Policy-aware moderation
OmniMod reviews user-generated text and images, applies your active policy posture, and returns an enforceable allow, flag, block, or review outcome.
Build with OmniMod
Learn how OmniMod moderates text and images with policy-aware decisions, decision intelligence, event evidence, usage controls, and API keys for production product workflows.
What is OmniMod?
OmniMod is a content moderation API and dashboard for teams that need more than a raw classifier. It reviews user-generated text and images, applies the policy posture your team sets, and returns auditable decisions your product can enforce.
Decision intelligence
Responses include reason codes, explanations, confidence, recommended action, policy version, routing, provider status, and evidence your team can audit.
Built for product operations
The dashboard brings together API keys, text and image policies, event inspection, usage, quotas, billing state, and customer support workflows.
First moderation request
- Request private beta access and wait for approval.
- After approval, sign in with Microsoft and create your organization.
- Create an API key and copy the raw key once.
- Call the text or image moderation endpoint with Authorization: Bearer <api_key>.
- Review usage, quota, text/image policies, and moderation events in the dashboard.
curl -X POST http://127.0.0.1:8000/v1/moderations \
-H 'Authorization: Bearer omad_test_...' \
-H 'Content-Type: application/json' \
-d '{"modality":"text","input":"hello community"}'
curl -X POST https://api.omnimod.net/v1/moderations/image \ -H 'Authorization: Bearer omad_live_...' \ -H 'Content-Type: image/png' \ --data-binary '@avatar.png'
Core API contract
Authentication
Use OmniMod API keys as bearer tokens. Raw keys are shown once, stored as HMAC hashes, and can be revoked or rotated from the dashboard.
Text moderation
POST /v1/moderations accepts text requests up to 10,000 characters and returns a normalized allow, flag, or block decision with analyzer scores, policy metadata, language metadata, routing, and decision intelligence for apps and agents. One text unit is up to 1,000 characters.
Image moderation
POST /v1/moderations/image accepts direct image uploads up to 4 MB, validates the actual image type, discards raw bytes after processing, and returns the same decision contract with image scores, provider status, policy context, and cache metadata. One image unit is one image up to 4 MB.
Errors
Expect 400 for invalid requests or unsupported image inputs, 401 for invalid keys, 403 for disabled organizations, 413 for images over the upload limit, 429 for rate limits or quota exhaustion, and 5xx for service failures.
Text request schema
{
"modality": "text",
"input": "string, 1-10000 chars",
"language": "auto",
"policy": "optional policy slug or id",
"force_fresh": false,
"metadata": {
"external_id": "optional string metadata"
}
}Image upload request
curl -X POST https://api.omnimod.net/v1/moderations/image \ -H 'Authorization: Bearer omad_live_...' \ -H 'Content-Type: image/png' \ --data-binary '@avatar.png'
- Optional query parameters: policy=<policy slug or id> and force_fresh=true.
- Supported direct uploads include common image formats such as PNG, JPEG, GIF, WebP, and BMP.
- Raw image bytes are processed synchronously for small files and discarded after moderation.
Response schema
{
"id": "moderation event id",
"request_id": "request id from x-request-id or generated by OmniMod",
"decision": "allow | flag | block",
"engine_action": "allow | warn | review | block",
"modality": "text | image",
"severity": "none | low | medium | high | critical",
"scores": {
"profanity": 0.0,
"spam": 0.0,
"pattern_toxicity": 0.0,
"url_evasion": 0.0,
"language": 0.0,
"image_safety_composite": 0.0,
"image_sexual": 0.0,
"image_violence": 0.0,
"image_self_harm": 0.0,
"image_hate": 0.0
},
"analyzer_results": [
{
"analyzer": "spam",
"score": 0.91,
"severity": "high",
"flagged": true,
"matched_tokens": ["cheap followers"]
}
],
"policy": {
"id": "policy id",
"version_id": "policy version id",
"version": 3
},
"provider": "omnimod-engine",
"provider_version": "omnimod-engine-v1",
"provider_status": "complete | degraded | failed_closed",
"degraded_reason": null,
"routing": {
"mode": "rules_only | rules_plus_llm | cache_hit",
"reason": "rules_clear"
},
"intelligence": {
"reason_code": "policy_threshold_exceeded",
"explanation": "Spam scored 0.91, which met or exceeded the active policy threshold of 0.55.",
"recommended_action": "hold_for_review",
"action_source": "omnimod_default",
"confidence": "high",
"top_score": {
"analyzer": "spam",
"score": 0.91,
"threshold": 0.55,
"severity": "high",
"flagged": true
},
"triggered_analyzers": [
{
"analyzer": "spam",
"score": 0.91,
"threshold": 0.55,
"severity": "high",
"flagged": true
}
]
},
"language": {
"detected": "en | es | fr | de | unknown | mixed",
"confidence": 1.0
},
"provider_usage": {
"text_llm_credits": 0
},
"processing_time_ms": 42.5,
"created_at": "2026-05-03T05:59:21.000Z",
"cache": {
"status": "hit | miss",
"content_hash": "sha256:..."
