Documentation v1.5

Getting Started

Observyze is a production-grade LLM observability platform. It monitors your AI applications in real-time, enforcing safety guardrails, capturing fine-grained prompt latency, tracking tokens, and managing circuit breakers.

Fast Track: Zero-Code Proxy Integration

Recommended

The fastest way to get complete real-time tracing is through our Proxy Gateway. No custom libraries or wrappers required—just point your SDK’s baseURL to our gateway, and capture tokens, cost, latency, and payloads immediately.

Try Proxy Gateway

3-Step Foolproof Quickstart

Follow these three steps to begin tracing your LLM requests instantly.

Retrieve Your Observyze API Key

10 Seconds

Log into the Observyze Console, navigate to Settings → API Keys, and generate a key. Every key has the prefix ob_ to ensure security identification.

Your API Key:ob_5f8b9e1c2a3d4e5f6g7h8i9j...

Save Your Upstream Provider Keys

30 Seconds

Because our Proxy Gateway handles request redirection and circuit breakers, you must add your LLM provider keys (e.g. OpenAI Key, Anthropic Key) in the Observyze Dashboard under Settings → Provider Keys.

Highest Standard Security: Your keys are immediately encrypted at rest using AES-256 and only loaded in memory to sign proxy requests. They are never logged or stored in plain-text databases.

Update Your Client’s BaseURL & Start Tracing

60 Seconds

Replace your SDK base URL (e.g. OpenAI's API URL) with the Observyze proxy. Set your authorization token to be your Observyze API Key. That’s it!

Example OpenAI client update:

baseURL: "https://api.observyze.com/api/v1/proxy/openai/v1"

apiKey: process.env.OBSERVYZE_API_KEY

AI Agent Integration

AI Agent Prompts

Are you using an AI assistant or editor (such as Cursor Composer, Windsurf, GitHub Copilot, ChatGPT, or Claude) to build your project? Copy these optimized prompts, paste them into your chat, and let the AI automatically inspect, refactor, and integrate Observyze for you.

Use this prompt in codebase-aware tools (like Cursor's Ctrl+I composer or Windsurf). It instructs the agent to search your files for OpenAI or Anthropic SDK usage and automatically apply proxy redirection:

You are an expert software engineer. I want to integrate Observyze (LLM observability and tracing) into my codebase. Please perform the following integration steps: 1. Scan the entire codebase to locate any OpenAI or Anthropic client initializations (e.g., standard SDK setups like `new OpenAI(...)` in JS/TS or `OpenAI(...)` in Python). 2. We want to use the **Zero-Code Proxy Gateway** approach. Update all LLM client initializations to point to the Observyze proxy: - For **OpenAI**: Set `baseURL` (or `base_url`) to `"https://api.observyze.com/api/v1/proxy/openai/v1"` - For **Anthropic**: Set `baseURL` (or `base_url`) to `"https://api.observyze.com/api/v1/proxy/anthropic"` 3. Replace the client's original raw API key with the Observyze API key, which must be loaded from `process.env.OBSERVYZE_API_KEY` (in Node/TS) or `os.environ.get("OBSERVYZE_API_KEY")` (in Python). 4. Add `OBSERVYZE_API_KEY` to the `.env.example` file so it is documented. 5. Do not modify any other model parameters, options, or stream configurations. 6. Verify your implementation is clean and compile-safe.

Authentication

All requests to the Observyze Proxy Gateway or API endpoints require authentication using a project-specific API key. The key identifies which sandbox or production workspace receives the trace data.

Security Notice

API keys must always be stored securely on the server-side. Never expose your keys in front-end code, client-side requests (such as browser-based fetch), or public Git repositories.

API Key Format

Observyze uses a single, unified API key starting with the ob_ prefix to authenticate all requests, whether you are in development, testing, or production.

Key Format StructureUnified API Key

Format Patternob_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Key Prefixob_ (first 3 chars)

Use this single key across your local environments, pipelines, and production servers. Projects, limits, and scopes are managed automatically from your Observyze Console under settings.

