# Provisioning Keys ### Provisioning Keys **Overview** * **Not for LLM Requests**: Provisioning Keys cannot be used to call model endpoints or route completions. * **Org-Level Admin Only**: Only **Organization Owners** can generate and manage Provisioning Keys. * **Service Key Management**: These keys provide full lifecycle control over Service Account Keys — including scoped permissions, rate limits, expiration, and metadata. ### Use Cases Provisioning Keys are ideal for: * Automating API key management * Managing non-user-bound access (e.g., for CI/CD pipelines) * Setting granular controls on model usage, budgets, and project tagging ### API Endpoints #### Create a Service Account Key ```bash curl 'https://api.fastrouter.ai/prod/createServiceKey' \ -H 'accept: application/json' \ -H 'accept-language: en-US,en;q=0.9' \ -H 'authorization: Bearer PROVISIONING-KEY' \ --data-raw '{ "org_id": "ORG-ID", "api_key_name": "SERVICE-KEY-NAME", "credit_limit": null, "reset_budget_interval": null, "expire_key": null, "models": null, "tpm_limit": null, "rpm_limit": null, "meta_data": null, "tags": null }' ``` The response includes the secret Service Account Key and its one-way hash, which you'll need for future updates or deletion. **Note:** The following fields in the `createServiceKey` payload are **optional**: * `credit_limit` * `reset_budget_interval` * `expire_key` * `models` * `tpm_limit` * `rpm_limit` * `meta_data` * `tags` These can be omitted entirely or set to `null` depending on your provisioning use case. Only `org_id` and `api_key_name` are required. #### Update a Service Account Key ```bash curl 'https://api.fastrouter.ai/prod/updateServiceKey' \ -H 'accept: application/json' \ -H 'accept-language: en-US,en;q=0.9' \ -H 'authorization: Bearer PROVISIONING-KEY' \ --data-raw '{ "org_id": "ORG-ID", "api_key_id_hash": "SERVICE-KEY-HASH", "api_key_name": "SERVICE-KEY-NAME", "credit_limit": 150, "reset_budget_interval": "daily", "expire_key": "2025-03-28 18:30:00.000", "models": [ "GROQ/deepseek-r1-distill-llama-70b", "GROQ/llama-3.1-8b-instant" ], "tpm_limit": 10000, "rpm_limit": 10, "metadata": { "version": "v1", "source": "system", "data": { "user_id": "user_id", "name": "raw_key", "email": "hashed_key", "api_key_alias": "alias1" } }, "tags": ["tag1", "tag2"] }' ``` #### List Service Account Keys ```bash curl 'https://api.fastrouter.ai/prod/getServiceKeys' \ -H 'accept: application/json' \ -H 'accept-language: en-US,en;q=0.9' \ -H 'authorization: Bearer PROVISIONING-KEY' \ --data-raw '{"org_id": "ORG-ID"}' ``` #### Delete a Service Account Key ```bash curl 'https://api.fastrouter.ai/prod/deleteServiceKey' \ -H 'accept: application/json' \ -H 'accept-language: en-US,en;q=0.9' \ -H 'authorization: Bearer PROVISIONING-KEY' \ --data-raw '{ "org_id": "ORG-ID", "api_key_id_hash": "SERVICE-KEY-HASH" }' ``` ### Notes * Ensure your `PROVISIONING-KEY` is stored securely. It has high privileges. * For `metadata`, you can store custom info like `user_id`, `team_name`, or `deployment`. * `tags` help in grouping and filtering keys by project or environment. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.fastrouter.ai/provisioning-keys.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.