Bring Your Own Key (BYOK)
Connect your own provider API keys for provider-level control while keeping Cencori routing, security, and observability.
Bring Your Own Key (BYOK) allows you to use your existing API keys (OpenAI, Anthropic, Google, etc.) within Cencori. This gives you control over provider access while still using Cencori's observability, routing, and security.
Why Use BYOK?
[!TIP] BYOK is ideal if you need provider-specific capabilities (betas, custom limits, finetuned models) or direct provider billing controls.
Configuring BYOK
You can configure keys at the Project level via the dashboard.
Web Dashboard
- Navigate to your Project.
- Click Providers in the sidebar.
- Select a provider from the list (e.g., OpenAI).
- In the dialog:
- Enter your API Key (e.g.,
sk-...). - Select a Default Model (e.g.,
gpt-4o). - Toggle Set as project default if you want this provider to handle all unspecified requests.
- Enter your API Key (e.g.,
- Click Save.
Once enabled, the provider badge will show "Enabled", and all requests for that provider will be routed using your credentials.
Hybrid Usage
You can mix and match Managed Keys and BYOK:
- Use Managed Keys for fast onboarding and centralized ops.
- Use BYOK where your team needs provider-specific controls.
See Credits System and Billing & Usage for how usage charging is applied in your deployment.
Security
Your keys are encrypted at rest using AES-256 encryption. They are strictly used for making requests to the respective provider and are never logged or exposed via the API.

