Enforcement
Block runaway spend before it happens with pre-call enforcement rules.
The enforcement layer runs before each API call inside the SDK wrapper. If a rule fires, the call is blocked and an error is returned to your code — the provider is never reached and you are never billed.
Configure rules at token.audit.id/app/enforcement.
Available rules
Token ceiling
Blocks calls where the input prompt exceeds a token limit. Prevents accidental context inflation from bloated prompts.
client = JournaledAnthropic(
api_key="sk-ant-…",
session_id="my-session",
enforcement_config={"token_ceiling": 8000}
)
Session budget
Caps total spend per session ID. When the session crosses the threshold, further calls are blocked until a new session is started.
enforcement_config={"max_session_usd": 2.00}
Dedup guard
Hashes the prompt and blocks exact duplicate calls within a configurable TTL window. Catches retry storms and agent loops that re-submit identical requests.
enforcement_config={"dedup_ttl_seconds": 60}
Loop breaker
Counts tool calls within a session. Blocks the call if the number of tool calls exceeds the configured ceiling. Stops runaway agent loops.
enforcement_config={"max_tool_calls": 50}
Model router
Downgrades expensive model calls to a cheaper alternative when the configured cost threshold would be exceeded.
enforcement_config={"model_downgrade": {"threshold_usd": 0.01, "fallback": "claude-haiku-4-5-20251001"}}
Remote config
Rules can also be set and updated from the dashboard without redeploying. The wrapper fetches remote config on startup and caches it for the session.