What BYOK is and why it's workspace-scoped

Per-workspace API keys for Anthropic / OpenAI / Google, how they're shared across members, and why the user-scoped alternative doesn't exist.

Updated 2026-04-13

BYOK (Bring Your Own Key) means PromptAssay doesn't resell LLM tokens. Every call to Anthropic / OpenAI / Google goes out on a key you own and spend flows to your provider account. We don't mediate traffic, we don't see spend, and we don't meter usage for billing.

Why workspace-scoped

Keys belong to the workspace, not the user. A key added to your team workspace is used by every member of that team when they call an LLM. This is by design — billing and spend are workspace concerns, not personal ones. If two teams share a user, they get two independent sets of keys, because the same user is the caller in two different workspace contexts.

No user-scoped BYOK

There is no 'my personal API keys' surface in Account settings. Real provider keys always live in Workspace settings → Provider Keys, even for a single-user personal workspace.

Encryption

Keys are encrypted at rest using industry-standard envelope encryption. Decryption happens only at call time, only in server memory, and only for the single outbound request to the provider. Keys are never written to logs, never returned via the UI after save, and never exposed to client-side code.

Tier requirement

Every tier requires BYOK. There is no 'platform-provided' tier. Free tier still needs a BYOK key to use the playground, AI assistant, evaluation judge, or public API.