Skip to main content
You’ve observed guardrail evaluations in Monitor mode. Now you need to actually stop a production deploy or secret read before it happens. Enforce mode applies guardrail decisions — blocks halt execution, and approval requirements pause until a human resolves them in the dashboard. When you finish this page, blocked actions will throw before your callback runs, and approval-required actions will wait for dashboard resolution.

Switch to Enforce mode

const apie = new Apie({
  agent: { key: "my-agent", name: "My Agent" },
  mode: "enforce",
  guardFailureMode: "fail_closed",
});

Guard decisions in Enforce mode

DecisionEnforce behavior
allowProceed
warnProceed, log warning
blockThrow — callback never runs
require_approvalEmit approval event, wait for dashboard resolution, then proceed or throw

What you’ll see

Blocked actions appear as failed tool calls in the run timeline with the matched guardrail and block reason. Approval-required actions show a pending approval in the dashboard. In session replay, runtime intelligence can summarize the blocked or approval-required action and link the story card back to the related guardrail decision or approval request. Use that summary for review, but treat the guardrail decision itself as the authoritative runtime outcome.

Guard failure modes

When the guard API itself fails (network error, timeout), guardFailureMode controls behavior:
ModeBehavior
fail_open (default)Allow the action — log a warning
fail_closedTreat as blocked
throwThrow an error immediately
For production enforcement, use fail_closed:
guardFailureMode: "fail_closed"

Complete enforcement example

const apie = await Apie.create({
  agent: { key: "release-gate", name: "Release Gate" },
  mode: "enforce",
  guardFailureMode: "fail_closed",
  runtime: { environment: "production" },
});

await apie.withRun({ inputSummary: "Production deploy attempt" }, async (run) => {
  try {
    await apie.withTool(
      {
        runId: run.id,
        tool: { name: "deploy.release", provider: "cicd", riskLevel: "high" },
        action: { type: "execute", name: "deploy.release" },
        resource: { type: "deployment_event", environment: "production" },
      },
      async () => deploy(),
    );
  } catch (error) {
    // Guard blocked the deploy — handle gracefully
    console.error("Deploy blocked by guardrail:", error);
  }
});

MCP proxy Enforce mode

Set mode: "enforce" in apie.mcp.json to enforce guardrails on MCP tool calls without changing agent code. Blocked calls return JSON-RPC error -32001. See MCP enforcement recipe.

Prerequisites for Enforce mode

Before enabling Enforce mode in production:
  1. Declare capabilities for all expected tools
  2. Enable guardrail templates
  3. Provide explicit action, resource, and riskLevel metadata — don’t rely on inference alone
  4. Configure human approval timeouts

Next steps

Human approval

Pause execution for dashboard approval.

Runtime intelligence walkthrough

See the user-facing story for a production release session.

Monitor mode

Observe before you enforce.