Today we're excited to announce OpenGuardrails 4.5.0, featuring Direct Model Access—a groundbreaking capability designed specifically for enterprises who want to quickly test OpenGuardrails in their environment without the operational overhead of hosting AI models themselves.
The Private POC Challenge
Enterprises face a common dilemma when evaluating AI safety platforms: running a full proof-of-concept requires significant infrastructure investment—GPU clusters, model hosting, operational expertise—before they can even validate if the solution meets their needs. At the same time, sending sensitive production data to a SaaS platform raises valid privacy and compliance concerns.
OpenGuardrails 4.5.0 solves this with Direct Model Access: you deploy the OpenGuardrails platform locally via Docker, but point it to our SaaS-hosted models. Your data stays in your infrastructure, our models handle the AI workload, and nothing is logged.
How It Works: Three Simple Steps
Getting started with Direct Model Access takes minutes:
- Get your Model API Key from the OpenGuardrails SaaS platform (Account page)
- Configure your local deployment to use our SaaS model endpoints (base_url + API key)
- Deploy the OpenGuardrails platform locally with a single Docker command: docker compose up -d
That's it. You now have a fully functional guardrails platform running in your environment, using state-of-the-art OpenGuardrails-Text (3.3B, 119 languages) and bge-m3 embedding models hosted by us—without any of your data leaving your network except for the model inference requests.
Zero-Data-Logging Guarantee
The most critical aspect of Direct Model Access is our privacy commitment: we do not log message content, period. When you use a Model API Key (as opposed to a regular application API key), our infrastructure:
- Does NOT store prompt text
- Does NOT store response content
- Does NOT log IP addresses
- Does NOT track User-Agent strings
- ONLY records aggregated usage statistics (request count, token count) for billing
This is enforced at the database level—the model_usage table only stores tenant_id, model_name, token counts, and usage_date. There is no column for message content, and our code path explicitly bypasses all content logging. This architecture ensures data sovereignty even when accessing remote models.
Perfect for Enterprise POCs
Direct Model Access is ideal for scenarios where you need to validate OpenGuardrails quickly without committing to full infrastructure:
- Proof-of-concept deployments: Test OpenGuardrails with real workloads in days, not weeks
- Private testing environments: Run integration tests without exposing data to external systems
- Regulatory compliance trials: Validate safety controls while maintaining data residency
- Development and staging: Use production-grade models without production-grade costs
- Custom guardrails experimentation: Build custom policies locally using powerful remote models
Technical Implementation
Under the hood, Direct Model Access is built on a simple but powerful architecture. Each user gets two types of API keys:
- Application API Key (sk-xxai-xxx): For full guardrails detection with content logging and audit trails
- Model API Key (sk-xxai-model-xxx): For direct model access with zero content logging
The OpenAI-compatible API endpoint (/v1/model/chat/completions) supports both streaming and non-streaming responses. Example usage with the OpenAI Python SDK:
from openai import OpenAI
client = OpenAI(
base_url="https://api.openguardrails.com/v1/model/",
api_key="sk-xxai-model-YOUR_KEY"
)
response = client.chat.completions.create(
model="OpenGuardrails-Text",
messages=[{"role": "user", "content": "Hello"}],
stream=True
)
You can regenerate your Model API Key at any time from the Account page, instantly invalidating the old key for security.
Transition to Fully Private Deployment
Direct Model Access is designed as a stepping stone, not a permanent solution. Once your POC succeeds and you're ready to deploy OpenGuardrails at scale, you can easily transition to a fully private deployment by hosting the models yourself—either on your own GPU infrastructure or via a private cloud provider.
The platform architecture is identical whether you use Direct Model Access or self-hosted models. Simply update the model endpoint configuration in your environment variables, and you're running 100% air-gapped with zero external dependencies.
When NOT to Use Direct Model Access
While powerful for POCs, Direct Model Access is not recommended for all scenarios:
- Production workloads requiring full audit trails
- Environments with strict no-internet policies (air-gapped networks)
- Applications where content logging is required by regulation
- High-throughput scenarios where network latency to SaaS is prohibitive
For these cases, we recommend deploying the complete OpenGuardrails stack—platform plus models—within your infrastructure.
Getting Started Today
OpenGuardrails 4.5.0 is available now. To get started with Direct Model Access:
- Sign up for a free account at openguardrails.com
- Navigate to Account settings and copy your Model API Key
- Clone the OpenGuardrails repository: git clone https://github.com/openguardrails/openguardrails
- Set environment variables MODEL_BASE_URL and MODEL_API_KEY
- Run docker compose up -d
You'll have a production-ready guardrails platform running in under 10 minutes, with access to state-of-the-art safety models and zero data logging. Full documentation is available in our Model API Key Management Guide.
Looking Forward
Direct Model Access represents our commitment to lowering the barriers to AI safety adoption. By decoupling platform deployment from model hosting, we enable enterprises to validate OpenGuardrails in their environment without sacrificing privacy or incurring infrastructure costs.
As always, OpenGuardrails remains 100% open source under Apache 2.0. Whether you choose Direct Model Access for POCs or full self-hosting for production, you get the same transparent, auditable, and extensible safety platform.
Questions? Reach out to thomas@openguardrails.com or open an issue on GitHub.