Vault: Simplifying Provider API Key Management

Discover how Vault, our latest feature, redefines the way businesses store and distribute provider API keys.

The Vault Advantage

In an evolving business landscape, managing multiple API keys can become a cumbersome process. Vault, Helicone's solution to this challenge, seamlessly integrates provider API keys like OpenAI and provides an efficient way to create and manage Helicone proxy keys.

Why Vault Matters for Your Business

Simplified Key Management: Just send one key to Helicone, eliminating the hassle of handling multiple keys.
Enhanced Security: Distribute Helicone keys and ensure all user interactions are through our proxy.
Prevent Bypass: Avoid direct distribution of provider API keys, ensuring users benefit from Helicone's logging and monitoring.

Real-world Use Cases

Beyond the evident advantages of the Vault, its real-world applicability is vast. Here are some scenarios where Vault can be a game-changer:

Departmental Monitoring: SaaS companies can assign unique proxy keys to different departments, allowing for separate monitoring and management of costs.
Hackathons and Temporary Access: Organize events and grant participants temporary, secure access without exposing your primary API keys. Post-event, simply revoke the temporary keys.
Client-based Monitoring: Agencies can provide unique proxy keys to each client, ensuring distinct monitoring and billing for API usage.

Simplified Key Management and Revocation

The Vault is also about convenience. Before Vault, the process looked like this:

curl --request POST \
  --url https://oai.hconeai.com/v1/chat/completions \
  --header 'Authorization: Bearer {OPENAI_KEY}' \
  --header 'Content-Type: application/json' \
  --header 'Helicone-Auth: Bearer {HELICONE_API_KEY}' \
  --data '{
      "model": "gpt-3.5-turbo",
      "messages": [
          {"role": "user", "content": "Hello!"}
      ],
      "temperature": 1,
      "max_tokens": 10
  }'

With Vault, the process is streamlined:

curl --request POST \
  --url https://oai.hconeai.com/v1/chat/completions \
  --header 'Authorization: Bearer {HELICONE_PROXY_KEY}' \
  --header 'Content-Type: application/json' \
  --data '{
      "model": "gpt-3.5-turbo",
      "messages": [
          {"role": "user", "content": "Hello!"}
      ],
      "temperature": 1,
      "max_tokens": 10
  }'

Unparalleled Security with Vault

Helicone takes security seriously. For provider keys, we use advanced AEAD encryption with transparent column-level encryption, ensuring these keys are safe even from database dumps. As for proxy keys, we employ a one-way hash, meaning once generated, they cannot be reverse-engineered.

Future Roadmap

As we continue to refine and expand Vault, here's a glimpse into the future additions we're excited about:

Cost Rate Limits: Set expenditure caps based on proxy key IDs to manage and control costs.
Request Rate Limits: Control the frequency of requests on a per proxy key ID basis, preventing any misuse or overuse.

Moving Forward with Vault

As businesses grow and adapt, so do their needs. Helicone is committed to innovating and providing solutions like Vault to meet these demands. We believe in simplifying processes while maximizing security and efficiency. With Vault, we're one step closer to that vision. We're excited to see how Vault empowers your business and are always here to support your journey.