> ## Documentation Index
> Fetch the complete documentation index at: https://docs.llmgrid.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Virtual Keys

> Create, manage, and govern API keys with fine-grained controls for access, limits, routing, and logging.

## Overview

**Virtual Keys** are used to authenticate and control programmatic access to LLMGrid APIs. Each key can be scoped to specific models, teams, limits, budgets, guardrails, routes, vector stores, and integrations.

This page supports both **key management** (listing, filtering, auditing) and **key creation** with advanced governance options.

***

## Virtual Keys List

The Virtual Keys table displays all keys within the selected tenant.

### Available Columns

* **Key ID** – Unique identifier for the key
* **Key Alias** – Human-readable name
* **Secret Key** – Partially masked secret (shown only at creation)
* **Team Alias / Team ID**
* **Organization ID**
* **User Email / User ID**
* **Created At / Created By**
* **Updated At**
* **Expires**
* **Spend (USD)**
* **Budget (USD)**
* **Budget Reset**
* **Models**
* **Rate Limits** (TPM / RPM)

Use **Filters** to narrow results and **Reset Filters** to clear them.

***

## Creating a New Key

Select **Create New Key** to open the key creation workflow.

***

## Key Ownership

### Owned By

Defines who owns the key:

* **You**
* **Service Account**
* **Another User**

### Team

Assigns the key to a team.\
Team-level constraints (budgets and limits) apply as upper bounds.

***

## Key Details

### Key Name

Required human-readable name used for identification and tracking.

### Models

Required list of models the key can access.

### Key Type

Defines the behavior of the key (default unless otherwise configured).

***

## Optional Settings

### Budget Controls

* **Max Budget (USD)**\
  Maximum spend allowed for the key.
* **Reset Budget**\
  Budget reset cycle (if enabled).

> Key budgets cannot exceed the team’s maximum budget.

***

### Rate Limits

* **Tokens per Minute (TPM)**
* **TPM Rate Limit Type**
* **Requests per Minute (RPM)**
* **RPM Rate Limit Type**

> Key-level limits cannot exceed team-level limits.

***

### Guardrails

* **Guardrails**\
  Attach one or more guardrails to enforce safety, policy, or validation rules.
* **Disable Global Guardrails**\
  Optionally bypass tenant-level guardrails for this key.

***

### Prompts

Restrict or pre-assign prompts available to this key.

***

### Routing & Access

* **Allowed Pass Through Routes**
* **Allowed Routes**
* **Allowed Vector Stores**
* **Allowed Vector Store Indexes**

These settings limit where requests from this key can be routed.

***

### MCP Settings

* **Allowed MCP Servers**\
  Restrict which MCP servers or access groups this key can interact with.

***

### Metadata & Tags

* **Metadata (JSON)**\
  Attach structured metadata for downstream processing.
* **Tags**\
  Used for tracking spend and tag-based routing.

***

## Logging Settings

### Disabled Callbacks

Disable specific callbacks so they do not receive logging data for this key.

### Logging Integrations

Configure external logging integrations for this key.

***

## Model Aliases

Create custom aliases for models to simplify API usage.

### Add Alias

* **Alias Name** (e.g., `gpt-4o`)
* **Target Model**

Aliases can be referenced directly in API calls.

***

## Key Lifecycle

### Expiry Settings

* **Expire Key**\
  Set an expiration duration (e.g., `30d`).

### Auto-Rotation

* **Enable Auto-Rotation**
* **Rotation Interval**\
  Required if auto-rotation is enabled (e.g., `30d`, `90d`).

***

## Advanced Settings

Advanced fields allow precise control and are typically used by platform administrators.

### Common Fields

* **Spend**
* **Soft Budget**
* **User ID**
* **Organization ID**
* **Tenant ID**
* **Max Parallel Requests**
* **Allowed Cache Controls**
* **Permissions** (comma-separated)
* **Object Permission**
* **Blocked**
* **Key**
* **Budget ID**
* **Enforced Params (JSON)**
* **Aliases (JSON)**
* **Send Invite Email**
* **Key Type**
* **Auto Rotate**
* **Rotation Interval**
* **Model Max Budget**
* **Model RPM Limit**
* **Model TPM Limit**
* **RPM Limit Type**
* **TPM Limit Type**

> All JSON fields must be valid JSON objects.

***

## Common Use Cases

* Secure API access for applications and services
* Enforce per-key spend and rate limits
* Restrict access to specific models or routes
* Apply guardrails and governance at key level
* Attribute usage and cost using tags
* Enable safe production access for agents and tools

***

## Best Practices

* Use one key per application or service
* Apply budgets and rate limits to prevent misuse
* Rotate keys regularly or enable auto-rotation
* Use tags consistently for cost tracking
* Restrict routes, models, and vector stores where possible
* Audit key usage regularly via **Usage** and **Logs**
