API Endpoints with Integrated Content Moderation

wclayf · 2023-09-05T16:10:45.102Z

I have a CMS and document authoring system which lets users collaborate with the AI to author documents, or to have general questions answered that the user types.

There’s been an ongoing discussion in another extremely lengthy thread in this forum about whether the developer is EXPECTED to ALWAYS call the moderation API to check every one of these potentially unsafe queries, before calling ‘completions’ api.

None of the OpenAI policy documents answer this very simple, and very necessary question directly and clearly.

EDIT: Furthermore if the answer is “yes you should” then this obviously needs to be a simple “moderate=true” parameter in the “completions API” call itself, which would obviously be defaulted to “true”, if they want to protect customers, which we assume they do.

RonaldGRuckus · 2023-09-05T16:17:15.085Z

wclayf:

EDIT: Furthermore if the answer is “yes you should” then this obviously needs to be a simple “moderate=true” parameter in the “completions API” call itself, which would obviously be defaulted to “true”, if they want to protect customers, which we assume they do.

Or… you can just call the moderation endpoint? Why mix different concerns?

What happens when a moderation error is thrown? I need to mix my error handling now? Expect two different types of objects? It doesn’t make sense. I have one function for calling the endpoint which appropriately handles the response, and then another. Nice and clean. Modular.

wclayf:

EXPECTED to ALWAYS call the moderation API to check every one of these potentially unsafe queries, before calling ‘completions’ api.

Keyword is potentially. If you are handling untrusted information then it makes sense to use the moderation endpoint. If you are, for example, writing sales pitches for your line of products then you don’t need it.

sps · 2023-09-05T16:31:07.549Z

Nope.

Chat completion in itself is RLHFd to not do BAD stuff.

However some of the simplest and easiest things devs can do to prevent termination of their OpenAI API access because of abuse is:

Check requests with Moderation API before sending them to the models.
Pass the end-user IDs to the API when making any requests, this’ll help OpenAI know and communicate with you about users that are abusing the API via your application.
This allows OpenAI to provide your team with more actionable feedback in the event that we detect any policy violations in your application.

Further best practices are listed here.

elmstedt · 2023-09-05T16:32:33.075Z

RonaldGRuckus:

Yet, I’d think the majority of people just want a key for other services and don’t really understand or read best practices, safeties etc etc. So it’s completely unfair to give them access and expect them to know that even writing smut is a perma ban.

OpenAI didn’t support BYOK application.

These people never should have gotten API keys to begin with.

It was unfair of the users to get a developer API key.

It’s unfair of the developers to not read the documentation.

RonaldGRuckus · 2023-09-05T16:36:27.811Z

Agreed. It’s a key for developers. Yet, the official current stance on BYOK seems to be … undefined… We’ve seen numerous developers use BYOK for whatever reason.

elmstedt:

OpenAI didn’t support BYOK application.

Although I’m not going to point fingers I have seen some support for paid applications which also support a self-hosted BYOK version. I’d say that in this case it’s a great idea. Yet, I’d also say that in most cases it’s just bad practices.

sps · 2023-09-05T16:45:20.393Z

wclayf:

EDIT: Furthermore if the answer is “yes you should” then this obviously needs to be a simple “moderate=true” parameter in the “completions API” call itself, which would obviously be defaulted to “true”, if they want to protect customers, which we assume they do.

The problem with this approach is the unnecessarily high frequency of requests hitting the endpoint. Such an approach will unnecessarily add to compute requirements.

Imagine abusive and normal usage requests hitting the same endpoint, the decision making happening on OpenAI side whether to pass the request for generation (think about the hold time), or deny them.

Then the complexity of API response; one response for denial while another entirely different for generation.

Compare this to the scenario where only filtered requests are hitting the generation endpoint (obviously no unnecessary ones) the decision making happening on devs’ systems.

The simplicity of response; devs know what kind of responses to expect from each endpoint.

+ Edit: Integrated approach will also hamper devs from bringing their own moderation system, which could be faster/better.

vb · 2023-09-05T16:47:22.389Z

Communication is key.
Who should use the moderation endpoint when, how and what will happen if there are problems.
Then everybody can make their own choices.

I would leave things as they are because I think the rules are common sense.

wclayf · 2023-09-05T16:54:32.535Z

The problem with making two API calls every time instead of one is the latency, and degrading performance for no reason.

