Main Configuration (AgentMonitorConfig
)
This object is passed to the AgentMonitor
constructor and controls the core behavior of the SDK, such as authentication, batching, and logging.
Your Agent Governance API key. This is used to authenticate with the platform. It’s highly recommended to load this from an environment variable (
process.env.AGENT_GOVERNANCE_API_KEY
).Your organization’s unique identifier in the Agent Governance platform. This should also be loaded from an environment variable.
The API endpoint for the Agent Governance platform. Only change this if you have a dedicated or on-premise instance.
The environment your application is running in. This helps you filter and analyze data in the dashboard.
The number of events to collect in memory before sending them to the API. A larger size is more efficient for high-volume applications but uses more memory and has higher data loss risk on crash. Range: 1–1000.
The maximum time in milliseconds the SDK will wait before sending a batch of events, even if
batchSize
has not been reached. Minimum: 100.Set to true to activate the real-time, offline Compliance Engine to scan agent responses for violations.
Set to true to enable detailed logging from the SDK to your console. It’s recommended to set this to false in production.
The minimum log level to output when
enableLogging
is true. Use 'debug'
for verbose troubleshooting.The number of times the SDK will retry sending a batch of events if the network request fails. Range: 0–10.
The base delay in milliseconds between retry attempts. The SDK uses exponential backoff.
Agent Registration (AgentInfo
)
This object is passed to the monitor.registerAgent()
method to define the profile and settings for each of your AI agents.
A unique identifier for the agent within your organization (e.g.,
personal-banking-assistant-v2
).A human-readable name for the agent that will be displayed on the dashboard.
The type of agent. Can be
'persona'
, 'tool_calling'
, 'workflow'
, or 'autonomous'
.The agent’s area of expertise within banking, such as
'personal_banking'
or 'fraud_detection'
. This helps with specialized analytics.The version of your agent (e.g.,
'1.2.0'
). This is crucial for tracking performance and compliance across different agent versions.The name of the LLM provider (e.g.,
'anthropic'
, 'openai'
).The specific model the agent is using (e.g.,
'claude-3-5-sonnet-20241022'
).A brief description of the agent’s purpose and capabilities.
An object to configure which categories of compliance checks are active for this specific agent.
Configuration Examples by Environment
It’s a best practice to use different configurations for your various environments.Security Best Practices
Never hardcode your
apiKey
or organizationId
in your source code.
Always use environment variables (e.g., process.env
) or a dedicated secret management service (like AWS Secrets Manager, HashiCorp Vault, or Doppler) to handle sensitive credentials. This prevents accidental exposure in version control systems.