Create an API key
NexoAI API credentials are named virtual keys. A key draws from your prepaid wallet and can have its own traffic and spending limits, which makes it useful for separating a laptop, CI job, application, or team project.
Une clé par workload
- Open the NexoAI dashboard.
- Go to Keys and choose Create key.
- Enter a name that identifies the owner and purpose, such as
samira-local-codexorcheckout-staging. - Optionally set requests-per-minute (RPM), tokens-per-minute (TPM), and total budget caps.
- Create the key and copy its
sk-…value into your password manager or secret store.
There is no token-group step. The key itself is the manageable unit in NexoAI.
Pick useful caps
| Control | What it limits | Good starting principle |
|---|---|---|
| RPM | Requests accepted in one minute | Match the workload's expected concurrency, with modest burst room. |
| TPM | Input and output tokens processed in one minute | Size for the longest expected context and parallel requests. |
| Budget | Total USD spend allowed through the key | Set the maximum loss you can tolerate if the key is misused. |
Key caps do not add funds and do not reserve part of the wallet. Multiple keys can spend from the same wallet, while each remains constrained by its own configured limits.
Hard means hard
When a key reaches its budget cap, requests through that key stop. Raising the cap is an explicit dashboard action; it is not an automatic overage.
Store it safely
For local development, keep the key in an environment variable or an ignored .env file. For deployed workloads, use the platform's secret manager. The examples use sk-your-key deliberately—replace it at runtime, not in committed source.
text
.env
.env.*
!.env.exampleIf a key appears in a commit, terminal recording, or shared log, revoke it in the dashboard and create a replacement. Editing the leaked text out of the latest commit is not enough because older history may retain it.
