๐ŸŽ‰ Welcome to Guardia AI

You're one step away from
continuous AI compliance

No code. No infrastructure. Just connect your Azure account and you'll have your first compliance report in under 5 minutes.

1
Create Service
Principal
2
Activate your
account
3
Run your first
scan
4
Read your
report
๐Ÿ”‘
Step 1 โ€” Create a read-only Azure Service Principal
Takes about 2 minutes ยท Done once ยท You keep full control
๐Ÿ’ก A Service Principal is like a read-only visitor badge for Guardia AI. It can see your Azure resources to scan them, but cannot modify, delete, or create anything.

Option A โ€” Azure Portal (no terminal needed)

1
Go to portal.azure.com โ†’ search "App registrations" in the top search bar โ†’ click it
2
Click + New registration โ†’ Name it guardia-ai-reader โ†’ leave everything else as default โ†’ click Register
3
On the app page, copy and save: Application (client) ID and Directory (tenant) ID โ€” you'll need these in Step 2
4
Go to Certificates & secrets โ†’ + New client secret โ†’ Description: guardia-ai โ†’ Expires: 24 months โ†’ click Add โ†’ copy the Value immediately (it won't show again)
5
Now go to Subscriptions in the search bar โ†’ open each subscription you want scanned โ†’ click Access control (IAM) โ†’ + Add โ†’ Add role assignment
6
Search for and assign these 4 roles one at a time, selecting your guardia-ai-reader app each time:
RoleWhy Guardia AI needs itAccess level
ReaderSee Azure resources (ML workspaces, Cognitive Services, etc.)Read only
Security ReaderRead Security Center findings and recommendationsRead only
Monitoring ReaderRead diagnostic settings and audit logsRead only
Resource Policy ReaderRead Azure Policy assignmentsRead only
โœ… None of these roles allow Guardia AI to create, modify, or delete anything in your Azure environment.

Option B โ€” Azure Cloud Shell (faster if you're comfortable with CLI)

Open Cloud Shell in the Azure Portal (the >_ icon at the top) and paste:

# Replace YOUR_SUBSCRIPTION_ID with your actual subscription ID
SUBSCRIPTION_ID="YOUR_SUBSCRIPTION_ID"

# Create the app registration + service principal
az ad sp create-for-rbac \
  --name "guardia-ai-reader" \
  --role "Reader" \
  --scopes "/subscriptions/$SUBSCRIPTION_ID" \
  --years 2

# Add the 3 additional read-only roles
SP_ID=$(az ad sp list --display-name "guardia-ai-reader" --query "[0].id" -o tsv)
for ROLE in "Security Reader" "Monitoring Reader" "Resource Policy Reader"; do
  az role assignment create \
    --assignee "$SP_ID" \
    --role "$ROLE" \
    --scope "/subscriptions/$SUBSCRIPTION_ID"
done

echo "Done โ€” copy the appId, tenant, and password from the output above"
โš ๏ธ Save the appId (Client ID), tenant (Tenant ID), and password (Client Secret) from the output. The secret is shown only once.
โšก
Step 2 โ€” Activate your Guardia AI account
You were redirected here after purchasing โ€” paste your credentials to get your API key

After purchasing on Azure Marketplace, you were redirected to our landing page at https://app.trustguardia.com/landing. If you're not there yet, go there now.

On the landing page, fill in the form with the values you saved in Step 1:

1
Azure Tenant ID โ€” the Directory (tenant) ID from your app registration
2
Client ID โ€” the Application (client) ID from your app registration
3
Client Secret โ€” the secret value you copied (shown only once)
4
Subscription IDs โ€” one or more Azure subscription IDs to scan (comma-separated)
5
Click Activate Account โ†’ you'll receive your Guardia AI API key (looks like gai-xxxxxxxxxxxx). Save it securely.
โœ… Your API key is shown once at activation. Store it in a secure location like Azure Key Vault or your password manager.
๐Ÿ”
Step 3 โ€” Run your first compliance scan
Choose the frameworks you need โ€” results in under 60 seconds

Use your API key to trigger a scan. You can call the API from anywhere โ€” Postman, curl, your CI/CD pipeline, or any HTTP client.

