Skip to main content

Overview

The Limits SDK (@limits/js) provides a type-safe interface to the Limits Policy API. Your application triggers evaluation via the SDK; the SDK sends requests to the Limits API and returns allow, block, or escalate decisions. SDK flow: trigger events (check, evaluate, guard, escalations) and Limits SDK ↔ Limits API You can:
  • Check conditions — evaluate policies with structured input (e.g. amount, currency).
  • Evaluate instructions — validate prompt + LLM response (e.g. in middleware).
  • Run guardrails — check text (e.g. safety, PII) before sending to the user.
  • List, approve, and decline escalations.
Integrate with LangChain. You can use the SDK inside LangChain custom middleware to run guardrails, instructions, and conditions on your agent. See LangChain integration.
Authentication uses an API key (Bearer token). Full TypeScript types (e.g. PolicyEvaluationResult, Escalation, EscalationResponse) are exported from @limits/js. The SDK uses native fetch (Node.js 18+).

Requirements

RequirementVersion
Node.js>= 18.0.0 (for native fetch)
TypeScript>= 5.0 (optional, for types)

Installation

Install the Limits SDK using your preferred package manager: 
npm install @limits/js

Configuration

Constructor: new Limits(config)

Create a single client instance and reuse it for all calls.
ParameterTypeRequiredDescription
config.apiKeystringYesAPI key. Must start with sk_.
Throws: InvalidAPIKeyError if the key is missing or doesn’t start with sk_. 
import { Limits } from '@limits/js';

const limits = new Limits({
  apiKey: process.env.LIMITS_API_KEY!,
});

Authentication

  • Header: Authorization: Bearer <apiKey>
  • API keys must start with sk_ and be valid in your Limits account.

Get Your API Key

Get an API key from the Limits dashboard: Dashboard → API keys. Add it to your environment variables. 
export LIMITS_API_KEY="sk_your_api_key_here"
Never commit your API key to version control. Use environment variables or a secrets manager.

Quick Example

After creating the client, you typically call check, evaluate, or guard with a policy identifier and your input. The result tells you whether the action is allowed, blocked, or needs review (escalation). 
import { Limits } from '@limits/js';

const limits = new Limits({
  apiKey: process.env.LIMITS_API_KEY!,
});

const decision = await limits.check('amount-minimum-usd', { amount: 500, currency: 'USD' });
if (decision.isBlocked) console.error(decision.data.reason);
else if (decision.isEscalated) console.warn('Needs review:', decision.data.reason);
else console.log('Allowed');

Next Steps

Policies

Use check(), evaluate(), and guard() for conditions, instructions, and guardrails.

LangChain

Use Limits with LangChain agents via custom middleware.

API Keys

Generate API keys in the platform.