Operating Modes
Same anonymization engine, three deployment shapes. Pick based on how much control you want over outbound payloads and where the proxy lives.
Mode 1 — Transparent Proxy
One endpoint change. We handle everything.
You point your OpenAI SDK at https://gate.stellarbase.ai/v1. From your app’s perspective, nothing else changes — it looks like OpenAI, Anthropic, or Google. Behind the scenes: StellarGate anonymizes the prompt, forwards to the provider, resolves tokens on the response, returns. Everything in one round-trip.
Flow
- Your app sends a chat completion request to StellarGate
- StellarGate scans the prompt, replaces sensitive entities with reversible tokens
- Sanitized prompt forwarded to the LLM provider (OpenAI, Anthropic, etc.)
- LLM responds with tokens in place of real data
- StellarGate substitutes tokens with original values
- Final response returned to your app
When to pick Mode 1
- You want a drop-in replacement for your existing LLM client
- You don’t need to inspect the sanitized prompt before it’s sent
- You’re fine with us running the proxy in our EU cloud
- You want the simplest possible integration — literally one URL change
Pricing
€0.10 / 1M tokens on the anonymization engine + LLM provider cost passed through at their public rate (no markup from us).
Mode 2 — Tokenized Handoff
We anonymize. You call the LLM. We de-anonymize.
Same anonymization engine, but split into two API calls with your app in the middle. You get full visibility into every outbound payload — useful when compliance requires you to log or inspect exactly what’s sent to external LLMs.
Flow
- Phase 1 (anonymize): your app sends the prompt to StellarGate. StellarGate returns the sanitized prompt + a
map_id. - Phase 2 (call LLM): your app sends the sanitized prompt to the LLM provider directly. Log it, inspect it, transform it — you’re in control.
- Phase 3 (de-anonymize): your app sends the LLM’s response + the
map_idback to StellarGate. StellarGate returns the response with tokens resolved.
When to pick Mode 2
- Your compliance team requires you to log every outbound payload
- You want to transform or filter the sanitized prompt before sending
- You use LLM providers we don’t have a direct integration with
- You want to A/B test different providers on the same anonymized input
Pricing
€0.10 / 1M tokens on the anonymization engine. You pay your LLM provider directly for the completion.
Mode 3 — Self-Hosted
Same as Mode 1, but in your own infrastructure.
Deploy StellarGate as Docker / Helm inside your own network. The proxy runs where your data already lives. No internet egress required for the anonymization itself; the LLM provider call goes out to the public internet from your egress (or from a locally-hosted LLM, for full air-gap).
When to pick Mode 3
- Regulated workloads where even the proxy can’t run on external cloud
- Strict data locality — data cannot cross a network boundary, ever
- Air-gapped deployments (paired with an internally-hosted LLM)
- Very high volumes where per-token billing becomes impractical
Pricing
Annual licence, volume-tiered. Unlimited requests. Contact sales for a quote.
Mode comparison
| Property | Mode 1 | Mode 2 | Mode 3 |
|---|---|---|---|
| API calls per interaction | 1 | 3 | 1 |
| Where StellarGate runs | Our EU cloud | Our EU cloud | Your infrastructure |
| Outbound payload visibility | Metadata only | Full | Full (inside your DC) |
| LLM cost | Passed through at cost | You pay provider directly | Your choice / self-hosted LLM |
| Integration effort | One URL change | SDK, 3 calls | Deployment + SDK |
| Pricing | Per-token | Per-token | Annual licence |
Can I switch modes later?
Yes. Dictionaries, rule sets, HITL policies, and audit logs are all portable across modes. A typical progression: start with Mode 1 for the pilot → move to Mode 2 when compliance wants outbound visibility → graduate to Mode 3 when workloads grow or regulations tighten.
Related
- What We Detect — the entities anonymized in every mode
- Integration — code patterns for each mode
- Air-gapped Deployment — Mode 3 in practice