← Back to ProxyLLM

Bring Your Own Key (BYOK)

Paste your own OpenAI or Anthropic API key in the dashboard and ProxyLLM forwards your requests with YOUR key. Your provider bills you directly — we never see those tokens charged to us. BYOK is available on the Pro and Scale plans.

Why use BYOK

  • Zero markup. Without BYOK we proxy through OpenRouter, which adds a small markup over native provider prices. With BYOK we go direct — you pay what your provider charges, nothing more.
  • Any model. Managed mode is restricted to gpt-4o-minion every tier (Free, Pro, Scale) to bound our upstream cost exposure. BYOK bypasses the whitelist entirely — your key, your bill, any model your provider supports (gpt-4o, claude-haiku-4-5, claude-sonnet, claude-opus, etc.).
  • Same ProxyLLM features. Semantic cache, dashboard, cost attribution by feature tag, per-minute/day rate limits, alerts — all still work on BYOK traffic.

Setup

  1. Go to Settings → Bring Your Own Key.
  2. Paste your provider key. We dry-run a single “is this key valid?” call against the provider before saving — a typo'd key is rejected immediately.
  3. (Optional) Override the base URL if you're fronting your own self-hosted gateway (Azure OpenAI endpoint, AWS Bedrock proxy, etc.). The override must be an https:// URL.
  4. Done. Your next request gets forwarded to your provider with your key. The dashboard's status line shows “Configured — ••••abcd”— we never display the cleartext key after save.

Security model

  • Keys are encrypted at rest via AES-256-GCM (Node.js crypto). Master key lives in env (BYOK_ENCRYPTION_KEY), never in the database.
  • Each encryption draws a fresh 12-byte nonce. The GCM authentication tag detects any tampering — a modified ciphertext or wrong nonce throws on decrypt.
  • The cleartext key NEVER appears in any API response. The GET /v1/workspace/byok endpoint returns only {configured, last4, base_url} per provider.
  • Plaintext lives on the in-memory workspace object that auth middleware constructs per request — backed by a 30-second auth cache. Revoking or rotating a key in the dashboard takes effect immediately: the cache entry for that workspace is evicted on save/remove, so the next request reads fresh state.
  • Master-key rotation is a one-way break. Rotating BYOK_ENCRYPTION_KEY invalidates every stored BYOK key — customers would need to re-save. We don't do this lightly.

What ProxyLLM sees vs what we don't

We seeWe don't see
Request metadata (model, tokens, latency, cost)Your provider account balance
Cache hit/miss state (for cost-savings dashboard)Other applications on your provider key
Prompt + completion text (for semantic cache + log retention)Anything billed to your provider account outside ProxyLLM

Reverting to managed mode

Hit Removenext to the provider in Settings. The encrypted columns are cleared and your workspace immediately starts using ProxyLLM's shared upstream again — with the per-tier model whitelist back in effect.