Integrations

One integration. Evidence for every AI decision.

The same single certificate API underpins everything. How you connect scales with your size and maturity, submit a decision, receive a signed, tamper-evident certificate, and export regulator-ready records on demand.

Request accessBecome a partner

The art of the possible, which path fits you

Four ways in, one signed-certificate output. Start where you are today and move along the path as you grow, nothing about the evidence changes, only how it is captured.

Smaller teams & SaaS

REST API, directly

The fastest way in. A single certificate endpoint, submit each AI decision and receive a signed certificate in return. No SDK, no infrastructure.

  • One endpoint to integrate
  • Signed certificate per decision
  • Live in days, not quarters
Most teams

Typed client / wrapper

A thin typed client around the same API, a better developer experience with built-in retries and schema-correctness, plus an optional in-process redaction mode.

  • Retries & schema validation built in
  • Captures agent loops, batch scoring and human-in-the-loop
  • Optional in-process PII redaction before egress
Large enterprise

Network-path Collector

A single lightweight binary on the network path captures AI decisions automatically, with no application code changes. It tees a copy of each call, so the request path is never blocked and no latency is added.

  • Zero application code changes
  • Non-blocking, adds no latency to live traffic
  • Surfaces AI services running without compliance’s knowledge
Already running a gateway / mesh

Kong or Istio

If you already operate an API gateway or service mesh, the same capture logic is delivered through Kong or Istio, no new component to run.

  • Reuses your existing gateway / mesh
  • Same signed-certificate output
  • Delivered on request

What gets captured

  • Internal and external LLM API calls, synchronous or streaming
  • Agent loops, batch scoring and human-in-the-loop decisions (via the client)
  • Gateway and aggregator traffic (e.g. OpenRouter) covered by a single rule

These are decisions made by your own AI services, API-mediated and in-process state, captured at the moment they happen.

What’s out of scope

  • Direct human chat use in a browser, that is a DLP / CASB job, not ours. We are honest about the boundary.

PII never has to leave your network. Redaction can run server-side or in-process, so we only ever receive redacted, hashed traces, supporting per-client data sovereignty.

You decide where the data lives

Three deployment topologies. Clients and their regulators choose where data is held and how long it is retained.

Cloud

Our fully managed platform, the quickest route to a regulator-ready audit trail, with nothing for your team to operate.

Private Cloud

Deployed inside your own cloud tenant, so traces never leave your boundary. You decide where data lives and how long it is retained.

On-premises / air-gapped

For the most sensitive environments, runs entirely within your network, with no external connectivity required.

Institutional-grade, multi-region by design

Aegis Trace is built to deploy across major hyperscalers and many global regions, with data residency by region. Every record is signed and tamper-evident, and exports map directly to the obligations regulators ask about, FCA, EU AI Act (Article 12) and MiFID II, so the evidence is ready the moment it is requested.

Start with one endpoint. Grow into the rest.

Tell us how your AI systems are deployed and we’ll recommend the right path for your firm.

Request accessTalk to us about partnering