> ## Documentation Index
> Fetch the complete documentation index at: https://docs.masker.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Get started with Masker: place your first masked call

> Sign in, connect a Vapi agent, place a test call, and verify in OpenAI's logs that no PHI crossed the compliance boundary — in under five minutes.

This guide walks you through connecting a Vapi assistant to Masker and placing a real call. By the end, you'll have a working masked agent and a session report you can download — and you'll be able to confirm in OpenAI's own completion logs that no raw PHI reached the model.

<Note>
  You need a [Vapi account](https://dashboard.vapi.ai) with a phone number or web call testing enabled, an OpenAI API key, and a GitHub account for Masker portal sign-in.
</Note>

## Steps

<Steps>
  <Step title="Sign in to the Masker portal">
    Open [masker-voice.fly.dev/portal/login](https://masker-voice.fly.dev/portal/login) and click **Sign in with GitHub**. Masker uses GitHub OAuth and stores nothing from your GitHub profile beyond your email address.

    After sign-in you'll land on the dashboard with a prompt to connect your first agent.
  </Step>

  <Step title="Create an agent">
    Click **New Agent** on the dashboard. The setup wizard has three fields:

    * **Agent name** — use something descriptive, like `Patient intake (test)` or `Prior auth — primary care`. This name shows up in your session list.
    * **Vapi API key** — copy your key from [dashboard.vapi.ai/account](https://dashboard.vapi.ai/account) and paste it here. Masker uses the key once to configure the assistant on Vapi's side, then stores it encrypted using AES-256-GCM-SIV.
    * **Upstream model** — defaults to `gpt-4o-mini`. Change this if you want a different OpenAI model.

    <Warning>
      Use your own dev Vapi account for initial testing, not a customer's key. The API key has full permissions on your Vapi org.
    </Warning>
  </Step>

  <Step title="Copy your proxy URLs">
    After creating the agent, Masker generates two URLs unique to this agent:

    * **Proxy URL** — `https://masker-voice.fly.dev/proxy/{agent_id}/v1/chat/completions`
    * **Webhook URL** — `https://masker-voice.fly.dev/vapi/webhook/{agent_id}`

    Masker configures these on your Vapi assistant automatically. You don't need to paste them anywhere for Vapi — they're shown for reference and for non-Vapi platforms.

    The agent appears on the dashboard with a green **Live** badge once setup completes.
  </Step>

  <Step title="Verify the Vapi assistant config">
    Open your Vapi dashboard → **Assistants** and find the assistant Masker just created (it uses the same name as your agent). Confirm:

    * **Model provider:** Custom LLM
    * **Custom LLM URL:** your Masker proxy URL

    If you want to route an existing Vapi assistant through Masker instead, go to that assistant's settings, switch the model provider to **Custom LLM**, and paste the proxy URL.
  </Step>

  <Step title="Place a test call">
    Use the **Talk to Assistant** button on the Vapi assistant detail page, or call the phone number assigned to the assistant.

    Try saying something with clear PHI:

    > "Hi, my name is Sarah Johnson. My date of birth is March 14, 1982, and my member ID is BCBS-447299."

    Your assistant should respond naturally. Behind the scenes, Masker:

    * Tokenized `Sarah Johnson` → `MSKV1.person_name.K_HEALTHCARE.a3f9...`
    * Tokenized `March 14, 1982` → `MSKV1.dob.K_HEALTHCARE.b7c2...`
    * Tokenized `BCBS-447299` → `MSKV1.account_number.K_HEALTHCARE.c1d8...`
    * Forwarded the masked prompt to OpenAI
    * Rehydrated the tokens in OpenAI's response before returning it to Vapi
  </Step>

  <Step title="Verify in OpenAI's logs">
    Open [platform.openai.com/logs](https://platform.openai.com/logs) and find the chat completion that just ran. The **Input** section should look like this — no raw names, dates, or member IDs anywhere:

    <CodeGroup>
      ```text What OpenAI sees theme={null}
      User: Hi, my name is MSKV1.person_name.K_HEALTHCARE.a3f9...
            My date of birth is MSKV1.dob.K_HEALTHCARE.b7c2...
            and my member ID is MSKV1.account_number.K_HEALTHCARE.c1d8...
      ```

      ```text What Masker sent to Vapi theme={null}
      User: Hi, my name is Sarah Johnson.
            My date of birth is March 14, 1982,
            and my member ID is BCBS-447299.
      ```
    </CodeGroup>

    This is the proof your compliance story rests on. OpenAI keeps completion logs for 30 days by default — even on enterprise plans. Masker ensures those logs never contain real PHI.
  </Step>

  <Step title="Download the session report">
    Back in the Masker portal:

    1. Open **Sessions** and click the session that just completed.
    2. Toggle between **Raw** and **Masked** views to see the transcript split across the compliance firewall.
    3. Click **Download report** to get the signed compliance report.

    The report includes the BAA chain (Vapi → OpenAI → Deepgram → ElevenLabs), the HIPAA Safe Harbor coverage breakdown for this session, and a count of each PHI category detected.
  </Step>
</Steps>

## What's next

<CardGroup cols={2}>
  <Card title="How it works" icon="diagram-project" href="/how-it-works">
    The full request pipeline — detection, tokenization, proxy forward, rehydration, and audit chain.
  </Card>

  <Card title="Request beta access" icon="envelope" href="/beta-access">
    For production use with a signed BAA and SLAs — May 30, 2026 launch.
  </Card>
</CardGroup>