Loading Your Keys Safely

Add your Observyze API key to an environment variable file (like .env or .env.local):

OBSERVYZE_API_KEY=ob_5f8b9e1c2a3d4e5f6g7h8i9j

How to safely access and construct authentication headers in common stacks:

TypeScript / Node.js

// Access safely via process.env
const apiKey = process.env.OBSERVYZE_API_KEY;

if (!apiKey) {
  throw new Error("Missing OBSERVYZE_API_KEY environment variable!");
}

Python

# Access safely via standard os library
import os

api_key = os.environ.get("OBSERVYZE_API_KEY")
if not api_key:
    raise ValueError("Missing OBSERVYZE_API_KEY environment variable!")

Making Authenticated HTTP Requests

Pass your key in the HTTP Authorization header prefixed by Bearer.

cURL API Authorization Header

curl -X GET "https://api.observyze.com/api/v1/traces" \
  -H "Authorization: Bearer ob_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json"

API Reference

Detailed references for all standard REST API endpoints. You can query traces, invoke circuit breakers, update settings, retrieve cost limits, and fetch alert rules directly.

GET/api/v1/traces

List all traces with filtering and pagination

GET/api/v1/traces/:id

Get a single trace with all spans

DELETE/api/v1/traces/:id

Soft delete a trace with audit log

POST/api/v1/traces/:id/evaluate

Trigger hallucination evaluation for a trace

POST/api/v1/traces/:id/replay

Re-run a trace with modified inputs

POST/api/v1/ingest

Ingest traces from external systems

POST/api/v1/ingest/batch

Batch ingest multiple traces

GET/api/v1/alerts/rules

List all alert rules

POST/api/v1/alerts/rules

Create a new alert rule

GET/api/v1/optimization/circuit-breaker

Get circuit breaker configuration

POST/api/v1/optimization/circuit-breaker

Update circuit breaker configuration

POST/api/v1/bug-bounty/trigger

Manually trigger a bug bounty report for a specific trace

GET/api/v1/bug-bounty/history

Get history of all triggered bug bounty reports

POST/api/v1/bug-bounty/auto-detect

Scan for traces that meet auto-trigger failure criteria

GET/api/v1/analytics/cost/breakdown

Get cost breakdown by model, project, or date range

GET/api/v1/analytics/cost/forecast

Get AI-powered cost forecast for the current period

GET/api/v1/organizations/:orgId

Get organization details

GET/api/v1/audit-logs

List audit logs with filtering

SDKs & Libraries

Our Node/TypeScript and Python SDKs provide deeper tracing capabilities. They intercept requests locally, support advanced tracing of non-LLM steps (like databases, vector retrievals, or code calculations), and safely shard credentials in memory.

Installation

Install our official package using your preferred package manager:

npm install @observyze/sdk

Initialize Client

Configuration fields explained:

apiKey: Your Observyze API key starting with ob_...
organizationId: (Optional) Your target workspace organization ID
projectId: (Optional) A logical tag to group logs (e.g. frontend-ai-agent)
flushInterval: Latency delay in milliseconds before dispatching trace packages asynchronously
debug: Toggle console outputs for debugging local integrations

import { ObservyzeClient } from '@observyze/sdk';
 
const nw = new ObservyzeClient({
  apiKey: process.env.OBSERVYZE_API_KEY,  // Pull from environment variable safely
  organizationId: 'org_8j2k4m9p',        // Group traces by org scope
  projectId: 'customer-chat-agent',     // Distinct tags for search filters
  flushInterval: 5000,                  // Traces are grouped and sent every 5s asynchronously
  debug: true                           // Print warnings and debug streams to stdout
});

Instrument OpenAI

Use wrapOpenAI to seamlessly wrap your native OpenAI SDK instance. Behind the scenes, the SDK intercepts client completions calls, tracks metrics, and transparently routes the request to our secure Gateway Proxy without changing query formats.

import { ObservyzeClient, wrapOpenAI } from '@observyze/sdk';
import OpenAI from 'openai';

// 1. Initialize the Observyze client
const nw = new ObservyzeClient({ apiKey: process.env.OBSERVYZE_API_KEY });

// 2. Initialize standard OpenAI using normal configuration
const openai = new OpenAI({ apiKey: process.env.OPENAI_API_KEY });

