How do AI agents interact with the Strac API?

AI agents interact with the Strac API using Truto's `/tools` endpoint, which automatically generates structured tool schemas for Strac's resources. The LLM invokes these tools, and Truto executes the underlying authenticated REST API calls, returning standardized JSON.

Does Truto handle rate limits for the Strac API automatically?

No. Truto passes HTTP 429 rate limit errors directly to the caller. However, Truto normalizes upstream rate limit information into standard IETF headers (ratelimit-limit, ratelimit-remaining, ratelimit-reset). Your agent orchestration logic is responsible for executing retries and backoffs.

Can AI agents use Strac's outbound proxy?

Yes. Truto exposes the `create_a_strac_proxy` tool, which allows the AI agent to format a payload with vaulted tokens and forward the request through Strac to a third-party service without exposing the raw sensitive data.

Which agent frameworks can I use to connect to Strac?

Because Truto provides standard JSON tool schemas via its API, you can bind Strac tools to any major framework, including LangChain, LangGraph, CrewAI, and the Vercel AI SDK.

Connect Strac to AI Agents: Automate Data Redaction and Proxying

You want to connect Strac to an AI agent so your system can autonomously redact PII from documents, secure data workflows, and proxy sensitive API requests using vaulted tokens. Here is exactly how to do it using Truto's /tools endpoint and SDK, bypassing the engineering headache of maintaining custom API wrappers.

If your team uses ChatGPT, check out our guide on connecting Strac to ChatGPT, or if you are building on Anthropic's models, read our guide on connecting Strac to Claude. For developers building custom autonomous workflows, you need a programmatic way to fetch these tools and bind them to your agent framework.

Giving a Large Language Model (LLM) read and write access to a sensitive data vault and outbound proxy is a high-stakes engineering challenge. You either spend weeks building, securing, and maintaining custom REST connectors, or you use a managed infrastructure layer that handles the boilerplate for you. This guide breaks down exactly how to fetch AI-ready tools for Strac, bind them natively to an LLM using LangChain (or frameworks like LangGraph, CrewAI, and Vercel AI SDK), and execute complex data redaction workflows. For a deeper look at the architecture behind this approach, refer to our research on architecting AI agents and the SaaS integration bottleneck.

The Engineering Reality of Custom Strac Connectors

Building AI agents is easy. Connecting them to external security infrastructure is hard. When an agent needs to sanitize data before sending it to a third party, you cannot rely on naive API wrappers. If you decide to build a custom integration for Strac, you own the entire API lifecycle. For a broader look at this process, see our guide on how to implement PII redaction when passing SaaS data to LLMs via MCP.

Strac's core value is replacing sensitive data with tokens and managing proxies. This introduces several specific integration challenges that break standard LLM assumptions.

The Opaque Binary Stream Problem

Large Language Models speak JSON. They expect structured text arrays and predictable key-value pairs. Strac's document-handling APIs fundamentally reject this paradigm. When you call the Strac API to download a redacted document or retrieve an original file, the API does not return a base64-encoded string inside a JSON payload. It returns an opaque binary stream.

If you hand-code tools for an agent, you must build an intermediary translation layer that intercepts the binary stream, writes it to a secure temporary filesystem, and returns a local reference to the agent. If you simply map the raw endpoint to the agent, the LLM will hallucinate trying to parse raw binary buffers, crashing your process.

Two-Way Proxying and Nested Payloads

The most powerful feature of Strac is its outbound proxy. You can send an HTTP request to a third-party endpoint via Strac, substituting tokens for sensitive values (like SSNs or API keys).

To do this, the LLM must construct a highly specific payload containing the target URL, the HTTP method, the headers, and the body. Teaching an LLM to accurately format nested HTTP requests inside another JSON HTTP request is prompt-engineering hell. The model frequently confuses the destination headers with the proxy headers, resulting in routing failures. Furthermore, the response from the proxy is dynamic—it matches whatever the third-party API returned. Truto handles the schema normalization for proxy methods so your agent receives a predictable tool contract.

Server-to-Server IP Allowlisting Constraints

Certain Strac endpoints, specifically detokenization batches and tag-based searches, are strictly locked down to server-to-server connections and require IP allowlisting for live environments. If you build a localized agent framework or a serverless worker that rotates IPs dynamically, these calls will fail with a 403 Forbidden. Managing static egress IPs for your agent runtime adds significant DevOps overhead. A managed proxy infrastructure abstracts this network requirement away from your local agent logic.

Generating Strac Tools for Your Agent

Instead of writing custom API interfaces for Strac's vaulting and proxying engines, you can use Truto's /tools endpoint to automatically generate tool schemas that are optimized for LLM consumption. Every endpoint in the Strac API is mapped to a standard Resource and Method within Truto.