I can see use cases where developers might have a need to call the ‘moderation’ endpoint standalone, with no intent to RUN the query if it passes moderation, but just because that’s true doesn’t mean that 100% of all of the most common usage patterns of the API should always require two back to back HTTP requests.

The obvious solution is a “moderate=true” flag on the completions endpoint, that defaults to true.

wclayf · 2023-09-05T17:23:17.214Z

Yes indeed, the additional HTTP call adds latency.

I think one of the most common use cases is “chat bots” where apps take raw input from end users, and so 100% of those calls would need to be sent thru moderation (according to many peoples interpretations of the vague policy docs), and so if that’s the case the rational choice for API design is to have moderation built into the ‘completions’ call, as an option that defaults to true.

I’d like to say to the API, “block this if it violates OpenAI policy”, and don’t ding my API key. So maybe the more applicable parameter name is “ding=false”. lol.

RonaldGRuckus · 2023-09-05T17:32:29.782Z

wclayf:

Yes indeed, the additional HTTP call adds latency.

This seems like a lot of extra work and compromises just to prevent mere milliseconds of latency.

wclayf:

rational choice for API design is to have moderation built into the ‘completions’ call, as an option that defaults to true.

When you are building a tool for all programmers the less assumptions & opinions the better.

N2U · 2023-09-05T17:39:47.933Z

I can agree with that, I think it’s worth delving a bit into this.

sps:

The problem with this approach is the unnecessarily high frequency of requests hitting the endpoint. Such an approach will unnecessarily add to the compute requirements.

This is absolutely true, let’s remember that the moderation endpoint is an AI classifier. It’s probably not as resource-intensive as GPT, but it will still require GPUs, and those are currently in short supply.

sps · 2023-09-05T17:45:02.180Z

Not just that. At the scale at which OpenAI receives requests per sec, even a slight hold can induce a huge backlog.

As the saying goes “the more moving parts, the more things can go wrong”.

N2U · 2023-09-05T17:50:55.238Z

Fair point,

Although I think it’s worth mentioning that OpenAI is already passing the input, output, and generated title on ChatGPT through the moderation endpoint, so they do already know how to successfully put those cogs together.

sps · 2023-09-05T17:55:27.754Z

ChatGPT is an end-user product and that uses the moderation endpoint really well.

also,

sps:

Integrated approach will also hamper devs from bringing their own moderation system, which could be faster/better.

wclayf · 2023-09-05T18:08:19.406Z

Don’t you think cutting the number of requests per second in half is a good idea? lol. I do.

wclayf · 2023-09-05T18:10:16.924Z

When developing a tool for everyone, also the most commonly occurring usage patterns become particular relevant. If most of the time a call does moderation+completion, that’s a pretty good tip you need an endpoint that encapsulates exactly that.

N2U · 2023-09-05T18:10:46.749Z

I 100% agree with @sps

N2U:

To be clear, I’m not suggesting that any endpoints should be replaced. I’m suggesting adding a few new ones, such as gpt-3.5-turbo-mod for gpt-3.5-turbo, to make it easier for developers to comply with OpenAI’s policies.

But I fail to see the logic here

wclayf:

Don’t you think cutting the number of requests per second in half is a good idea? lol. I do.

Why would this cut the number of requests per second in half?

wclayf · 2023-09-05T18:16:54.462Z

“API Endpoints with Integrated Content Moderation” take one HTTP request. Without integration it’s two.

wclayf · 2023-09-05T18:19:45.787Z

You made a whole lot of assumptions I wasn’t implying. I’m just saying have a “moderate=true” flag, and if I set that the server can simply throw a bad request error, with the reason. It’s not mixing responsibilities. It’s good API design. If something takes 10 steps you don’t always tell the API consumers to make 10 HTTP requests. It’s an art not a science.

wclayf · 2023-09-05T18:28:16.515Z

HTTP APIs normally have all kinds of different “reasons” that any particular request can fail. I’m just saying “bad morality” is most certainly one of the reasons the “completions” should be able to fail. And from my 23yrs exp as a dev, I can tell you it’s about 3 lines of code to check this and throw an exception in OpenAI’s implementation. Aside from adding “dontDingMeBro” as an argument.