// 3. Wrap client to activate automatic tracing and circuit breakers
const tracedOpenAI = wrapOpenAI(openai, nw);

// 4. Use the wrapped client EXACTLY as normal. Telemetry collects automatically!
const response = await tracedOpenAI.chat.completions.create({
  model: 'gpt-4o',
  messages: [{ role: 'user', content: 'What is the circuit breaker threshold?' }]
});

Instrument Anthropic

Wrap your official Anthropic client with wrapAnthropic to securely capture Claude tokens, pricing, latency, and payloads.

import { ObservyzeClient, wrapAnthropic } from '@observyze/sdk';
import { Anthropic } from '@anthropic-ai/sdk';

// 1. Setup client
const nw = new ObservyzeClient({ apiKey: process.env.OBSERVYZE_API_KEY });
const anthropic = new Anthropic({ apiKey: process.env.ANTHROPIC_API_KEY });

// 2. Wrap client
const tracedAnthropic = wrapAnthropic(anthropic, nw);

// 3. All completion requests will automatically stream metrics
const response = await tracedAnthropic.messages.create({
  model: 'claude-3-5-sonnet-20241022',
  max_tokens: 1024,
  messages: [{ role: 'user', content: 'Provide architectural feedback on credential sharding.' }]
});

Custom Tracing & Non-LLM Telemetry

If your AI features include agentic workflows, database lookups, tool executions, or prompt chain evaluations, wrap them in Custom Spans to visualize the complete request timeline inside your dashboard.

import { ObservyzeClient, SpanType } from '@observyze/sdk';

const nw = new ObservyzeClient({ apiKey: process.env.OBSERVYZE_API_KEY });

// 1. Begin a root Trace grouping the entire request chain
const trace = await nw.startTrace({
  name: 'agent-search-and-answer',
  metadata: { userId: 'user_4a9c8f1e' }
});

// 2. Add custom Span tracking vector database latency
const dbSpan = await nw.startSpan({
  name: 'pinecone-retrieval',
  type: SpanType.DB,
  input: { query: 'hybrid-cloud security guidelines', topK: 5 }
});

// Perform Pinecone / DB lookup logic here...

// Complete the Database span
await dbSpan.complete({
  output: { matches_count: 5, score_avg: 0.92 },
  metadata: { index: 'security-index-v2' }
});

// 3. Add custom Span tracking prompt evaluation
const llmSpan = await nw.startSpan({
  name: 'claude-response-generation',
  type: SpanType.LLM,
  input: { model: 'claude-3-5-sonnet', promptTokens: 140 }
});

// Perform Claude query...

// Complete the LLM span
await llmSpan.complete({
  output: { content: 'Answer text...' },
  metadata: { tokens: 198 }
});

// 4. Complete the master trace to save to the Observyze backend
await trace.complete({ status: 'success' });

Supported SDK Providers

SDK-level wrappers are available or in-development for these major models:

OpenAI

wrapOpenAI

Anthropic

wrapAnthropic

Google AI

wrapGemini

Cohere

wrapCohere

Mistral

wrapMistral (soon)

Groq

wrapGroq (soon)

Zero-Code Integration

Proxy Gateway

The Proxy Gateway lets you record LLM telemetry without installing our custom NPM/Python libraries. You simply adjust the LLM client configuration by setting its baseURL to Observyze’s edge endpoint. Everything else stays unchanged!

Supported Upstream Routing Endpoints

Route your requests through the appropriate Observyze gateway depending on your provider selection:

Provider	SDK Base URL Endpoint
OpenAI	https://api.observyze.com/api/v1/proxy/openai/v1
Anthropic	https://api.observyze.com/api/v1/proxy/anthropic
Google Gemini	https://api.observyze.com/api/v1/proxy/google/v1
OpenRouter	https://api.observyze.com/api/v1/proxy/openrouter/v1
Azure OpenAI	https://api.observyze.com/api/v1/proxy/azure/v1
Cohere	https://api.observyze.com/api/v1/proxy/cohere/v1
Mistral	https://api.observyze.com/api/v1/proxy/mistral/v1
Groq	https://api.observyze.com/api/v1/proxy/groq/v1

OpenAI Gateway Setup

Change your client initialization to set baseURL to the Observyze proxy. Set your authorization header using your **Observyze Key** (loaded from environment variable OBSERVYZE_KEY). Make sure you have added your OpenAI api key to the dashboard settings under provider keys!

