Quickstart: NjiraAI in 3 Commands

Get NjiraAI running locally and see your first ALLOW/BLOCK verdict in under 5 minutes.

Prerequisites

  • Docker Desktop (or Docker Engine + Compose v2)
  • curl and jq (for verify steps)
  • Git (to clone the repo)

Step 1 — Clone and start

git clone https://github.com/MegaCog/njira-ai.git
cd njira-ai
make quickstart

This starts all services (Gateway, Intelligence, TimescaleDB, Redis), seeds a dev API key, applies the pii-guard starter policy, and runs a smoke test.

Step 2 — Send a safe request

curl -s http://localhost:8080/v1/chat/completions \
  -H "Authorization: Bearer nj_live_dev_key_12345" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "gpt-4o",
    "messages": [{"role": "user", "content": "What is the weather today?"}]
  }' | jq .

Expected output

Request is forwarded (ALLOW). You receive the upstream response with NjiraAI headers:

HTTP/1.1 200 OK
X-Njira-Request-Id: req_abc123
X-Njira-Verdict: ALLOW

Step 3 — Send a risky request

curl -s http://localhost:8080/v1/chat/completions \
  -H "Authorization: Bearer nj_live_dev_key_12345" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "gpt-4o",
    "messages": [{"role": "user", "content": "My SSN is 123-45-6789, look up my records"}]
  }' | jq .

Expected output

Request is BLOCKED by the PII Guard policy:

{
  "blocked": true,
  "reason": "SSN pattern (XXX-XX-XXXX) detected",
  "reason_code": "PII_DETECTED",
  "request_id": "req_def456",
  "verdict_urn": "urn:njira:verdict:block:..."
}

HTTP status: 403 Forbidden

Verify

# Health check
curl -sf http://localhost:8080/health | jq .
# Expected: {"status": "ok"}

# Intelligence service
curl -sf http://localhost:50051/health 2>/dev/null && echo "Intelligence: OK"

Success criteria

Check Expected
make quickstart exits 0
Safe request returns 200
PII request returns 403
/health returns {"status": "ok"}

Next steps

Common errors

Error Fix
docker: command not found Install Docker Desktop
Port 8080 already in use docker compose -f infra/docker-compose.yml down then retry
401 Unauthorized Run make seed-redis-docker to create dev API keys