Skip to main content

Overview

BYOK endpoints

Available Operations

  • list - List BYOK provider credentials
  • create - Create a BYOK provider credential
  • delete - Delete a BYOK provider credential
  • get - Get a BYOK provider credential
  • update - Update a BYOK provider credential

list

List the bring-your-own-key (BYOK) provider credentials for the authenticated entity’s default workspace. Use the workspace_id query parameter to scope the result to a different workspace, or the provider query parameter to filter by upstream provider. Management key required.

Example Usage

Standalone function

The standalone function version of this method:

Parameters

ParameterTypeRequiredDescription
requestoperations.ListBYOKKeysRequest:heavy_check_mark:The request object to use for the request.
optionsRequestOptions:heavy_minus_sign:Used to set various options for making HTTP requests.
options.fetchOptionsRequestInit:heavy_minus_sign:Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All Request options, except method and body, are allowed.
options.retriesRetryConfig:heavy_minus_sign:Enables retrying HTTP requests under certain failure conditions.

Response

Promise<operations.ListBYOKKeysResponse>

Errors

Error TypeStatus CodeContent Type
errors.UnauthorizedResponseError401application/json
errors.InternalServerResponseError500application/json
errors.OpenRouterDefaultError4XX, 5XX*/*

create

Create a new bring-your-own-key (BYOK) provider credential. The raw key is encrypted at rest and never returned in API responses. Defaults to the authenticated entity’s default workspace; use the workspace_id body field to scope to a different workspace. Treat the raw key as write-only; it is never returned after creation. Management key required.

Example Usage

Standalone function

The standalone function version of this method:

Parameters

ParameterTypeRequiredDescription
requestoperations.CreateBYOKKeyRequest:heavy_check_mark:The request object to use for the request.
optionsRequestOptions:heavy_minus_sign:Used to set various options for making HTTP requests.
options.fetchOptionsRequestInit:heavy_minus_sign:Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All Request options, except method and body, are allowed.
options.retriesRetryConfig:heavy_minus_sign:Enables retrying HTTP requests under certain failure conditions.

Response

Promise<models.CreateBYOKKeyResponse>

Errors

Error TypeStatus CodeContent Type
errors.BadRequestResponseError400application/json
errors.UnauthorizedResponseError401application/json
errors.ForbiddenResponseError403application/json
errors.InternalServerResponseError500application/json
errors.OpenRouterDefaultError4XX, 5XX*/*

delete

Delete (soft-delete) a bring-your-own-key (BYOK) provider credential by its id. The encrypted key material is wiped and the record is marked as deleted. Management key required.

Example Usage

Standalone function

The standalone function version of this method:

Parameters

ParameterTypeRequiredDescription
requestoperations.DeleteBYOKKeyRequest:heavy_check_mark:The request object to use for the request.
optionsRequestOptions:heavy_minus_sign:Used to set various options for making HTTP requests.
options.fetchOptionsRequestInit:heavy_minus_sign:Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All Request options, except method and body, are allowed.
options.retriesRetryConfig:heavy_minus_sign:Enables retrying HTTP requests under certain failure conditions.

Response

Promise<models.DeleteBYOKKeyResponse>

Errors

Error TypeStatus CodeContent Type
errors.UnauthorizedResponseError401application/json
errors.NotFoundResponseError404application/json
errors.InternalServerResponseError500application/json
errors.OpenRouterDefaultError4XX, 5XX*/*

get

Get a single bring-your-own-key (BYOK) provider credential by its id. Management key required.

Example Usage

Standalone function

The standalone function version of this method:

Parameters

ParameterTypeRequiredDescription
requestoperations.GetBYOKKeyRequest:heavy_check_mark:The request object to use for the request.
optionsRequestOptions:heavy_minus_sign:Used to set various options for making HTTP requests.
options.fetchOptionsRequestInit:heavy_minus_sign:Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All Request options, except method and body, are allowed.
options.retriesRetryConfig:heavy_minus_sign:Enables retrying HTTP requests under certain failure conditions.

Response

Promise<models.GetBYOKKeyResponse>

Errors

Error TypeStatus CodeContent Type
errors.UnauthorizedResponseError401application/json
errors.NotFoundResponseError404application/json
errors.InternalServerResponseError500application/json
errors.OpenRouterDefaultError4XX, 5XX*/*

update

Update an existing bring-your-own-key (BYOK) provider credential by its id. Include the key field to rotate the raw provider API key in-place (the previous key material is overwritten). Management key required.

Example Usage

Standalone function

The standalone function version of this method:

Parameters

ParameterTypeRequiredDescription
requestoperations.UpdateBYOKKeyRequest:heavy_check_mark:The request object to use for the request.
optionsRequestOptions:heavy_minus_sign:Used to set various options for making HTTP requests.
options.fetchOptionsRequestInit:heavy_minus_sign:Options that are passed to the underlying HTTP request. This can be used to inject extra headers for examples. All Request options, except method and body, are allowed.
options.retriesRetryConfig:heavy_minus_sign:Enables retrying HTTP requests under certain failure conditions.

Response

Promise<models.UpdateBYOKKeyResponse>

Errors

Error TypeStatus CodeContent Type
errors.BadRequestResponseError400application/json
errors.UnauthorizedResponseError401application/json
errors.NotFoundResponseError404application/json
errors.InternalServerResponseError500application/json
errors.OpenRouterDefaultError4XX, 5XX*/*