TypeScript / Node.js

import OpenAI from 'openai';

const openai = new OpenAI({
  // Load Observyze API key
  apiKey: process.env.OBSERVYZE_KEY,
  // Point baseURL to proxy gateway
  baseURL: 'https://api.observyze.com/api/v1/proxy/openai/v1'
});

Python

from openai import OpenAI
import os

client = OpenAI(
  # Load Observyze API key
  api_key=os.environ["OBSERVYZE_KEY"],
  # Point base_url to proxy gateway
  base_url="https://api.observyze.com/api/v1/proxy/openai/v1"
)

Anthropic Gateway Setup

Change your Anthropic client's baseURL to load through the proxy gateway:

TypeScript / Node.js

import Anthropic from '@anthropic-ai/sdk';

const anthropic = new Anthropic({
  // Use your Observyze API Key
  apiKey: process.env.OBSERVYZE_KEY,
  // Change base endpoint to proxy gateway
  baseURL: 'https://api.observyze.com/api/v1/proxy/anthropic'
});

Google Gemini Setup

You can route Google Gemini requests either using direct HTTP post requests or the standard SDK using a custom fetch handler:

TypeScript SDK Custom Fetch

import { GoogleGenerativeAI } from '@google/generative-ai';

// Instantiate Gemini SDK, routing requests dynamically through the proxy gateway
const genAI = new GoogleGenerativeAI(process.env.OBSERVYZE_KEY);
const model = genAI.getGenerativeModel({
  model: 'gemini-pro',
  // Optional custom fetch routing for Gemini
});

Direct HTTP / cURL (Any Programming Language)

If you are using a programming language without official SDK support (such as Go, Rust, Ruby, or PHP), construct a raw POST request pointing to the gateway URL:

cURL Terminal Commands

# OpenAI POST request
curl -X POST "https://api.observyze.com/api/v1/proxy/openai/v1/chat/completions" \
  -H "Authorization: Bearer $OBSERVYZE_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "gpt-4o",
    "messages": [{"role": "user", "content": "Ping"}]
  }'

Python Requests Library

import requests

url = "https://api.observyze.com/api/v1/proxy/openai/v1/chat/completions"
headers = {
    "Authorization": f"Bearer {os.environ['OBSERVYZE_KEY']}",
    "Content-Type": "application/json"
}
payload = {
    "model": "gpt-4o",
    "messages": [{"role": "user", "content": "Ping"}]
}

response = requests.post(url, headers=headers, json=payload)

Architecture & Security

Understanding how telemetry and circuit breakers execute under the hood is critical for enterprise security audits. Here is a breakdown of our security posture.

1. Zero-Config URL Rewrite (Proxy Gateway)

The Proxy Gateway integration works by pointing your existing OpenAI or Anthropic SDK's baseURL (or base_url in Python) to Observyze. For example, instead of https://api.openai.com, you set it to https://api.observyze.com/api/v1/proxy/openai/v1. Your API key is replaced with your Observyze key (ob_...). The gateway intercepts every call, records it as a trace, then forwards the real request upstream — completely transparent to your application code.

2. Credential Sharding & Memory-Only Storage

To ensure provider safety, the SDK swaps headers securely:

The SDK saves your original provider API key (e.g. OpenAI key).
It overwrites the default Authorization header with your **Observyze Key** to authorize proxy entry.
It moves the provider key into a dedicated, secure metadata header: x-provider-key.

Zero Upstream Storage Policy:

The value in x-provider-key is only used in memory at our edge gateway for that single API request to sign and authorize upstream endpoints. The upstream key is immediately cleared from memory upon request completion and is **never** saved to database logs.

