Guide

Agents

An agent represents an LLM endpoint registered with Orithos. Agents are the target of all security scans.

Registering an agent

Register an agent by providing its endpoint URL and optional API key. No instrumentation, sidecars, or code changes required.

Create an agent via API

curl -X POST https://api.orithos.dev/v1/agents   -H "Authorization: Bearer {api_key}"   -H "Content-Type: application/json"   -d '{
  "name": "my-gpt-agent",
  "endpoint_url": "https://api.openai.com/v1/chat/completions",
  "api_key": "sk-...",
  "model": "gpt-4o",
  "provider_name": "openai",
  "endpoint_type": "openai-compatible"
}'

Endpoint types

OpenAI-compatible

Standard chat completions format with messages array. Supports OpenAI, Azure, Together, Groq, and any OpenAI-compatible API.

Anthropic

Claude API format with content blocks. Supports Claude Sonnet, Opus, and Haiku models.

Generic

Custom endpoints accepting raw probe payloads with org_id and probe fields.

API key encryption

Agent API keys are encrypted at rest using Fernet symmetric encryption before being stored in the database. The encryption key is derived from the server's secret key. Keys are never logged or exposed in API responses.

Endpoint verification

Before creating a scan, Orithos verifies the agent endpoint is reachable and returns valid JSON. This prevents scans against unreachable or misconfigured endpoints.

Provider presets

Orithos ships with provider presets for OpenAI, Anthropic, Google, Groq, Together, Mistral, and more. Each preset includes the default endpoint URL, supported models, and endpoint type.

curl https://api.orithos.dev/v1/agents/providers   -H "Authorization: Bearer {api_key}"