Documentation

Providers & Models

Decide which AI vendors your organisation may use, and which models — enforced on every request, for every client.

Two allow/deny lists, applied to every request before your content guardrails even run.

They are separate because they answer different questions. Provider policy is a procurement and jurisdiction question: do we have an agreement with these people? Model policy is a cost and capability question: of the models we could use, which do we want to be using?

The one rule that surprises people

Warning

The first allow entry for a provider flips it into allowlist mode.

With no model entries at all, every model that provider offers is usable. Add a single allow entry and the behaviour inverts: only the models you have explicitly allowed will pass, and everything else is refused.

There is no separate “enable allowlist” switch. Adding one allow entry is the switch.

This catches people out, and it is worth internalising before you add your first allow rule. See model allow/deny.

Defaults are permissive

A provider with no policy is allowed. A model at a provider with no allow entries is allowed.

If your posture is “deny everything except what we approved”, you must say so explicitly — deny the providers you have not approved, or allowlist the models you have. There is no global default-deny.

Write the whole thing down in a policy file so the complete posture is reviewable in one diff, rather than reconstructed from a dashboard.

The pages