When your agent initializes, it fetches these definitions. Truto handles the underlying authentication, pagination logic, and base URL routing. Your agent simply sees a list of available functions.

sequenceDiagram
    participant Agent as AI Agent
    participant Truto
    participant Upstream as Strac API

    Agent->>Truto: GET /integrated-account/{id}/tools
    Truto-->>Agent: Returns JSON schemas for Strac Methods
    Agent->>Agent: LLM binds schemas as native tools
    Agent->>Truto: POST tool call (e.g., create_a_strac_redact)
    Truto->>Upstream: Authenticated API request to Strac
    Upstream-->>Truto: Raw API response
    Truto-->>Agent: Normalized JSON output

Hero Tools for Strac

Truto exposes the full surface area of the Strac API as agent tools. Here are the highest-leverage operations for building autonomous data security workflows.

Detect Sensitive Data in Documents

Tool Name: create_a_strac_detect

Before deciding to vault or redact data, an agent needs to know what it is looking at. This tool submits a text payload or document to the Strac engine and returns a structured list of sensitive-data findings. The exact fields detected (e.g., PCI, PHI, PII) dictate the agent's next autonomous action.

"Review this transcribed call log. Run it through the Strac detection engine and list all the sensitive data types found in the text."

Redact Inline Text

Tool Name: create_a_strac_redact

For real-time chat operations or logging, you cannot store raw PII in your database. This tool takes raw text content and returns the redacted string, replacing detected sensitive fields with tokenized Strac vault links or substitute masks.

"Take the customer's onboarding summary, run an inline redaction to remove their Social Security Number and address, and return the safe text for our internal logs."

Upload Document to Vault

Tool Name: create_a_strac_document

When handling sensitive files (like W-2s or passports), the file should never live on your application servers. This tool uploads a binary document directly to the Strac vault and returns a secure reference ID (documentId). Every call creates an immutable record.

"Upload the provided background check PDF to the secure vault. Give me back the document ID so I can reference it in the user's profile without exposing the file."

Tokenize Batch Data

Tool Name: create_a_strac_tokens_batch

When syncing large arrays of user data across systems, processing one token at a time results in massive latency and API throttling. This tool submits up to 200 sensitive data elements in a single request and returns reference token identifiers for each element.

"Take this list of 50 new employee routing numbers, tokenize them in a single batch, and map the returned tokens back to the employee IDs."

Proxy Third-Party Requests

Tool Name: create_a_strac_proxy

This is the linchpin for secure agentic integrations. Instead of the agent making an API call directly to an external service and exposing the raw tokens in the payload, the agent sends the HTTP request to Strac's outbound proxy. Strac detokenizes the values, forwards the request to the target URL, and relays the response back to the agent.

"Construct a POST request to the payroll API to create a new contractor. Use the Strac proxy, embedding the tokenized bank account details in the payload so the upstream API receives the raw data."

Detokenize Batch Data

Tool Name: create_a_strac_tokens_detokenize_batch

When an authorized internal process needs the original data (e.g., generating an end-of-year tax form), this tool detokenizes up to 10 Strac tokens back into their raw values. Note that this requires server-to-server connection privileges and strict IP allowlisting.

"I have a list of tokenized payment IDs. Run a batch detokenization process so I can verify the last four digits of each account before authorizing the final transfer."

For the complete tool inventory and detailed JSON schema definitions, visit the Strac integration page.

Workflows in Action

Exposing individual tools is only the first step. The true power of AI agents lies in their ability to autonomously chain these tools together to execute multi-step security workflows. Here is how agents handle complex tasks in production.

1. Automated Support Ticket PII Redaction

When a customer uploads an unredacted driver's license or bank statement to a standard support portal, the data must be sanitized before it hits the ticketing database.

"Check the latest attachment on Zendesk ticket #4912. If it contains PII, vault the document, replace the original attachment with the redacted reference ID, and notify the customer."

The agent calls a helpdesk tool to download the attachment.
The agent calls create_a_strac_detect to analyze the file for PII.
Upon finding a driver's license, the agent calls create_a_strac_document to upload the raw file to the secure vault.
The agent calls create_a_strac_redact to generate a safe version of the text/file.
The agent calls the helpdesk API to delete the original attachment and post the redacted reference ID.

What the user gets: A fully sanitized support ticket where sensitive data is safely locked in the Strac vault, ensuring support agents do not inadvertently violate compliance protocols.

2. Secure Third-Party API Proxying

AI agents often need to act as middle-men between a secure vault and an external vendor, such as submitting background checks without ever "seeing" the raw Social Security Number.

