Everything you need to know.

There are two paths to get started, depending on how much control you want:

Option 1: SDK integration (recommended) -- gives you granular policy control, custom metadata, and error handling.

npm install @reins/sdk

import { Reins } from '@reins/sdk';

const reins = new Reins({ apiKey: 'rns_...' });
const result = await reins.govern(openai.chat.completions.create({
  model: 'gpt-4',
  messages: [{ role: 'user', content: 'Hello' }]
}));

Option 2: Proxy mode -- zero code changes. Just change your base URL:

// Before
const openai = new OpenAI({ baseURL: 'https://api.openai.com/v1' });

// After
const openai = new OpenAI({ baseURL: 'https://proxy.reins.dev/v1' });

We recommend SDK integration for production workloads because it gives you finer-grained policy enforcement, agent-level metadata, and graceful handling of blocked calls.

Reins supports all major AI providers out of the box:

If your provider speaks HTTP and returns token usage data, Reins can govern it. For custom providers, use our generic HTTP adapter.

About 20 minutes end-to-end. Here's the breakdown:

1. 5 minutes -- Create your account and generate an API key from the dashboard.
2. 10 minutes -- Install the SDK in your agent (npm install @reins/sdk or pip install reins-sdk) and wrap your AI calls.
3. 5 minutes -- Create your first budget policy: set a dollar limit, pick which agents it applies to, and activate it.

Once your first governed call executes, you'll see it appear in the audit log in real time. Check our Quick Start guide for a step-by-step walkthrough.

It depends on which integration path you choose:

SDK mode (minimal changes, more control): You wrap your existing AI calls with the Reins client. This takes 3 lines of code and gives you full policy control, custom metadata tagging, and graceful handling of blocked calls.

Proxy mode (zero code changes): You change a single URL -- your AI provider's base URL points to Reins instead. Reins forwards the request after policy evaluation. No SDK, no code changes, no dependency.

We recommend SDK mode for production workloads where you need granular agent-level policies. Proxy mode is great for getting started quickly or governing agents you can't modify.

Every new account gets a 3-day free trial with full feature access. No credit card required.

During the trial you get access to unlimited agents, all policy types, full audit logging, webhook integrations, and the complete dashboard.

When the trial ends, your account automatically downgrades to the Free tier -- 2 agents and 100 transactions per day. No data is deleted. Upgrade anytime to restore full access.

Reins uses per-agent pricing with monthly or annual billing. Annual plans save 20%.

• Free -- 2 agents, 100 transactions/day. No credit card required.
• Pro -- $49/month, up to 25 agents. Unlimited transactions, priority support.
• Enterprise -- Custom pricing, unlimited agents. Dedicated support, custom SLA, SSO.

All tiers include unlimited policy rules, full audit logs, and webhook integrations. See the Pricing page for full details.

An agent is any distinct process that makes AI API calls through Reins. Each unique agent ID you register counts as one agent.

Some examples:

• The same codebase deployed to 3 servers = 3 agents (each has a unique agent ID).
• A single server running 2 different AI workflows = 2 agents if they use different agent IDs, or 1 agent if they share one.
• A staging environment agent using a test API key does not count toward your production limit.

You can see your active agent count anytime in the dashboard.

Yes. Plan changes are flexible:

• Upgrades take effect immediately. You're charged a prorated amount for the remainder of the current billing cycle.
• Downgrades take effect at the start of the next billing cycle. You keep full access until then.

No cancellation penalties, no hidden fees. You can change plans from Settings > Billing in the dashboard at any time.

No. Blocked calls are intercepted before they reach the AI provider. The call never executes, so you're never charged for it -- neither by Reins nor by your AI provider.

This is one of the core value propositions: Reins saves you money by preventing calls that would exceed your policies from ever being made.

Here's the timeline:

1. 3 days before expiry -- You receive an email reminder with upgrade options.
2. Trial ends -- If no plan is selected, your account automatically downgrades to the Free tier (2 agents, 100 transactions/day).
3. No data loss -- All your policies, audit logs, and configurations are preserved. Only the agent and transaction limits change.

You can upgrade at any time to restore full access. Your data stays intact regardless of your plan status.

Yes. Reins integrates natively with LangChain in Python. Wrap your LangChain LLM with the Reins client:

from reins import ReinsClient
from langchain_openai import ChatOpenAI

reins = ReinsClient(api_key="rns_...")
llm = ChatOpenAI(model="gpt-4")

# Wrap the LLM with Reins governance
governed_llm = reins.wrap(llm, agent_id="my-langchain-agent")
response = governed_llm.invoke("Summarize this report...")

