Skip to main content
The Developers section is the low-level reference for teams that operate the TrustGate Runtime directly — configuring the gateway, writing rules, extending plugins, wiring observability, and hitting the Actions API. If you’re designing policies, security capabilities, or enforcement in the platform UI, the Runtime by TrustGate docs are the right starting point. The pages linked below go one layer deeper, into the runtime primitives those platform features are built on.

Where to start

Getting Started

Install TrustGate, run your first gateway, and follow tutorials for load balancing, rate limiting, masking, and TrustLens metrics.

Core Concepts

Gateways, upstreams, services, rules, plugins, and consumer groups — the primitives that every platform feature compiles down to.

Traffic Management

Rule & forwarding objects, load-balancing strategies, bot detection, and anomaly detection at the gateway layer.

Actions API

Programmatic policy execution, observability events, and examples for integrating TrustGate actions into your stack.

Security & content reference

Content Security

Jailbreak, toxicity, moderation, and language validator plugin configuration — the detections behind platform security features.

Data masking

Entity catalog, masking rules, custom patterns, and end-to-end examples for PII, secrets, and confidential data.

Application Security

Injection protection, code sanitation, CORS, and IP whitelisting at the transport layer.

Agent Security

Tool permission, tool guard, and tool selection plugins for MCP and agent workloads.

Operate & extend

Rate Limiting & Request Control

Fingerprint, IP, user, token, and global rate limits plus request size limiting.

Observability & Monitoring

Prometheus metrics, exporters, and Kafka connectors for runtime telemetry.

Deployment

Reference architectures and Docker / Kubernetes installation for the TrustGate Runtime.

API Reference

REST endpoints for gateways, API keys, upstreams, services, rules, and actions.