"Take the candidate's tokenized SSN from their profile, format the API payload for Checkr, and submit the background check through the Strac proxy."

The agent queries the internal HRIS to retrieve the candidate's tokenized SSN and basic profile data.
The agent formats a JSON HTTP request targeting the Checkr API.
The agent calls create_a_strac_proxy, passing the target URL and the formatted payload containing the token.
Strac intercepts the proxy call, detokenizes the SSN, forwards it to Checkr, and returns Checkr's success response to the agent.

What the user gets: A background check initiated successfully in a third-party system without the raw SSN ever touching the AI agent's memory context or your local infrastructure.

Building Multi-Step Workflows

To implement these workflows, you need an orchestration framework. Because Truto standardizes tool schemas, you can bind them directly to LangChain, LangGraph, or the Vercel AI SDK. If you are exploring the Model Context Protocol (MCP) to standardize these connections, check out the hands-on guide to building MCP servers for AI agents.

When chaining tools, error handling is paramount. Specifically, you must account for API rate limits. Truto does not retry, throttle, or apply backoff on rate limit errors for you. When Strac returns an HTTP 429 (Too Many Requests), Truto passes that error directly to the caller. However, Truto normalizes the upstream rate limit information into standardized HTTP headers (ratelimit-limit, ratelimit-remaining, ratelimit-reset) per the IETF spec. Your agent loop is responsible for reading these headers and executing exponential backoff.

Here is a complete, framework-agnostic architectural example using truto-langchainjs-toolset to bind tools and execute a workflow with LangChain.

import { ChatOpenAI } from "@langchain/openai";
import { AgentExecutor, createOpenAIFunctionsAgent } from "langchain/agents";
import { ChatPromptTemplate, MessagesPlaceholder } from "@langchain/core/prompts";
import { TrutoToolManager } from "truto-langchainjs-toolset";
 
async function runStracAgent(prompt: string, integratedAccountId: string) {
  // 1. Initialize the Truto Tool Manager with your API key
  const toolManager = new TrutoToolManager({
    apiKey: process.env.TRUTO_API_KEY!,
  });
 
  // 2. Fetch specific Strac proxy tools for this account
  // Using 'custom' to grab specialized proxy and vault methods
  const tools = await toolManager.getTools(integratedAccountId, {
    methods: ["create", "custom"]
  });
 
  // 3. Initialize the LLM
  const llm = new ChatOpenAI({
    modelName: "gpt-4o",
    temperature: 0,
  });
 
  // 4. Create the agent prompt
  const promptTemplate = ChatPromptTemplate.fromMessages([
    ["system", "You are a data security operations agent. Use the provided tools to interact with the Strac vault. Format proxy payloads carefully."],
    ["human", "{input}"],
    new MessagesPlaceholder("agent_scratchpad"),
  ]);
 
  // 5. Bind tools and create the executor
  const agent = await createOpenAIFunctionsAgent({
    llm,
    tools,
    prompt: promptTemplate,
  });
 
  const executor = new AgentExecutor({
    agent,
    tools,
    maxIterations: 5, // Prevent infinite tool loops
    tools,
    handleParsingErrors: true,
  });
 
  try {
    console.log("Executing workflow...");
    const result = await executor.invoke({ input: prompt });
    console.log("Workflow Complete:\n", result.output);
  } catch (error: any) {
    // 6. Handle HTTP 429 Rate Limits using normalized Truto headers
    if (error.status === 429) {
      const resetTime = error.headers['ratelimit-reset'];
      console.error(`Rate limit exceeded. Must back off until: ${resetTime}`);
      // Implement your retry/queue logic here based on the reset timestamp
    } else {
      console.error("Agent execution failed:", error.message);
    }
  }
}
 
// Example usage:
// runStracAgent("Tokenize this list of 5 IP addresses and proxy them to our external audit API.", "acc_strac_xyz123");

This architecture ensures your AI agent operates deterministically. Truto handles the schema normalization and identity management, while your code dictates the retry logic and business constraints.

Moving Forward with Agentic Security

Building AI agents that handle PII, PHI, or PCI data requires strict boundary control. You cannot afford to let an LLM directly generate raw API calls to external vendors using hardcoded credentials in your environment. By using Truto to generate secure proxy tools for Strac, you isolate the sensitive data lifecycle.

Your agent commands the logic. Truto standardizes the schema. Strac handles the vault. The result is a fully autonomous system that can process background checks, redact support tickets, and synchronize HR databases—all while ensuring zero data retention using MCP servers and maintaining SOC 2 and HIPAA compliance.