Every call through the governed LLM is evaluated against your policies before execution. If a call would exceed a budget, it's blocked and a ReinsBlockedError is raised.

Yes -- and we recommend it. Reins and observability tools like Helicone and Langfuse solve different problems and complement each other:

• Reins = governance (pre-execution). "Should this call happen?" Budget enforcement, policy evaluation, spend controls.
• Helicone / Langfuse = observability (post-execution). "What happened?" Logging, tracing, prompt management, analytics.

Reins sits upstream in your call chain. It evaluates policies and decides whether a call proceeds. If it proceeds, Helicone/Langfuse observe and log it on the way out. There's no conflict or overlap.

Install from PyPI and initialize with your API key:

pip install reins-sdk

from reins import ReinsClient

reins = ReinsClient(api_key="rns_...")

# Pre-flight check: will this call be allowed?
check = reins.check(agent_id="my-agent", vendor="openai",
                     estimated_cost=0.03)

if check.allowed:
    response = openai.chat.completions.create(...)
    reins.record(check.transaction_id, actual_cost=response.usage.total_cost)
else:
    print(f"Blocked: {check.reason}")  # e.g., "Daily budget exceeded"

The SDK handles retries, caching, and graceful degradation. If Reins is unreachable, calls default to allow (fail-open) unless you configure fail-closed mode.

Yes. Reins has a full REST API for programmatic access. Key endpoints:

• POST /api/v1/check -- Pre-flight policy evaluation. Pass agent ID, vendor, and estimated cost; get back allow/block decision.
• GET /api/v1/transactions -- Query your audit log with filters (date range, agent, vendor, status).
• POST /api/v1/policies -- Create and manage governance rules programmatically.
• GET /api/v1/agents -- List registered agents and their current spend status.

All endpoints require an API key in the Authorization header. Explore the API interactively at /playground.

Yes. Reins supports real-time alerts through multiple channels:

• Webhooks -- Send JSON payloads to Slack, Discord, Microsoft Teams, or any HTTP endpoint.
• Email -- Built-in email alerts to any address. No webhook setup required.

You can configure alerts at two levels:

• Per-policy -- Get notified every time a specific policy blocks a call.
• Per-threshold -- Get notified when spending reaches 75%, 90%, or 100% of a budget limit.

Alerts fire in real time. Configure them from Settings > Notifications in the dashboard, or via the REST API.

Yes. Reins is SOC 2 Type II certified. We undergo annual audits conducted by an independent third-party auditor.

Our SOC 2 report covers the Trust Services Criteria for Security, Availability, and Confidentiality. Enterprise customers can request a copy of the full report by contacting reins@polsia.app.

By default, all data is stored in AWS us-east-1 (US East, N. Virginia).

For Enterprise tier customers, EU hosting is available (AWS eu-west-1, Ireland) to meet data residency requirements.

All data is encrypted:

• At rest -- AES-256 encryption.
• In transit -- TLS 1.3 for all connections.

Reins never stores your AI provider API keys. We only process transaction metadata (cost, model, token count) -- not the content of your prompts or responses.

Yes. Audit logs can be exported through two methods:

• Dashboard -- Click "Export" on the Audit Log page. Supports CSV format with date range, agent, and policy filters.
• REST API -- Use GET /api/v1/transactions?format=csv for programmatic export. Same filter support, plus pagination for large datasets.

Exports include transaction ID, timestamp, agent, vendor, model, cost, policy evaluation result, and any custom metadata you've attached to your governed calls.

Reins uses multiple authentication methods depending on the context:

• Dashboard access -- JWT tokens issued on login, with configurable session duration.
• API access -- API keys that are hashed before storage (never stored in plaintext). Each key is scoped to an organization.
• RBAC -- Role-based access control with four roles: Owner, Admin, Member, and Viewer. Each role has different permissions for managing policies, agents, and team members.
• SSO -- SAML-based Single Sign-On available on the Enterprise tier. Supports Okta, Azure AD, OneLogin, and any SAML 2.0 provider.

Default retention periods:

• Free & Pro tiers -- 12 months of full transaction data.
• Enterprise tier -- Configurable retention, up to unlimited.

After the retention period expires, transaction metadata (cost, model, agent, timestamp) is retained indefinitely for aggregate reporting. Request/response payloads (if captured) are purged.

You can request early data deletion at any time by contacting support.

Run through this checklist:

• API key is correct and active. Check that your key starts with rns_ and hasn't been revoked in Settings > API Keys.
• SDK version is >= 2.0. Older SDK versions use a deprecated auth flow. Run npm list @reins/sdk or pip show reins-sdk to check.
• Agent ID matches a registered agent. The agent ID you pass in govern() must match one registered in your dashboard.
• Policy is active, not draft or paused. Go to Policies in the dashboard and check the status column.
• Check the audit log for "bypass" entries. If calls appear as "bypassed," it usually means the policy scope doesn't match the agent's vendor or model.

