EU AI Act high-risk obligationsapply 2 Dec 2027/Are you using the time?Check readiness →
DEVELOPER DOCUMENTATION

Get started with Complira.

Complira wraps your existing AI API calls and logs every interaction to a tamper-proof, append-only audit trail. Integration takes under an hour and requires no changes to your AI workflow.

§ 02QUICKSTART

Three steps to your first logged AI interaction.

01

Generate an API key

Sign in to your Complira dashboard at www.complira.io, navigate to API Keys, and generate a new key. Copy it — it won't be shown again.

02

Install the SDK

Add the Complira SDK to your project using npm or pip. See the SDK section below for both languages.

03

Wrap your AI client

Replace your existing AI client initialisation with a wrapped version. Every call is now automatically logged.

Non-blocking by design. All logging happens asynchronously in the background. If Complira's logging service is unavailable, your AI calls continue uninterrupted. Compliance never impacts performance.
§ 03HOW IT WORKS

The SDK captures and hashes.

The Complira SDK transparently intercepts every call made through your wrapped AI client. For each call it captures the full prompt, response, model metadata, latency, token count, and a SHA-256 hash of the content. This is logged asynchronously to your organisation's append-only audit trail in Complira's Frankfurt infrastructure.

The audit trail cannot be edited or deleted — not by your team, not by Complira. Every log entry includes a cryptographic hash that proves the content has not been altered since it was recorded.

§ 04SDK

Wrap your AI client. That's it.

Pick your language. Both SDKs follow the same patterns — Installation, OpenAI, Anthropic, and manual logging.

Installation

npm install @complira/sdk

OpenAI

import OpenAI from 'openai'
import { wrapOpenAI } from '@complira/sdk'

const openai = wrapOpenAI(
  new OpenAI({ apiKey: process.env.OPENAI_API_KEY }),
  {
    apiKey: process.env.COMPLIRA_API_KEY,
    appName: 'your-app-name',
    userId: 'user-123', // optional
  }
)

// Use exactly as before — every call is now logged
const response = await openai.chat.completions.create({
  model: 'gpt-4o',
  messages: [{ role: 'user', content: 'Hello' }]
})

Anthropic

import Anthropic from '@anthropic-ai/sdk'
import { wrapAnthropic } from '@complira/sdk'

const anthropic = wrapAnthropic(
  new Anthropic({ apiKey: process.env.ANTHROPIC_API_KEY }),
  {
    apiKey: process.env.COMPLIRA_API_KEY,
    appName: 'your-app-name',
  }
)

const response = await anthropic.messages.create({
  model: 'claude-sonnet-4-6',
  max_tokens: 1024,
  messages: [{ role: 'user', content: 'Hello' }]
})

Manual logging

If you need to log interactions from a provider not covered by a wrapper, use the low-level log() method directly.

import { CompliraClient } from '@complira/sdk'

const client = new CompliraClient({
  apiKey: process.env.COMPLIRA_API_KEY,
  appName: 'your-app-name'
})

await client.log({
  input: 'What is the risk rating for this loan?',
  output: 'Based on the provided data, the risk rating is...',
  model: 'gpt-4o',
  modelVersion: 'gpt-4o-2024-11-20',
  latencyMs: 450,
  tokenCount: 320,
  userId: 'analyst-42'
})
§ 05SDK CONFIGURATION

All SDK wrappers accept the same options.

Parameter
Type
Required
Description
apiKey
string
Required
Your Complira API key. Generate one in the dashboard under API Keys.
appName
string
Optional
Name of the application making AI calls. Used to group logs in the dashboard.
userId
string
Optional
Identifier for the end user making the request. Useful for per-user audit trails.
baseUrl
string
Optional
Override the Complira API endpoint. Defaults to https://www.complira.io.
onLogError
function
Optional
Callback invoked when a background log fails. Receives (error, payload). By default, log errors are silently swallowed.

Runtime methods

Both SDKs expose methods to update configuration after initialisation.

// Update the user ID for subsequent logs
client.setUserId("user-456")

// Set an error handler for failed log attempts
client.setOnLogError((err, payload) => {
  console.error("Complira log failed:", err)
})
§ 06API REFERENCE

One endpoint. POST /api/v1/log.

The SDK logs to a single endpoint. You can also call this directly if you prefer to build your own integration.

POST /api/v1/log

Logs a single AI interaction to your organisation's audit trail.

POST https://www.complira.io/api/v1/log
Content-Type: application/json
x-api-key: ck_live_your_api_key
Keep your API key secret. Never expose it in client-side code or commit it to version control. Use environment variables.

Log fields

The request body accepts the following fields.

Field
Type
Required
Description
input
string
Required
The prompt or input sent to the AI model.
output
string
Required
The response returned by the AI model.
model
string
Required
Model name, e.g. gpt-4o or claude-sonnet-4-6.
model_version
string
Optional
Specific model version, e.g. gpt-4o-2024-11-20.
app_name
string
Optional
Application identifier. Overrides the SDK-level appName for this call.
user_id
string
Optional
End user identifier. Overrides the SDK-level userId for this call.
latency_ms
number
Optional
Time in milliseconds the model took to respond.
token_count
number
Optional
Total tokens used in the request and response combined.
flagged
boolean
Optional
Whether to flag this entry for review. Defaults to false. Flagged entries appear in the dashboard's review queue.
timestamp
string
Optional
ISO-8601 timestamp of when the AI call was initiated. Auto-generated if omitted.
Tamper-proof hash. A SHA-256 hash is computed automatically by the server from the input, output, and model fields. It is returned in the response. You do not need to compute or supply it.

Response

{
  "ok": true,
  "log": {
    "id": "6307d21b-15a6-4214-8aad-42f1ad69fec8",
    "hash": "360fb8ff42fe751cb57ea53a56186770...",
    "created_at": "2026-03-21T16:01:44.36066+00:00"
  }
}
§ 07FAQ

Six questions developers actually ask.

Does Complira affect the performance of my AI calls?

No. All logging is fully asynchronous and non-blocking. The SDK fires the log request in a background thread after your AI call completes. Your application never waits for the log to succeed.

What happens if the Complira logging service is unavailable?

The SDK is designed to fail silently. If a log request fails, it does not throw an error or interrupt your application. Your AI workflow continues unaffected. We recommend monitoring your dashboard for any gaps in coverage.

Where is my data stored?

All audit log data is stored exclusively in Frankfurt, Germany (EU) on Supabase's eu-central-1 infrastructure. Data never leaves the European Economic Area.

Can multiple applications share one API key?

Technically yes, but we recommend generating a separate API key per application. This gives you cleaner separation in the dashboard and lets you revoke access per-application without affecting others.

How is the SHA-256 hash calculated?

The hash is computed server-side by running SHA-256 over the input, output, and model fields. Both the SDK and the API handle this automatically — you never need to compute or supply it yourself. The hash is returned in the API response for your records.

Can I test the integration before going live?

Yes. Generate a dedicated API key named “Test” in the dashboard, use it to send test calls, verify they appear in the dashboard, and then revoke the key when done. This keeps your test data separate from production logs.

Questions not covered here? Email us at info@complira.io — we typically respond within one business day.