Skip to main content
SecuAIProduction
SecuAI API

OpenAI-compatible, sovereign, Loi 25-ready

Drop-in replacement: just change the base_url. Compatible with OpenAI SDK, LangChain, LlamaIndex, Haystack.

# Chat completion via API OpenAI-compatible avec anonymisation activée
curl -X POST https://api.secuaas.com/v1/secuai/chat/completions \
  -H "Authorization: Bearer $SECUAI_API_KEY" \
  -H "X-Anonymize: true" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "secuai-qwen3-35b-a3b",
    "messages": [
      {"role":"system","content":"Tu es un assistant juridique québécois."},
      {"role":"user","content":"Analyse cette clause : ..."}
    ],
    "temperature": 0.2
  }'
bash

Authentication

Long-lived bearer tokens + short-lived JWT. OpenAI SDK compatible: `Authorization: Bearer sk-secuai-...`.

PII anonymization

Automatic detection before inference, reversible HSM tokenization, strict/permissive modes, Quebec French support.

HMAC-signed webhooks

`X-Secuai-Signature` header (SHA-256). Events: completion.done, anonymize.flagged, quota.exceeded.

OpenAPI 3.1

Full schema, automatic client generation, compatible with OpenAI v1+ for zero-code migration.

Tokenization with rotatable keys

Sensitive values are replaced with opaque tokens. Reversibility remains exclusively available to the OVH Beauharnois HSM key owners — never to SecuAAS.

reverse-opt-in.sh
// Reverse opt-in : déchiffrer le mapping d'anonymisation
// Disponible uniquement avec dual-control admin (2-of-4 eyes)
curl -X POST https://api.secuaas.com/v1/secuai/anonymization/reverse \
  -H "Authorization: Bearer $SECUAI_ADMIN_TOKEN" \
  -H "X-Approval-Token: $TWO_EYES_APPROVAL" \
  -d '{ "request_id": "req_01HX..." }'

Endpoints principaux

  • POST /v1/chat/completionsOpenAI-compatible: Qwen3 35B-A3B (sovereign) and Mistral Small 24B. SSE streaming, function calling, tools.
  • POST /v1/embeddingsMultilingual embeddings 1024d/1536d/3072d. Compatible with OpenAI text-embedding-3-large as a drop-in.
  • POST /v1/completionsClassic completions for non-chat models. Token streaming, logprobs available.
  • POST /v1/anonymization/scanMultilingual PII detection, Canadian SIN/HCN, European IBAN/national IDs. Strict/permissive modes.
  • POST /v1/anonymization/reverseReverse tokenization: replace anonymized tokens with original values. Full audit.
  • GET /v1/usagePer-tenant token, request and cost consumption. Filter by date, model, endpoint.