This guide walks you through connecting a Vapi assistant to Masker and placing a real call. By the end, you’ll have a working masked agent and a session report you can download — and you’ll be able to confirm in OpenAI’s own completion logs that no raw PHI reached the model.Documentation Index
Fetch the complete documentation index at: https://docs.masker.dev/llms.txt
Use this file to discover all available pages before exploring further.
You need a Vapi account with a phone number or web call testing enabled, an OpenAI API key, and a GitHub account for Masker portal sign-in.
Steps
Sign in to the Masker portal
Open masker-voice.fly.dev/portal/login and click Sign in with GitHub. Masker uses GitHub OAuth and stores nothing from your GitHub profile beyond your email address.After sign-in you’ll land on the dashboard with a prompt to connect your first agent.
Create an agent
Click New Agent on the dashboard. The setup wizard has three fields:
- Agent name — use something descriptive, like
Patient intake (test)orPrior auth — primary care. This name shows up in your session list. - Vapi API key — copy your key from dashboard.vapi.ai/account and paste it here. Masker uses the key once to configure the assistant on Vapi’s side, then stores it encrypted using AES-256-GCM-SIV.
- Upstream model — defaults to
gpt-4o-mini. Change this if you want a different OpenAI model.
Copy your proxy URLs
After creating the agent, Masker generates two URLs unique to this agent:
- Proxy URL —
https://masker-voice.fly.dev/proxy/{agent_id}/v1/chat/completions - Webhook URL —
https://masker-voice.fly.dev/vapi/webhook/{agent_id}
Verify the Vapi assistant config
Open your Vapi dashboard → Assistants and find the assistant Masker just created (it uses the same name as your agent). Confirm:
- Model provider: Custom LLM
- Custom LLM URL: your Masker proxy URL
Place a test call
Use the Talk to Assistant button on the Vapi assistant detail page, or call the phone number assigned to the assistant.Try saying something with clear PHI:
“Hi, my name is Sarah Johnson. My date of birth is March 14, 1982, and my member ID is BCBS-447299.”Your assistant should respond naturally. Behind the scenes, Masker:
- Tokenized
Sarah Johnson→MSKV1.person_name.K_HEALTHCARE.a3f9... - Tokenized
March 14, 1982→MSKV1.dob.K_HEALTHCARE.b7c2... - Tokenized
BCBS-447299→MSKV1.account_number.K_HEALTHCARE.c1d8... - Forwarded the masked prompt to OpenAI
- Rehydrated the tokens in OpenAI’s response before returning it to Vapi
Verify in OpenAI's logs
Open platform.openai.com/logs and find the chat completion that just ran. The Input section should look like this — no raw names, dates, or member IDs anywhere:This is the proof your compliance story rests on. OpenAI keeps completion logs for 30 days by default — even on enterprise plans. Masker ensures those logs never contain real PHI.
Download the session report
Back in the Masker portal:
- Open Sessions and click the session that just completed.
- Toggle between Raw and Masked views to see the transcript split across the compliance firewall.
- Click Download report to get the signed compliance report.
What’s next
How it works
The full request pipeline — detection, tokenization, proxy forward, rehydration, and audit chain.
Request beta access
For production use with a signed BAA and SLAs — May 30, 2026 launch.