Brain Orchestra is currently in private pilot. Join the waitlist to get early access.
Use case · Claude Code

Run Claude Code through Brain Orchestra. Every session audited. Your own Anthropic key. Zero workflow friction.

Your developers love Claude Code. Your CISO needs to know which files it touches, which secrets it sees, and what data left the building. Brain Orchestra sits between Claude Code and Anthropic — every request audited, every PII detection logged, every cost attributed.

Setup

export ANTHROPIC_BASE_URL=https://api.brainorchestra.ai
export ANTHROPIC_API_KEY=bo_live_…   # your BO API key

That's it. Two environment variables. Claude Code keeps working exactly as before — except every request now flows through Brain Orchestra's audit + PII + EU residency pipeline.

The problem isn't Claude Code. It's the gap behind it.

Claude Code is the most productive thing to happen to your engineering team in years. It reads codebases, edits files, runs tests, and ships PRs. Developers don't want to give it up — and you shouldn't ask them to.

But every time it runs, it sends source code, error messages, config snippets, and sometimes credentials directly to Anthropic. Your security review sees: a one-line vendor invoice. No prompt audit. No PII detection. No record of which file got read. When your auditor asks "what data did Claude Code see this quarter?" — what do you show them?

Anthropic's own admin surfaces are good for billing and usage caps. They aren't built for enterprise compliance evidence under GDPR, AI Act, or sector-specific regulation. That's the gap Brain Orchestra closes — without removing Claude Code from your developers' workflow.

How it works

Five-minute setup. Same Claude Code, governed channel.

1

Create your Brain Orchestra account

Get a bo_live_ API key from app.brainorchestra.ai. Pick a project, set the territorial tier you want (unrestricted today; eu_cloud + eu_strict coming Phase 2).
2

Add your Anthropic key as a BYOK credential

In BO Settings → Provider Keys → Anthropic, paste your existing Anthropic API key. Brain Orchestra encrypts it with envelope encryption (DEK + KEK; KEK lives outside the BO database). Anthropic bills you directly; BO never holds your spending.
3

Set two environment variables

export ANTHROPIC_BASE_URL=https://api.brainorchestra.ai
export ANTHROPIC_API_KEY=bo_live_…   # your BO API key, NOT your Anthropic key
4

Run Claude Code

Same CLI, same workflow, same SDK calls. Brain Orchestra authenticates your BO API key, looks up your project's BYOK Anthropic credential, forwards the request to Anthropic. Streams come back through BO so we can audit token usage + stop-reasons + tool calls. Every request lands in your audit log.

Two-key model: your bo_live_ key authenticates you to Brain Orchestra. Your Anthropic key (held in BO's encrypted vault) authenticates BO to Anthropic on your behalf. Customers using the official @anthropic-ai/sdk package, Anthropic Workbench, or any other tool that respects ANTHROPIC_BASE_URL get the same governance for free.

You keep your Anthropic billing relationship. We just add the guardrails.

Your Anthropic key, your spending

Brain Orchestra never holds your provider spending. Your Anthropic key sits in BO's encrypted vault and forwards your calls verbatim. Anthropic invoices you directly. BO bills a flat subscription for the governance layer.

Envelope encryption at rest

Per-row data encryption keys, master key held outside the BO database. A DB snapshot is opaque ciphertext. Rotation supported per-project under the upcoming AC-13 retrofit (per-project KMS region binding).

What you get on every Claude Code session

The same governance pipeline your customers' chat-completions and embedding traffic already flows through.

Immutable audit trail

Every Claude Code request gets an audit_logs row: prompt hash, response hash, model, tokens, cost, latency, actor identity (if you set X-User-Id headers). 13-month retention by default. Exportable as CSV / JSON for your compliance team.

PII detection on every prompt

Microsoft Presidio runs as a sidecar against every request. Detect mode: counts entities (names, emails, addresses, personnummer, IBANs) in audit metadata. Pseudonymize mode: replaces PII with opaque tokens before sending to Anthropic — your developers' prompts never include literal customer data.

Territorial routing

unrestricted projects route Claude Code to Anthropic direct (US). eu_cloud projects route Claude Code through AWS Bedrock Frankfurt — same Claude models, EU-resident infrastructure, audit pipeline identical. The Claude Code client doesn't change at all; the routing tier on your BO project decides where the bytes land.

Cancellation built-in

DELETE /v1/requests/{request_id} aborts any in-flight Claude Code call. Audit row marks status=cancelled; provider call drops; billing reservation refunds. Useful for long-running agentic loops that need an emergency stop.

What ships today, what's next

Available now

Unrestricted tier — Anthropic direct

Claude Code requests route through POST /v1/messages on Brain Orchestra to Anthropic's US-hosted API. Audit, PII, billing attribution, cancellation all live. Same Claude models you're using today (Sonnet, Opus, Haiku).

Available now

EU residency — Claude via Bedrock Frankfurt

eu_cloud projects route Claude Code through AWS Bedrock Frankfurt — same Claude models (Opus / Sonnet / Haiku), EU-resident infrastructure, audit pipeline identical to the unrestricted path. No Anthropic key required on the BO project; AWS bills Brain Orchestra, Brain Orchestra bills you via the catalog rates. Same POST /v1/messages wire shape; routing tier on the project decides the underlying infrastructure.

Common questions

Does this slow Claude Code down?

Brain Orchestra adds one HTTP hop and one Presidio scan per request. Typical added latency: 50-150 ms. For a Claude Code session that spends most of its time waiting on Claude's tokens, that's noise — the user-perceived latency is dominated by Anthropic's generation time, not BO's edge.

What happens if Brain Orchestra goes down?

Your developers can fall back to setting ANTHROPIC_BASE_URL back to Anthropic's default (https://api.anthropic.com) and ANTHROPIC_API_KEY to their Anthropic key directly. No governance during the fallback, but no work stops. We publish status at status.brainorchestra.ai.

What models does Claude Code see through Brain Orchestra?

Whatever Claude Code requests — Sonnet, Opus, Haiku, current and future versions — Brain Orchestra resolves the BO catalog name to Anthropic's native model ID and forwards. No translation layer that lags Anthropic's releases; new Claude models work the same day Anthropic ships them, as long as your Anthropic key has access.

Can I use this with the @anthropic-ai/sdk package directly?

Yes. Same env-var contract. The SDK respects ANTHROPIC_BASE_URL + ANTHROPIC_API_KEY; pointing them at BO routes through the governance pipeline transparently. Anthropic Workbench, custom integrations built on the SDK, any other Anthropic-native tool all work the same way.

Does BO see my source code?

In the same way Anthropic does — yes, the prompts pass through Brain Orchestra's process to be audited and PII-scanned. Brain Orchestra stores prompt + response hashes by default (not the content). Full prompt + response content is opt-in per project — flip the content_retention flag if your compliance team wants the literal records. BO runs in EU infrastructure under Xalerate AB (a Swedish company); the encryption-at-rest story is at the top of this page.

Your developers keep Claude Code. Your CISO gets a real audit trail.

Five minutes to set up. Two environment variables. No client changes, no SDK swaps, no workflow disruption.

Join the Waitlist

Or read the full developer guide for the Anthropic SDK section and Claude Code setup snippet.