LGPD for the OpenAI Agents SDK

A recently off‑boarded contractor leaves an OpenAI‑powered automation script running in a CI pipeline. The script continues to call the OpenAI Agents SDK with a hard‑coded API key, pulls customer data from internal services, and writes results to a shared bucket. No one sees the request, no log captures the exact query, and the data that flows through the model is never inspected or masked. In a jurisdiction that enforces the Lei Geral de Proteção de Dados (LGPD), that silence becomes a compliance nightmare.

What LGPD demands from AI‑driven workloads

LGPD focuses on three pillars that directly affect any system that processes personal data: accountability, data minimisation, and the right to audit. Accountability requires organisations to demonstrate who accessed what data, when, and under which authority. Data minimisation obliges you to limit the amount of personal information exposed to downstream services, including large language models. Finally, the law requires auditors to be able to retrieve a reliable record of every processing event, and that the data subject can request a copy of the processing log.

Why the OpenAI Agents SDK alone cannot satisfy those requirements

In practice, teams often embed the SDK in scripts, bots, or serverless functions that authenticate with a static secret. The secret is stored in code repositories or environment variables, and the SDK forwards requests straight to the OpenAI endpoint. This architecture provides no point where a policy engine can inspect the payload, enforce masking, or require a human approval step. The request travels directly from the runtime to the model, leaving a gap where LGPD‑required evidence cannot be captured. Even if you add an OIDC identity layer, the token only proves who started the job; it does not record the exact query or the response that may contain personal data.

hoop.dev as the data‑path enforcement layer

hoop.dev inserts a Layer 7 gateway between the OpenAI Agents SDK and the model endpoint. By placing the gateway in the data path, hoop.dev becomes the only place where enforcement can happen. It records every session, retains a complete audit trail, and can apply inline masking to any fields that match personal‑data patterns before the response reaches the downstream system. Because hoop.dev mediates the connection, it can also require just‑in‑time approval for high‑risk queries, ensuring that a privileged user signs off before the model processes sensitive identifiers.

Session recording for accountability

hoop.dev captures the full request and response pair for each SDK call. Those logs are stored outside the runtime that generated the request, providing auditors with reliable evidence that satisfies LGPD’s accountability clause. The logs include the identity of the caller, the timestamp, and the policy decision that was applied.

Continue reading? Get the full guide.

OpenAI API Security + LGPD (Brazil): Architecture Patterns & Best Practices

Free. No spam. Unsubscribe anytime.

Inline data masking for minimisation

Before the model sees the payload, hoop.dev can replace or redact personal identifiers such as CPF numbers, email addresses, or phone numbers. The masking rules are defined centrally and applied in real time, guaranteeing that only the minimum necessary data reaches the LLM. This directly addresses LGPD’s data‑minimisation requirement without requiring developers to embed custom masking logic in every script.

Just‑in‑time approval for high‑risk queries

When a request matches a risk profile, e.g., it contains a request to retrieve a full customer record, hoop.dev pauses the call and routes it to an approver. The approver can grant or deny the request, and the decision is logged alongside the session record. This workflow turns an otherwise unchecked automation into a controlled process that LGPD recognises as a legitimate safeguard.

Identity‑aware proxy for precise attribution

Setup begins with an OIDC or SAML identity provider. The gateway validates the token, extracts group membership, and maps the identity to a set of permissions that define which resources the SDK may access. The identity check alone does not provide LGPD compliance; hoop.dev’s presence in the data path is what turns that identity into enforceable policy.

Without hoop.dev, the combination of static credentials and a trusted identity provider still leaves the request path unmonitored. The audit logs would only show that a token was issued, not what data was processed. By routing every OpenAI Agents SDK call through hoop.dev, you gain the enforcement outcomes, recorded sessions, masked payloads, approved queries, that are essential for LGPD evidence.

To get started, follow the getting‑started guide and review the feature documentation for detailed policy configuration. The open‑source repository contains all the components you need to self‑host the gateway.

Explore the hoop.dev GitHub repository to contribute, file issues, or clone the code for your environment.

FAQ

Does hoop.dev make the OpenAI Agents SDK LGPD‑certified? No. hoop.dev generates the audit evidence that LGPD requires, but certification is a separate audit performed by a qualified assessor.
Can I use hoop.dev with existing CI pipelines? Yes. The gateway works with any runtime that can reach the network‑resident agent, so you can wrap existing scripts without code changes.
What happens to masked data? Masked fields are replaced before they leave the gateway, ensuring that personal identifiers never reach the LLM. The original values remain only in the secure audit log, accessible to authorized auditors.