Create a guardrail | OpenRouter

curl -X POST https://openrouter.ai/api/v1/guardrails \
     -H "Authorization: Bearer <token>" \
     -H "Content-Type: application/json" \
     -d '{
  "name": "My New Guardrail",
  "allowed_models": null,
  "allowed_providers": [
    "openai",
    "anthropic",
    "deepseek"
  ],
  "description": "A guardrail for limiting API usage",
  "enforce_zdr": false,
  "ignored_models": null,
  "ignored_providers": null,
  "limit_usd": 50,
  "reset_interval": "monthly"
}'

{
  "data": {
    "created_at": "2025-08-24T10:30:00Z",
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "name": "My New Guardrail",
    "workspace_id": "0df9e665-d932-5740-b2c7-b52af166bc11",
    "allowed_models": null,
    "allowed_providers": [
      "openai",
      "anthropic",
      "google"
    ],
    "description": "A guardrail for limiting API usage",
    "enforce_zdr": false,
    "ignored_models": null,
    "ignored_providers": null,
    "limit_usd": 50,
    "reset_interval": "monthly",
    "updated_at": null
  }
}

Create a new guardrail for the authenticated user. Management key required.

Authentication

AuthorizationBearer

API key as bearer token in Authorization header

Request

This endpoint expects an object.

namestringRequired1-200 characters

Name for the new guardrail

allowed_modelslist of strings or nullOptional

Array of model identifiers (slug or canonical_slug accepted)

allowed_providerslist of strings or nullOptional

List of allowed provider IDs

content_filter_builtinslist of objects or nullOptional

Builtin content filters to apply. Use slug “regex-prompt-injection” with action “block”, “flag”, or “redact” to enable heuristic prompt injection detection.

content_filterslist of objects or nullOptional

Custom regex content filters to apply to request messages

descriptionstring or nullOptional<=1000 characters

Description of the guardrail

enforce_zdrboolean or nullOptional

Whether to enforce zero data retention

ignored_modelslist of strings or nullOptional

Array of model identifiers to exclude from routing (slug or canonical_slug accepted)

ignored_providerslist of strings or nullOptional

List of provider IDs to exclude from routing

limit_usddouble or nullOptional

Spending limit in USD

reset_intervalenumOptional

Interval at which the limit resets (daily, weekly, monthly)

Allowed values:

workspace_idstringOptionalformat: "uuid"

The workspace to create the guardrail in. Defaults to the default workspace if not provided.

Response

Guardrail created successfully

dataobject

The created guardrail

Errors

400

Bad Request Error

401

Unauthorized Error

403

Forbidden Error

500

Internal Server Error