Quick scan via curl:

curl -X POST https://app.trustguardia.com/scan \
  -H "X-API-Key: gai-YOUR_API_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "frameworks": ["iso42001", "sr11_7", "eu_ai_act"]
  }'

Available framework IDs (include whichever apply to your business):

๐Ÿ›ก๏ธ
ISO 42001
iso42001 ยท All plans
๐Ÿฆ
SR 11-7
sr11_7 ยท All plans
๐Ÿ‡ช๐Ÿ‡บ
EU AI Act
eu_ai_act ยท Starter+
๐Ÿงญ
NIST AI RMF
nist_ai_rmf ยท Starter+
๐ŸŒ
MAS TRM
mas_trm ยท Professional+
๐Ÿ“Š
SOX
sox ยท Professional+
โšก
DORA
dora ยท Professional+
๐Ÿ’ก Not sure which frameworks apply to you? Financial institutions typically need SR 11-7 + SOX. EU businesses need EU AI Act. Singapore-regulated firms need MAS TRM. Start with ISO 42001 โ€” it applies to everyone.

Compare multiple frameworks at once:

curl -X POST https://app.trustguardia.com/scan/compare \
  -H "X-API-Key: gai-YOUR_API_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "frameworks": ["iso42001", "eu_ai_act", "nist_ai_rmf", "sr11_7"]
  }'
๐Ÿ“Š
Step 4 โ€” Read your compliance report
Understand your score and act on findings

Your scan response includes everything you need:

{
  "scan_id": "COMP-20260509-123456",
  "framework": "iso42001",
  "overall_score": 74,          โ† your compliance % (aim for 80+)
  "status": "PARTIAL",          โ† COMPLIANT / PARTIAL / NON_COMPLIANT
  "findings": [
    {
      "control_id": "A.6.1",
      "title": "AI Risk Assessment",
      "status": "FAIL",
      "severity": "HIGH",
      "resource": "ml-workspace-prod",
      "recommendation": "Enable diagnostic logging on your ML workspace..."
    }
  ],
  "narrative": "Your Azure environment demonstrates partial alignment with
    ISO 42001:2023. Key gaps identified in risk assessment documentation
    and monitoring controls..."   โ† plain-English AI summary (Starter+)
}

What the scores mean:

โœ“
80โ€“100 โ€” COMPLIANT. Strong controls in place. Review HIGH findings for final polish.
!
50โ€“79 โ€” PARTIAL. Good foundation. Prioritize HIGH and MEDIUM severity findings.
โœ—
0โ€“49 โ€” NON-COMPLIANT. Significant gaps. Start with all HIGH findings immediately.
โœ… Re-run the scan after each remediation to track progress. Professional and Enterprise plans get full AI-written remediation guidance for every finding.
๐Ÿ”Œ
Key API Endpoints
All requests use header: X-API-Key: gai-your-key
POST/scan
Run a compliance scan against one or more frameworks
POST/scan/compare
Run multiple frameworks in parallel and get a side-by-side comparison
POST/scan/dry-run
Test your credentials and see what resources would be scanned (no charge against quota)
GET/reports/{scan_id}
Retrieve a previously run scan report by its ID
GET/health
Check service status โ€” no API key required
GET/docs
Full interactive API documentation (Swagger UI)
๐Ÿ“‹
Your Plan Limits
Upgrade anytime through Azure Marketplace โ€” changes take effect immediately
PlanScans / monthSubscriptionsFrameworksAI Narrative
Free Trial51ISO 42001, SR 11-7โ€”
Starter ยท $299503+ EU AI Act, NIST AI RMFโœ…
Professional ยท $99950010All 7 frameworksโœ…
Enterprise ยท $2,999UnlimitedUnlimitedAll 7 frameworksโœ…

To upgrade: go to Azure Portal โ†’ Marketplace purchases โ†’ Guardia AI โ†’ Change plan.

๐Ÿ’ฌ
Support
We're here to help you get to compliance faster
๐Ÿ“ง Email Support
contact@trustguardia.com
Starter: 2 business days
Professional: 1 business day
Enterprise: 4 hours
๐Ÿ“– API Reference
app.trustguardia.com/docs
Interactive Swagger UI
Full request/response examples
๐Ÿ”’ Privacy & Security
Privacy Policy
security@trustguardia.com
privacy@trustguardia.com
๐Ÿ“„ Legal
Terms of Use
legal@trustguardia.com
Billing via Azure Marketplace