Identity & Security
PII pre-flight
A check that scans a prompt for personal or sensitive data before it reaches the model provider, and blocks or redacts it if found. "Fail-closed" means a fault stops the call rather than letting it through — the safe default when a check can't complete.
Example
A prompt contains a customer's full name, email, and card number. A fail-closed PII pre-flight catches all three before the call leaves your perimeter — if the scan itself errors out, the call is dropped, not waved through. The auditor's question "can PII reach your providers?" now has a control behind it, not a hope.
This is a Tokenality concept. See how it works in the product overview or the live playground.
Related terms
AI gateway
A single point that all AI traffic passes through on its way to the providers — the place where keys are resolved, budgets are checked, calls are logged, and policies are enforced. It's the choke point that makes control possible, because everything flows through it.
Append-only audit
A record that can be added to but never edited or deleted, so the history of what happened is tamper-evident. It's the difference between a log an insider can quietly rewrite and one an auditor will accept as evidence.
Spend control plane
The layer that governs AI spend across an organization: it issues virtual keys, enforces budgets before calls, attributes every dollar, and produces the audit record. "Observability" tells you what you spent; a control plane decides whether you spend it — the enforcement happens before the call, not after. (This is Tokenality's category.)