onekey 0.1.0

Unified API key platform SDK with category-based integrations

Onekey

Unified API Key Management for Developers
Securely store, manage, rotate, and call multiple AI/LLM API keys (OpenAI, Anthropic, Groq, Gemini, and more) from one place — with zero plaintext leaks and unified interface.

The Problem Developers Face Every Day

Juggling 10–50+ API keys across providers is painful:

• Scattered .env files everywhere → easy to commit by mistake to Git
• Plaintext keys on disk → security nightmare
• Different API signatures → constant code changes when switching providers
• No visibility into usage → surprise bills, no idea which key is burning tokens
• Hard to rotate or expire keys → manual, error-prone process

Onekey solves all of this — one secure vault, one unified interface, beautiful CLI + web dashboard, zero vendor lock-in.

Key Features

• AES-256 client-side encryption — keys never touch the server in plaintext
• Deployment - Render
• Single platform key — one unified key per user across all providers
• Category proxy route — call providers by category (/proxy/sdk/<category>/<provider>/<slug>)
• CLI power tool (Onekey): add, list, delete, call, usage — with Rich beautiful tables, sparklines & panels
• Automatic provider detection (e.g. sk- → OpenAI)
• Built-in usage tracking — tokens used, latency, status codes, errors — per key/provider
• Flexible auth — JWT (username/password) + OAuth (GitHub / GitLab)
• Normalized responses — consistent output across OpenAI, Groq, Anthropic, Gemini ...
• CLI for fast development — install via pipx install Onekey-cli, works everywhere (macOS/Linux/Windows)

Architecture

Onekey/
├── backend/          # FastAPI server (auth, vault, proxy, usage)
├── frontend/         # frontend on valinna js , HTML and css
├── onekey_sdk/       # Category-based Python SDK package
├── Dockerfile        # Easy containerization
└── ... (pyproject.toml, requirements.txt, etc.)

• Database: **NeonDB — PostgreSQL support planned
• Encryption: AES-256 at rest (client-side)
• Auth: Argon2 password hashing + JWT (short-lived)
• Proxy: Normalizes requests/responses + retries + logging

Quick Start

1. CLI (recommended for daily use)

pipx install Onekey-cli    # install the pypy package

Onekey login               # OAuth or username/password
Onekey add-key             # Add your OpenAI / Groq / etc. key
Onekey ls                  # Beautiful table of all keys
Onekey call <unified_key>   # Test call using unified key
Onekey usage               # Usage overview with sparklines

2. Python SDK (category-based)

from onekey_sdk import OnekeyClient
from onekey_sdk.llm import LLMClient

base_url = "https://onekey-ciwz.onrender.com"
platform_key = "okp-<your-platform-key>"

client = OnekeyClient(base_url=base_url, platform_api_key=platform_key)
llm = LLMClient(client)

result = llm.chat(
	provider="groq",
	key_slug="my-groq-key",
	model="llama-3.3-70b-versatile",
	messages=[{"role": "user", "content": "Hello from Onekey SDK"}],
)

print(result)

Get your platform key after login from GET /keys/platform-key.

3. Full stack (fastAPI backend + interactive Vanilla JS frontend)

• hosted link : https://Onekey.onrender.com/

Default: backend on http://localhost:8000, frontend proxies to it.

Security Highlights

• Keys encrypted client-side before ever hitting the database
• No plaintext in logs, memory, or disk
• Short-lived JWTs + secure OAuth flows
• Strict input validation (Pydantic)
• Security headers & CORS in FastAPI
• Designed with zero-trust principles

Who Is This For?

• ML/AI engineers juggling multiple LLM providers
• Indie hackers & solo devs tired of .env chaos
• Anyone who wants usage visibility in a easy way
• One who wants to store their API keys at a single place

License

MIT License — free to use, modify, distribute.

---

Built with ❤️ by Anik Chand and Abhiraj Adhikary Onekey — because your keys deserve better than a .env file.