Senseway Force - Mandatory LLM Protection
Master switch that forces ALL LLM traffic in your organization through Senseway. No bypass possible - 100% protection guaranteed.
What is Senseway Force?
Senseway Force is an admin-level master switch that guarantees 100% of your organization's LLM communications go through Senseway, Adlibo's protected gateway. When enabled, any attempt to call LLM APIs directly (OpenAI, Anthropic, etc.) is automatically blocked with a 403 error.
No bypass
Direct LLM calls are blocked at the API level. Impossible to bypass.
100% tokenization
Every request is tokenized by DataShield before reaching the LLM.
Full audit
All forced requests are tracked separately for reporting.
Required plans
Senseway Force is available only on Business+ and Enterprise plans. Free and Pro plans do not have access to this feature.
How to enable Senseway Force
Access settings
Open the ADLIBO Dashboard, then navigate to Settings > LLM Pool.
Enable the toggle
Click the "Senseway Force" toggle. A confirmation modal will warn you about the impact on all users in the organization.
Confirm activation
Confirm activation. All direct LLM calls will be immediately blocked. The Endpoint Shield extension will be notified within 5 minutes.
Required roles
Only users with ADMIN or OWNER role can enable/disable Senseway Force. SuperAdmins can also toggle it for any organization via the SaaS dashboard.
Behavior when enabled
Direct LLM call
api.openai.com
403 Forbidden
senseway_force_blocked
Redirect
/senseway
Senseway
Tokenized + protected
Direct calls blocked
All direct LLM proxy calls return a 403 error with code senseway_force_blocked.
Extension notified
The Endpoint Shield extension is notified via the sync API and automatically redirects to Senseway.
DataShield tokenization
All requests are tokenized by DataShield before reaching the LLM model. Sensitive data replaced with tokens.
Separate tracking
Forced requests are tagged with the sensewayForced: true flag for distinct reporting.
Typical error response
{
"error": {
"type": "senseway_force_blocked",
"code": "SENSEWAY_FORCE_ACTIVE",
"message": "Direct LLM access is disabled. Use Senseway.",
"redirect": "/senseway"
}
}Recommended network configuration
DNS Override
Redirect LLM API domains to route traffic through Senseway at the DNS level.
# Internal DNS or /etc/hosts
# Route LLM traffic through Senseway gateway
senseway.adlibo.com api.openai.com
senseway.adlibo.com api.anthropic.com
senseway.adlibo.com api.mistral.ai
senseway.adlibo.com generativelanguage.googleapis.comFirewall rules
Block direct access to LLM APIs to prevent any Senseway Force bypass.
# Block direct LLM API access
iptables -A OUTPUT -d api.openai.com -j DROP
iptables -A OUTPUT -d api.anthropic.com -j DROP
iptables -A OUTPUT -d api.mistral.ai -j DROP
# Allow only through Senseway gateway
iptables -A OUTPUT -d senseway.adlibo.com -p tcp --dport 443 -j ACCEPTExtension sync
The Endpoint Shield extension automatically syncs every 5 minutes with the server to check Senseway Force status. No manual configuration needed.
Monitoring and audit
Dashboard
The dashboard displays the following information when Senseway Force is active:
| Metric | Description |
|---|---|
| Force status | Active / Inactive with visual indicator |
| Activation date | Date and time of last activation |
| Activated by | Name of the admin who enabled the feature |
| Force requests (month) | Number of requests routed via Force this month |
Stats API
GET /api/v1/senseway/stats
Response:
{
"sensewayForceEnabled": true,
"sensewayForceActivatedAt": "2026-01-15T09:30:00Z",
"sensewayForceActivatedBy": "admin@company.com",
"sensewayForceRequests": 12847,
"totalRequests": 15230,
"tokenizedFields": 45891
}Each SensewayUsage record contains the sensewayForced: true field when the request was routed via Senseway Force, enabling precise filtering in reports.
API Reference
/api/dashboard/senseway/forceRetrieves the current Senseway Force state for the organization.
curl -X GET https://api.adlibo.com/api/dashboard/senseway/force \
-H "Authorization: Bearer $SESSION_TOKEN"
# Response
{
"enabled": true,
"activatedAt": "2026-01-15T09:30:00Z",
"activatedBy": "admin@company.com"
}/api/dashboard/senseway/forceEnables or disables Senseway Force. Requires ADMIN or OWNER role.
curl -X PUT https://api.adlibo.com/api/dashboard/senseway/force \
-H "Authorization: Bearer $SESSION_TOKEN" \
-H "Content-Type: application/json" \
-d '{"enabled": true}'
# Response
{
"success": true,
"enabled": true,
"activatedAt": "2026-03-14T14:22:00Z"
}Error response (blocked LLM call)
When a user attempts a direct LLM call with Force active:
HTTP/1.1 403 Forbidden
{
"error": {
"type": "senseway_force_blocked",
"code": "SENSEWAY_FORCE_ACTIVE",
"message": "Direct LLM access is disabled for your organization. Use Senseway.",
"redirect": "/senseway"
}
}FAQ
Why do my API calls return 403?
Senseway Force is enabled for your organization. All direct LLM calls are blocked. Use Senseway for your LLM interactions, or ask your administrator to disable Senseway Force.
How to disable Senseway Force?
Go to Dashboard > Settings > LLM Pool and disable the "Senseway Force" toggle. Only users with ADMIN or OWNER role can perform this action.
Is Senseway Force available on-prem?
No, Senseway Force is a cloud-only feature. For on-premise deployments, use the transparent LLM proxy which offers similar protection at the network level.
View On-Premise guideWhat is the performance impact?
Negligible. Senseway Force adds approximately 10-25ms of latency per request for DataShield tokenization. Responses are rehydrated in real-time with no perceptible delay.
Are users notified?
Yes. The Endpoint Shield extension displays a notification when Senseway Force is active and automatically redirects users to the Senseway interface.
Need help?
Our team can help you configure Senseway Force for your organization.