BYOK (bring your own key)

BYOK is the SaaS pattern where the user supplies their own API key (OpenAI, Anthropic, Google) instead of the SaaS providing inference — common in dev tools (Cursor, Cline, Continue.dev) and chat platforms (Janitor AI, Poe Pro).

Two billing models for AI tools: bundled (the SaaS pays the inference provider, charges users a subscription that includes usage) or BYOK (the user supplies their own API key, the SaaS only charges for the app / UI). BYOK is popular for: low-margin dev tools (Cline, Continue.dev), enterprise (compliance / data residency requires customer-owned inference), and power users (avoid markup). Trade-offs: BYOK is cheaper for high-volume users but transfers key management to them; bundled is simpler for casual users but expensive at scale. Many SaaS now offer both: bundled default + BYOK option in settings. Security gotcha: BYOK requires careful client-side key handling; never store in cleartext, never log in traces.

When to use byok (bring your own key)

• Power-user / enterprise tiers.
• Compliance / data-residency-sensitive deployments.

Common mistakes

• Logging the API key in trace data — sensitive credential leakage.
• Forcing BYOK on casual users — friction kills onboarding.

FAQ

Related terms

• Bring-your-own-LLM (BYO-LLM) — Bring-your-own-LLM (BYO-LLM) is the developer pattern where a tool or product lets users configure their own model and API key — instead of locking them into the product's bundled LLM.
• Self-hosted LLM — A self-hosted LLM runs entirely on infrastructure you control — your GPUs, your servers, your data residency — versus calling a cloud API.

Last updated: 2026-06-01. Raw markdown: https://promtable.com/glossary/byok.md.