Bring Your
Own Keys
Use your own API keys from every provider. You pay them directly — we don't mark up token costs. Your negotiated rates and rate limits stay exactly as they are.
How It Works
Three steps. Your keys, your accounts, your rates.
Add Your API Keys
Paste your API keys from any provider into the Costbase dashboard. Takes about 30 seconds per provider.
Keys Get Encrypted
Your keys are encrypted with AES-256-GCM the moment you submit them. They never appear in plaintext again.
Requests Use Your Keys
Costbase routes requests using your keys. The provider bills your account directly — we never touch the money.
Why BYOK?
You already have relationships with your providers. We don't get in the way of that.
Zero Markup
You pay the exact same price as going direct to the provider. We don't add a cent to your token costs.
Your Rate Limits
Enterprise rate limits carry over. We use your keys, not ours — so your limits are your limits.
Your Discounts
Negotiated volume pricing? It still applies. Your deal with the provider doesn't change.
Full Control
Rotate, revoke, or update keys anytime from the dashboard. No tickets, no waiting.
Supported Providers
Bring keys from any of these providers. Add them once and you're good to go.
Your Keys Are Safe
We treat your API keys like passwords. Here's what that means in practice.
AES-256-GCM Encryption
Every key is encrypted with AES-256-GCM — the same standard banks use. Nobody at Costbase can read your keys.
Never Visible Again
After you enter a key, it's masked. You can't view it again, and neither can we. You can only replace it.
Encrypted at Rest & in Transit
Keys are encrypted when stored and encrypted when transmitted. There's no moment where they sit in plaintext.
Never Logged
API keys never show up in logs, error messages, or debug output. They exist only in encrypted storage.
Start Using Your Own Keys
Add your API keys, keep your rates, and let Costbase handle the rest.