3. Strict Enterprise Compliance (Opt-Out)

If you have strict regulatory mandates (e.g. HIPAA, SOC2) that prevent sending your LLM payloads through any third-party intermediate gateway, you can disable the proxy redirect entirely while keeping telemetry tracking:

const nw = new ObservyzeClient({ 
  apiKey: process.env.OBSERVYZE_API_KEY,
  enableProxyRedirect: false // <-- Disables gateway routing completely!
});

Important Note: Bypassing the proxy gateway ensures that all text payloads travel directly from your server to OpenAI/Anthropic, but it **disables** real-time circuit breakers, fallbacks, and rate-limit guardrails.

Evaluation & Safety

Run hallucination and safety evaluations, trigger custom trace replays, configure active circuit breakers, and run auto-detection systems.

Hallucination Evaluation

Evaluate traces for accuracy and context alignment. It returns a score from 0.00 (fully accurate) to 1.00 (completely hallucinated).

Dashboard Steps: Settings → Organization → Enable "Hallucination Scoring" → Save → Traces → Select Trace → Inspector → Click "Run Hallucination Check"

# Trigger check via REST API
curl -X POST "https://api.observyze.com/api/v1/traces/tr_abc123/evaluate" \
  -H "Authorization: Bearer ob_xxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json"

# Example Evaluation Response
{
  "success": true,
  "score": 0.08,
  "details": {
    "reasoning": "The response perfectly aligns with Pinecone context retrieval facts.",
    "evaluated_by": "mistralai/mistral-7b-instruct:free"
  }
}

Trace Replay

Re-run past traces with modified inputs. Perfect for testing new prompt versions, comparing output formatting, or evaluating model performance on historical test cases.

# Trigger replay via webhook execution
curl -X POST "https://api.observyze.com/api/v1/traces/tr_abc123/replay" \
  -H "Authorization: Bearer ob_xxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "webhook_url": "https://your-app.com/api/observyze-replay",
    "modified_spans": [
      {
        "span_id": "span_9k2v",
        "input": { "messages": [{"role": "user", "content": "Optimized prompt query text"}] }
      }
    ]
  }'

Circuit Breaker Configuration

If model outputs trigger safety violations, hallucinate excessively, or generate critical failures consecutively, the Circuit Breaker trips to halt routing, protecting your application budget and UX.

Dashboard Steps: Settings → Organization → Enable "Circuit Breaker" → Set Thresholds → Click "Save Changes"

# Update config via REST API
curl -X POST "https://api.observyze.com/api/v1/optimization/circuit-breaker" \
  -H "Authorization: Bearer ob_xxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "enabled": true,
    "thresholds": {
      "hallucination_score": 0.60,
      "safety_score": 0.50,
      "consecutive_failures": 3,
      "failure_window_minutes": 5
    },
    "action": "halt",
    "cooldown_seconds": 60
  }'

Webhook Ingestion

The Observyze Webhook Ingest system allows any external tool, no-code platform, or custom backend to push trace data into Observyze using a simple HTTP POST request. This is an inbound integration — your system sends data to Observyze, and it appears in your dashboard as a trace.

Ingest Endpoint

Send a POST request to https://api.observyze.com/api/v1/ingest with your Observyze API key in the Authorization header. The endpoint auto-detects the payload format — a single event, a full trace with spans, or a batch of events.

Simple Event

Send a single LLM call — name, input, output, model, tokens. Observyze wraps it in a trace automatically.

Full Trace (with spans)

Send a complete trace object with a spans array for multi-step pipelines (agent chains, tool calls, etc.).

Batch of Events

Send up to 100 events in a single request using an { events: [...] } wrapper.

Example 1 — Simple Event

The simplest integration: just POST a JSON object describing a single LLM call. Observyze will automatically assign a trace_id and store the event.

curl -X POST "https://api.observyze.com/api/v1/ingest" \
  -H "Authorization: Bearer ob_xxxxxxxxxxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Customer Support Reply",
    "input": { "messages": [{"role": "user", "content": "How do I reset my password?"}] },
    "output": { "content": "Go to Settings → Account → Reset Password." },
    "model": "gpt-4o",
    "status": "success",
    "duration_ms": 843,
    "tokens": { "input": 45, "output": 18, "total": 63 },
    "cost": 0.00031,
    "tags": ["support", "production"],
    "user_id": "user_abc123"
  }'

