IndigiArmorIndigiArmorDocs

IndigiArmor API

The IndigiArmor API provides real-time detection of PII, FERPA-protected education records, indigenous cultural knowledge extraction, re-identification risks, and prompt injection attacks in AI/LLM workflows.

Base URL

https://indigiarmor.com

Quick Start

Every request to the API (except health check) requires an API key passed in the Authorization header. You can create API keys from your dashboard.

cURL
curl -X POST https://indigiarmor.com/v1/scan \
  -H "Authorization: Bearer ia_sk_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{"prompt": "Tell me about the Sun Dance ceremony"}'
JavaScript (SDK)
import { IndigiArmor } from 'indigiarmor';

const armor = new IndigiArmor('ia_sk_your_key_here');

const result = await armor.scan('Tell me about the Sun Dance ceremony');
console.log(result.tier);    // "yellow" or "red"
console.log(result.action);  // "flag" or "block"
console.log(result.signals); // detected risk signals

Using React? Install indigiarmor-react for pre-built alert dialogs and UI widgets. See the React Components guide.

Core Concepts

Green Tier — Allow

No sensitive content detected. Safe to pass through.

Yellow Tier — Review

Potential sensitive content found. A confirmation token is provided for human-in-the-loop approval. Use the sanitized prompt or confirm the token to proceed.

Red Tier — Block

High-risk content detected (prompt injection, sacred knowledge, severe PII exposure). The request should be blocked.

Detection Domains

DomainDescription
piiPersonal identifiable information (email, SSN, phone, address, DOB)
educationFERPA-protected education records (grades, IEP, transcripts)
culturalIndigenous cultural knowledge (ceremonies, sacred sites, traditional practices)
reidentificationSmall-community re-identification risks (unique combinations of traits)
injectionPrompt injection attacks (jailbreaks, role manipulation, encoded payloads)

Rate Limits

Each API key has a configurable rate limit (default: 60 requests/minute). When exceeded, the API returns 429 with Retry-After header. Rate limit headers are included in every response:

X-RateLimit-Limit: 60
X-RateLimit-Remaining: 42
Retry-After: 8  (only when rate limited)