If none of these resolve it, contact support at reins@polsia.app with your agent ID and we'll investigate.

Policy evaluation order matters. Policies are evaluated top-to-bottom in the order they appear in your dashboard. An earlier "allow" rule may be matching before your "block" rule gets a chance to evaluate.

To fix this:

1. Go to Policies in the dashboard.
2. Check the priority column. Lower numbers evaluate first.
3. Drag your block rules above any broad allow rules, or adjust their priority numbers.
4. Use the Policy Simulator at /simulator to test your policy stack with different scenarios without affecting production.

There are two types of 429 errors, and they mean very different things:

Rate limit 429 -- You're making too many API calls per second. Reins allows up to 1,000 requests/second per organization. The error body will contain "reason": "rate_limit". Solution: add client-side rate limiting or contact us for a higher limit.

Budget limit 429 -- Your spending limit has been reached. This is Reins doing its job -- it's blocking calls that would exceed your budget policy. The error body will contain "reason": "budget_exceeded" along with details about which policy triggered the block.

Always check the reason field in the error response body to distinguish between the two.

Follow these steps:

1. Go to Audit Log in the dashboard.
2. Filter by your policy ID and look for entries with "evaluated": false.
3. Check the most common causes:
   • Scope mismatch -- The policy targets "openai" but the agent is calling "anthropic."
   • Threshold too high -- Your block threshold is $100/day but the agent is only spending $5/day.
   • Time window -- The policy uses a rolling 24-hour window and hasn't accumulated enough spend yet.
   • Agent filter -- The policy is scoped to specific agent IDs that don't include this agent.
4. Use the Policy Simulator at /simulator for dry-run testing. Feed in sample transactions and see exactly how your policy stack evaluates them.

Yes. Use demo mode to evaluate policies without enforcing them:

// Set in your agent's environment
REINS_MODE=demo

// Or pass it in the SDK
const reins = new Reins({
  apiKey: 'rns_...',
  mode: 'demo'  // log + evaluate, never block
});

In demo mode:

• All calls are logged in the audit trail.
• All policies are evaluated (you'll see what would have been blocked).
• No calls are actually blocked. Everything passes through.

This is the recommended approach for validating your policy configuration before going live.

Yes. Enterprise tier includes a custom Service Level Agreement with:

• Guaranteed uptime -- 99.95% or higher, depending on your requirements.
• Dedicated support channel -- Private Slack/Teams channel or email alias with guaranteed response times.
• Named account manager -- A single point of contact who knows your stack and your policies.

SLA terms are negotiated as part of the Enterprise contract. Contact sales to discuss your requirements.

On-prem deployment is on our 2026 roadmap for Enterprise customers. We're actively working on a containerized version that can run in your VPC.

In the meantime, Reins is available as a managed cloud service with data residency options:

• US -- AWS us-east-1 (default for all plans).
• EU -- AWS eu-west-1 (available for Enterprise tier).

If on-prem is a hard requirement, reach out to sales and we'll discuss timelines and early access.

Yes. We provide Data Processing Agreements at two levels:

• Standard DPA -- Available for all paid plans (Pro and Enterprise). Covers GDPR, CCPA, and standard data processing terms. Request it by emailing reins@polsia.app or via the contact form.
• Custom DPA -- Available for Enterprise tier. Custom terms, additional clauses, and negotiation with your legal team.

We typically turn around standard DPA requests within 2 business days.

Yes. SAML-based Single Sign-On is available on the Enterprise tier.

Supported identity providers:

• Okta
• Azure Active Directory
• OneLogin
• Any SAML 2.0 compliant provider

SCIM provisioning (automatic user provisioning/deprovisioning from your IdP) is on our roadmap and expected in Q3 2026.

To enable SSO, contact sales with your IdP details and we'll configure it within 1 business day.

We offer a comprehensive security package for Enterprise customers:

1. Request the package -- Email reins@polsia.app with "Security Review Request" in the subject. Include your company name and point of contact.
2. What's included -- SOC 2 Type II report, penetration test executive summary, infrastructure architecture overview, and data flow diagrams.
3. Full pen test results -- Available under NDA. We'll send our standard NDA for signature, then share the complete report.
4. Customer-initiated pen tests -- Supported on Enterprise tier with 30 days advance notice. We'll coordinate a testing window and provide a staging environment.

Turnaround: We typically deliver the security package within 3 business days of request.