# Response:
{ "accepted": true, "trace_id": "nw_a4b8f2c1d3e5" }

Example 2 — Batch Ingestion

Use POST /api/v1/ingest/batch or wrap events in an { events: [...] } object to send up to 100 events per request. Ideal for flushing buffered logs at regular intervals.

curl -X POST "https://api.observyze.com/api/v1/ingest/batch" \
  -H "Authorization: Bearer ob_xxxxxxxxxxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "events": [
      {
        "name": "Product Q&A",
        "input": { "messages": [{"role": "user", "content": "What is your return policy?"}] },
        "output": { "content": "Returns are accepted within 30 days." },
        "model": "gpt-4o-mini",
        "status": "success",
        "duration_ms": 510,
        "tokens": { "input": 22, "output": 11, "total": 33 }
      },
      {
        "name": "Sentiment Analysis",
        "input": { "text": "The product is great but shipping was slow." },
        "output": { "sentiment": "mixed", "score": 0.6 },
        "model": "claude-3-haiku",
        "status": "success",
        "duration_ms": 280
      }
    ]
  }'

# Response:
{ "accepted": true, "count": 2, "trace_ids": ["nw_x1y2z3...", "nw_a4b5c6..."] }

Simple Event — Field Reference

Field	Type	Required	Description
name	string	Yes	A human-readable label for this trace (e.g. "Customer Q&A").
input	any	Yes	The input sent to the model — typically a messages array or a prompt string.
output	any	Yes	The model's response. Can be a string, object, or any JSON value.
model	string	No	The model name used (e.g. gpt-4o, claude-3-haiku). Used for cost estimates.
status	enum	No	success \| error \| timeout \| running. Defaults to success.
duration_ms	number	No	How long the LLM call took in milliseconds.
tokens	object	No	{ input, output, total } — token counts for cost tracking.
cost	number	No	Total cost of the call in USD (e.g. 0.00031). Auto-estimated if omitted.
tags	string[]	No	Labels for filtering in the dashboard (e.g. ["production", "support"]).
user_id	string	No	Your app's user ID — used for per-user analytics.
session_id	string	No	Groups multiple traces into a single conversation session.
metadata	object	No	Any additional key-value pairs you want to store with the trace.

Error Handling

Observyze uses standard REST API error status codes. If a circuit breaker blocks a request, or credentials are invalid, we return explicit status details.

HTTP Status	Error Name	Description / Solution
400	Bad Request	Invalid request format or missing required fields
401	Unauthorized	Invalid or missing API key
403	Forbidden	Insufficient permissions for this action
404	Not Found	Resource does not exist
429	Too Many Requests	Rate limit exceeded
500	Internal Error	Server error - contact support
503	Service Unavailable	System under maintenance

Programmatic Exception Catching

When using our SDK wrappers or calling the proxy, catch exceptions to safely handle circuit breaker blockades:

try {
  const response = await tracedOpenAI.chat.completions.create({
    model: 'gpt-4o',
    messages: [{ role: 'user', content: 'Execute query' }]
  });
} catch (error: any) {
  if (error.status === 429) {
    console.warn("Observyze Circuit Breaker is active! Serving fallback response.");
    // Fallback static prompt response logic here...
  } else {
    console.error("Standard SDK error caught:", error.message);
  }
}

Guides & Tutorials

Step-by-step developer tutorials for setting up intermediate and advanced configurations in Observyze.

Setting Up Your First Project

Create your organization scope, initialize project channels, and connect provider credentials.

Configuring Alert Rules

Set up strict cost, latency, and tokens thresholds with custom Slack notifications.

Managing Team Members

Invite engineers, configure fine-grained role scopes, and audit access logs.

Understanding Cost Analytics

Drill down into per-token models, calculate monthly spend, and audit team billing.

Implementing Circuit Breakers

Create fallback paths and trigger immediate halts for malfunctioning models.

Prompt Hub & Versioning

Establish a central prompt registry, run testing variants, and review history.

Setting Up SSO

Deploy enterprise-grade SAML or OIDC single sign-on parameters securely.