}
}Error schemas
401 Invalid API key
{
"detail": "Invalid API key"
}
429 Monthly quota exceeded
{
"detail": {
"code": "quota_exceeded",
"message": "Monthly moderation quota exceeded",
"plan_tier": "free",
"monthly_request_quota": 100,
"used": 100,
"remaining": 0
}
}
429 Rate limited
{
"detail": {
"code": "rate_limited",
"message": "Rate limit exceeded",
"limit": 60,
"remaining": 0,
"reset_seconds": 60
}
}Python first, TypeScript next
Install the public Python client package from PyPI as omnimod-sdk, then import omnimod_sdk in your application. The SDK covers text moderation with typed response helpers and API error classes. Image moderation is available through the HTTP API today; Python image helpers and TypeScript are planned after the OpenAPI contract is published.
Install
python -m pip install omnimod-sdk
Requires Python 3.11 or newer and an approved OmniMod API key.
Package details
- PyPI package: omnimod-sdk
- Python import: omnimod_sdk
- License: MIT; copyright The Kavach LLC
- The SDK package is public client code. OmniMod API usage still requires an approved account and API key.
Python SDK usage
from omnimod_sdk import OmniModClient
client = OmniModClient(
api_key="omad_live_...",
base_url="https://api.omnimod.net",
)
result = client.moderate_text(
"hello community",
policy="community-default",
)
if result.is_blocked:
print("blocked", result.severity)TypeScript SDK
Planned after the OpenAPI contract is published so browser, Node.js, and integration customers get the same request and response model.
Image helpers
Image moderation works through the HTTP upload endpoint today. SDK helpers for images and async media flows are planned after the core contract stabilizes.
Customer operations
- Overview: quota, request volume, and recent moderation health.
- API Keys: create, rotate, revoke, and copy raw keys only at creation or rotation.
- Moderation: manually test text and image moderation with API keys, select policies, and inspect persisted event details.
- Policies: tune text and image thresholds separately, enable analyzers, version changes, and control hash reuse.
- Usage and Billing: monitor monthly quota and manage Stripe plan state.
Control moderation behavior
OmniMod provides the moderation intelligence. You set the enforcement posture for your product and audience.
- Default policies apply when no policy selector is sent.
- Text policy controls cover profanity, spam, evasion, language, emoji, URL, formatting, transliteration, NSFW, and semantic review signals.
- Image policy controls cover scored evidence for visual safety categories such as sexual content, violence, self-harm, and hate symbols.
- Text and image policy settings are versioned by modality, so teams can tune one surface without losing context for the other.
- Policy versions are immutable so historical moderation events keep their original policy context.
- Hash reuse avoids recomputing duplicate content unless customers send force_fresh.
Production, beta, and fallback coverage
Language metadata is detected automatically. Customers do not need to pass a language value for normal moderation requests.
English
First-class production moderation with rules, semantic routing, and the strongest benchmark target.
Spanish, French, German
Beta / Early Access coverage with high-confidence rule packs plus semantic provider routing for ambiguity and context.
Other languages
Semantic fallback is available when the provider is enabled, but accuracy can vary while benchmarking and language-specific rule work continues.
Unknown or mixed text
OmniMod records language metadata and routes low-confidence or mixed-language text to semantic review instead of blocking it solely because of language.
Plans and quota
Free trial
Approved beta users receive starter trial credits to test API keys, policies, text moderation, image moderation, events, and usage tracking. Ongoing usage moves to Launch, Scale, or Growth.
Launch
$9/month for 1,000 text units and 100 image units. Founder promo customers receive Launch for $7/month for the first two months while the promotion is active.
Scale and Growth
Scale includes 5,000 text units and 500 image units. Growth includes 20,000 text units and 2,000 image units. Both are monthly Stripe subscription plans.
Quota behavior
Plan quotas are enforced at the organization level. One text unit is up to 1,000 characters, one image unit is one image up to 4 MB, cache hits count for MVP, and exhausted quota returns 429.
Billing visibility
The dashboard shows plan state, quota usage, and Stripe subscription status. Overage is disabled unless the customer explicitly approves it and billing is active.
Overage rates
When approved, planned overage rates are Launch $0.0020/text unit and $0.0150/image unit; Scale $0.0016/text unit and $0.0120/image unit; Growth $0.0012/text unit and $0.0095/image unit.
Custom
Custom is available for customers who need custom limits, volume pricing, language support beyond the listed coverage, or custom moderation needs beyond coverage. Use Contact Us for requests that do not fit the listed plans.
Trust boundaries
- Microsoft Entra External ID owns customer authentication.
- OmniMod never stores customer dashboard passwords.
- Raw API keys are not stored and are returned only once.
- Moderation events store metadata, scores, and content hashes, not raw submitted text.
- Direct image uploads are processed synchronously for small files and raw image bytes are discarded after moderation.
- Internal admin access is gated by Entra app roles and reasoned audit events.
Coming next
OpenAPI
Publish the formal API specification and generated reference once the core contract stabilizes.
SDKs
Python SDK is available as an MVP package. TypeScript SDK and OpenAPI-generated reference remain next.
Moderation coverage
Text, multilingual routing, and synchronous image moderation are available in private beta. Next coverage work focuses on broader language benchmarking, async media processing, and production provider hardening.