FiGuard

Policy enforcement for AI agents.
Built like financial infrastructure.

Pre-flight authorization for any agent action that touches money, tokens, or bounded resources — before anything moves.

Self-hostable Framework-agnostic Open source Apache 2.0

Or try instantly: sandbox.figuard.io · no signup, no Docker

sandbox.figuard.io/ui

FiGuard spend tree — authorization decisions visualized as a causal chain

Spend tree — every authorization decision, every agent, every level of delegation.

Works with LangChain · CrewAI · OpenAI Agents SDK · Anthropic SDK · LangGraph · TypeScript / Node.js · Claude Code (MCP)

The problem

Agents don't ask permission. They decide, execute, move on — then your logs tell you what happened.

That's not a guardrail. That's a receipt.

Without FiGuard

# Agent decides to act — nothing checks first

result = vendor_api.create_order(
    amount=1890.00,
    vendor="acme-supplies",
    category="office_supplies",
)

# Executed.
# No budget check. No category enforcement.
# No audit record. Fleet has no idea.

With FiGuard

auth = client.authorize(
    session_token=budget.session_token,
    agent_id="procurement_agent",
    action_type="PURCHASE",
    description="Acme office supplies order",
    requested_amount=1890.00,
    claimed_category="office_supplies",
    idempotency_key="order-2026-001",
)

if auth.is_authorized:
    result = vendor_api.create_order(
        amount=auth.approved_amount,
    )
    client.confirm_event(
        auth.event_id,
        confirmed_amount=1890.00,
    )

# DENIED — ALLOCATION_EXHAUSTED
# office_supplies: $800 / $800 consumed
#
# Nothing moved.
# Logged in ledger.
# Agent receives reason code.
# Fleet sees the updated balance.

Works the same for payments, LLM tokens, API quotas, GPU hours, or any bounded resource.

Every agent decision. Authorized, logged, and explainable.

Three agents share one budget. Every request is checked before anything executes — approved, denied, and logged in real time. Simulation

Agent A

agent-a

st_7kq…

Agent B

agent-b

st_7kq…

Agent C

agent-c

st_7kq…

Budget

#b2a4c7ef

$2,500

total limit

spent $847

reserved $156

Allocations

Travel$320 / $800

Software$480 / $1,000

Office$47 / $700

entity_dedup anomaly

Ledger

agent-b

AUTH $847

agent-a

AUTH $312

agent-c

DENY $950

ALLOC_EXHAUSTED

agent-b

AUTH $156

agent-a

DENY $1,800

TX_LIMIT

Try the real enforcement engine: sandbox.figuard.io →

Get started

$pip install figuard

from figuard import FiGuardClient

client = FiGuardClient(
    api_key="sb_live_demo",
    base_url="https://sandbox.figuard.io",  # no Docker needed
)

budget = client.create_budget(
    user_id="agent_001",
    total_limit=500.00,
    expires_in="24h",
    authorization_expiry_seconds=300,
    intent_context="travel booking session",
)

auth = client.authorize(
    session_token=budget.session_token,
    agent_id="travel_agent",
    action_type="PURCHASE",
    description="JetBlue SFO→JFK",
    requested_amount=267.00,
    idempotency_key="booking-001",
)

print(auth.decision)        # AUTHORIZED
print(auth.approved_amount) # 267.0

$npm install figuard

import { FiGuardClient } from 'figuard';

const client = new FiGuardClient({
  apiKey: 'sb_live_demo',
  baseUrl: 'https://sandbox.figuard.io',
});

const budget = await client.createBudget({
  userId: 'agent_001',
  totalLimit: 500.00,
  expiresIn: '24h',
  authorizationExpirySeconds: 300,
  intentContext: 'travel booking session',
});

const auth = await client.authorize({
  sessionToken: budget.sessionToken,
  agentId: 'travel_agent',
  actionType: 'PURCHASE',
  description: 'JetBlue SFO→JFK',
  requestedAmount: 267.00,
  idempotencyKey: 'booking-001',
});

console.log(auth.decision);       // AUTHORIZED
console.log(auth.approvedAmount); // 267.0

$pip install figuard[langchain]

from langchain_openai import ChatOpenAI
from figuard.integrations.langchain import FiGuardCallbackHandler
from figuard import FiGuardClient

client = FiGuardClient(
    api_key="sb_live_demo",
    base_url="https://sandbox.figuard.io",
)

budget = client.create_budget(
    user_id="agent_001",
    total_limit=500.00,
    expires_in="24h",
    intent_context="travel booking session",
)

handler = FiGuardCallbackHandler(
    client=client,
    session_token=budget.session_token,
    agent_id="langchain_agent",
)

llm = ChatOpenAI(callbacks=[handler])
# Every tool call is now pre-flight authorized

$pip install figuard[crewai]

from figuard.integrations.crewai import FiGuardCrewGuard
from figuard import FiGuardClient

client = FiGuardClient(
    api_key="sb_live_demo",
    base_url="https://sandbox.figuard.io",
)

budget = client.create_budget(
    user_id="agent_001",
    total_limit=500.00,
    expires_in="24h",
    intent_context="research task",
)

guard = FiGuardCrewGuard(
    client=client,
    session_token=budget.session_token,
)

crew = Crew(agents=[...], tasks=[...])
guard.wrap(crew)
result = crew.kickoff()

Want to go deeper? Enforcement cookbook → Example projects → Full README →