Features How it works SDK Contact Get started
Star on GitHub

Ziri Hold your agents tight.

An open-source LLM gateway that enforces policies, rate limits, and spend caps on every request—without changing your code.

View on GitHub Getting Started →
Your Apps
Frontend
Backend API
AI Agent
Ziri Gateway
Authenticate
Rate limit
Evaluate policy
Track cost
LLM Providers
OpenAI
Anthropic
+ more
View on GitHub Getting Started →

Your team is spending thousands on LLM APIs. But who's using what?

When developers use LLM APIs directly, anyone with a key can use any model, costs spiral unpredictably, there's no audit trail, and you can't enforce rules. Ziri fixes this by acting as a smart gateway every request must pass through.

Why Ziri exists

LLM usage inside teams is chaotic by default—shared API keys, no policy layer, no cost controls, and no audit trail.

Ziri was built to be the missing control plane: a lightweight, self-hosted gateway that teams can run themselves and extend in the open.

Ziri is

  • A self-hosted LLM API gateway
  • Multi-model proxy
  • Policy + cost enforcement layer
  • Designed for apps and agents

Ziri is not

  • An AI model
  • A prompt management tool
  • A hosted SaaS — not yet
  • A replacement for OpenAI/Anthropic

Everything you need to govern LLM usage

Centralized control over every LLM API request, without changing how your applications are built.

Policy-based access control

Cedar policies give you declarative control over every LLM request.

permit(principal, action == Action::"chat", resource == Model::"gpt-4o") when { context.hour >= 9 && context.hour <= 17 };

API key management

Per-user keys with automatic rotation. No more shared provider keys.

Per-user rate limiting

Sliding window throttling per user. Stop runaway scripts.

Cost tracking

Per-user and per-team spend summaries with configurable caps.

Audit logs

Full record of every authorization decision.

Web-based Admin UI

Manage keys, policies, and usage from a browser. Bundled with the gateway.

Role-based access

Admin, Viewer, User Admin, Policy Admin. Right-sized access for every role.

Extensible by design

Fork it, extend it, make it yours.

Cedar policy engine

Plain text files, version-controlled, git-friendly.

Local SQLite storage

Zero dependencies—everything stored in a single file.

Admin UI ships with the binary

No separate install, no extra infrastructure.

SDKs are thin wrappers over HTTP

Easy to read, easy to contribute to.

How it works

Every LLM request flows through five stages. Your apps don't change — they just point to Ziri instead of OpenAI or Anthropic directly.

Validate Key
Identify the user
Rate Limit
Check request quota
Policy Check
Evaluate Cedar rules
Forward
Send to provider
Track & Log
Record cost & decision

Deploy in minutes with Docker

Ziri ships as a single Docker image. Run it anywhere — your cloud, your datacenter, your laptop. The Admin UI is bundled, no separate setup required.

  • Single Docker image, self-hosted and fully under your control
  • Admin UI bundled — manage everything from a browser
  • OpenAI-compatible API — just change the base URL
View documentation →
$ docker run -p 8080:8080 zstrike/ziri
Gateway listening on :8080
Admin UI ready at :8080/admin
3 Cedar policies loaded
Incoming request from user-alice
Model: gpt-4o
API key validated
Rate limit: 47/100 remaining
Policy: PERMIT
Cost tracked: $0.03
→ Forwarded to OpenAI (124ms)
// Only allow GPT-4 during business hours
permit(
principal,
action == Action::"chat",
resource == Model::"gpt-4o"
) when {
context.hour >= 9 &&
context.hour <= 17
};
// Cap daily spend per user
forbid(
principal,
action,
resource
) when {
principal.dailySpend > 50.00
};

Declarative Cedar policies

Define access rules in Cedar — the same policy language used by AWS. Readable, testable, and version-controlled alongside your code.

  • Restrict models by user, team, or time of day
  • Set per-user daily and monthly spend caps
  • Block specific actions while allowing others
  • Version control policies alongside your code
Policy reference →

First-class SDK for Node.js

The @ziri/sdk npm package gives you programmatic control over keys, policies, usage, and more.

  • Manage API keys programmatically
  • Query usage and cost data
  • CRUD operations on Cedar policies
  • Full TypeScript support
SDK documentation →
import { UserSDK } from '@ziri/sdk';
const sdk = new UserSDK({
apiKey: 'sk-zs-your-api-key-here',
proxyUrl: 'http://localhost:3100'
});
// Call chat completions through Ziri
const response = await sdk.chatCompletions({
provider: 'openai',
model: 'gpt-4o-mini',
messages: [
{ role: 'user', content: 'Hello, Ziri!' }
]
});
console.log(response.choices[0].message.content);

Ready to take control of your LLM spend?

Deploy Ziri in minutes and start governing your team's LLM API usage. Open source, self-hosted, and free to get started.