AI Control Tower

Documentation

Complete guide to integrating and using AI Control Tower

Quick Start

Get started with AI Control Tower in less than 10 minutes. Track your first AI decision and start building compliance from day one.

Prerequisites

  • Node.js 18+ or Python 3.8+
  • An AI Control Tower account
  • Your API key from the settings page

Installation

JavaScript/TypeScript

npm install @ai-control-tower/sdk

# or

yarn add @ai-control-tower/sdk

Python

pip install ai-control-tower

Other Languages

Use our REST API directly. SDKs for Go, Ruby, and Java coming soon.

Authentication

Initialize the SDK with your API key:

JavaScript/TypeScript

import { AIControlTower } from '@ai-control-tower/sdk';

const act = new AIControlTower({
  apiKey: process.env.ACT_API_KEY,
});

Python

from ai_control_tower import AIControlTower

act = AIControlTower(api_key=os.environ["ACT_API_KEY"])

Integrity Verification

AI Control Tower uses SHA-256 hash-chain technology to create tamper-evident audit trails for all AI decisions. Every decision is cryptographically linked to the previous one, making it impossible to modify historical records without detection.

How Hash-Chain Integrity Works

  • Each decision receives a unique SHA-256 hash based on its contents
  • The hash includes a reference to the previous decision's hash
  • Any modification breaks the chain and is immediately detectable
  • Auditors can verify the complete chain at any time

Verify Chain Integrity

const verification = await act.verifyIntegrity({
  startDate: "2024-01-01",
  endDate: "2024-01-31",
});

console.log(verification.status); // "valid" | "compromised"
console.log(verification.decisionsVerified); // 1,247
console.log(verification.chainHash); // "sha256:abc123..."

Get Decision Hash

const decision = await act.getDecision("dec_abc123");

console.log(decision.integrity);
// {
//   hash: "sha256:7f83b162...",
//   previousHash: "sha256:a4bfc3d2...",
//   chainPosition: 1247,
//   verified: true
// }

Usage Monitoring

Track AI usage across your organization with governance-focused monitoring. Set policies, monitor compliance, and receive alerts when thresholds are exceeded.

Get Usage Statistics

const usage = await act.getUsage({
  period: "30d",
  groupBy: "user", // or "model", "department"
});

console.log(usage.totalDecisions); // 12,847
console.log(usage.activeUsers); // 45
console.log(usage.policyViolations); // 0
console.log(usage.breakdownByUser); // [...]

Set Usage Alerts

await act.createAlert({
  type: "usage_threshold",
  metric: "decisions_per_user",
  threshold: 1000,
  period: "daily",
  severity: "warning",
});

// Also available:
// - "cost_threshold" - Alert when costs exceed limit
// - "high_risk_decision" - Alert on high-risk AI decisions
// - "integrity_violation" - Alert if chain verification fails

Track AI Decision

Track every AI decision with full context, inputs, outputs, and metadata:

const decision = await act.trackDecision({
  model: "gpt-4",
  provider: "openai",
  input: "What is the capital of France?",
  output: "The capital of France is Paris.",
  metadata: {
    userId: "user_123",
    sessionId: "session_456",
    environment: "production",
  },
  cost: 0.0023,
  latency: 234,
  tokens: {
    input: 8,
    output: 7,
    total: 15,
  },
});

console.log("Decision ID:", decision.id);

Generate Explanation

Generate human-readable explanations for AI decisions to meet regulatory requirements:

const explanation = await act.explainDecision({
  decisionId: decision.id,
  framework: "gdpr", // or "hipaa", "eu-ai-act", etc.
});

console.log(explanation.summary);
// "This AI decision used GPT-4 to answer a factual question..."

Check Policy Compliance

Validate decisions against your governance policies before execution:

const policyCheck = await act.checkPolicy({
  model: "gpt-4",
  provider: "openai",
  input: userPrompt,
});

if (policyCheck.status === "violation") {
  console.error("Policy violation:", policyCheck.violations);
  // Block the AI request
} else {
  // Proceed with AI request
  const response = await openai.chat.completions.create({...});

  // Track the decision
  await act.trackDecision({...});
}

REST API

Use the REST API directly if you prefer:

Base URL

https://api.aicontroltower.com/v1

POST /decisions

Track a new AI decision

curl -X POST https://api.aicontroltower.com/v1/decisions \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "gpt-4",
    "provider": "openai",
    "input": "What is the capital of France?",
    "output": "The capital of France is Paris.",
    "cost": 0.0023,
    "latency": 234
  }'

POST /explanations

Generate an explanation for a decision

curl -X POST https://api.aicontroltower.com/v1/explanations \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "decision_id": "dec_abc123",
    "framework": "gdpr"
  }'

POST /policy-checks

Check if a decision would violate policies

curl -X POST https://api.aicontroltower.com/v1/policy-checks \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "gpt-4",
    "provider": "openai",
    "input": "Sensitive user prompt"
  }'

Webhooks

Configure webhooks to receive real-time notifications for policy violations and other events:

Event Types

  • policy.violation - A decision violated a policy
  • cost.threshold - Cost threshold exceeded
  • decision.created - New decision tracked

Webhook Payload

{
  "event": "policy.violation",
  "timestamp": "2024-01-20T15:30:00Z",
  "data": {
    "decision_id": "dec_abc123",
    "policy_id": "pol_xyz789",
    "severity": "high",
    "violation_details": {
      "rule": "cost_limit",
      "threshold": 0.01,
      "actual": 0.023
    }
  }
}

Configure webhooks in your notification settings.

Need Help?

Our team is here to help you integrate AI Control Tower into your stack.

Contact SupportView Examples