Enforcement
Block runaway spend before it happens with pre-call enforcement rules.
The enforcement layer runs before each API call inside the SDK wrapper. If a rule fires, the call is blocked and an error is returned to your code — the provider is never reached and you are never billed.
Configure rules at token.audit.id/app/enforcement.
Available rules
Token ceiling
Blocks calls where the input prompt exceeds a token limit. Prevents accidental context inflation from bloated prompts.
client = JournaledAnthropic(
api_key="sk-ant-…",
session_id="my-session",
enforcement_config={"token_ceiling": 8000}
)
Session budget
Caps total spend per session ID. When the session crosses the threshold, further calls are blocked until a new session is started.
enforcement_config={"max_session_usd": 2.00}
Dedup guard
Hashes the prompt and blocks exact duplicate calls within a configurable TTL window. Catches retry storms and agent loops that re-submit identical requests.
enforcement_config={"dedup_ttl_seconds": 60}
Loop breaker
Counts tool calls within a session. Blocks the call if the number of tool calls exceeds the configured ceiling. Stops runaway agent loops.
enforcement_config={"max_tool_calls": 50}
Model router
Downgrades expensive model calls to a cheaper alternative when the configured cost threshold would be exceeded.
enforcement_config={"model_downgrade": {"threshold_usd": 0.01, "fallback": "claude-haiku-4-5-20251001"}}
Remote config
Rules can also be set and updated from the dashboard without redeploying. The wrapper fetches remote config on startup and caches it for the session.
Policy controls
Beyond per-call rules, you can set org-wide policies that flag any event that violates them — model allowlists, banned prompt patterns, prod-key-in-dev checks, and approval thresholds for costly calls. Policies are evaluated at ingest and surface as violations on the dashboard and alerts feed.
| Policy type | What it flags |
|---|---|
approved_models |
Calls to a model not in your sanctioned allowlist |
banned_patterns |
Prompts matching regex patterns — injection attempts, secrets, banned phrasing |
key_environment_check |
Production API keys used outside their permitted environment |
approval_required_threshold_cents |
Single calls whose cost exceeds a review threshold |
See the Policies API for the config shape of each type and full upsert examples. Configure in the dashboard at token.audit.id/app/policies.