. 01Authentication, rate limiting, permissions, and replay-safe idempotency.
  2. 02Payload validation with Zod: streaming, tool calls, multimodal, JSON schema.
  3. 03Workspace policy: output-token caps, fail-closed mode, prompt enforcement.
  4. 04Tool Call Control: a heuristic gate, an LLM verifier, and anti-abuse, before the provider is called.
  5. 05Routing by scoring, capability, and health, with cascading fallback and native passthrough.
  6. 06Cache: exact first, then semantic.
  7. 07Critique and safety on the response, with PII redaction on the way out.
  8. 08Audit and telemetry (_iaga.*) on every request.

Connect in one line

It speaks the OpenAI Chat Completions API. Point your existing SDK at the IAGA base URL and keep the rest of your code.

your app · drop-in
# point any OpenAI SDK at the IAGA base URL
base_url = "https://api.iaga.tech/api/v1/gateway"

# nothing else changes
POST /api/v1/gateway/chat-completions
API
POST /api/v1/gateway/chat-completions, a drop-in OpenAI-compatible endpoint.
Dashboard
A single-page console: API keys, providers and BYOK, routing, policy, prompts, budgets, billing, batch, webhooks, requests, and a playground.
SDKs
Node and Python packages.

Providers

OpenAI · Anthropic · Groq · Google Gemini · OpenRouter

Stack

Next.js 14 (App Router) · TypeScript · Prisma + Postgres (Neon) · Upstash Redis · BullMQ workers · Stripe billing · Resend email · Sentry + OpenTelemetry.

v1.0.1On request

Production-ready for first customers. 839 of 852 tests green, all major subsystems in production, and the known 424, semantic-cache, and critique incidents resolved.

BetaTool Call Control

Available to enterprises on request.

Tell us your providers and the shape of your workspace, and we will set up access.

Request accessinfo@iaga.tech