What is the recommended way to pass user API key to another service?


I want to enable users to enter their own API key (e.g. OpenAI) so that they can submit requests that they will pay for.


  1. Allow entry of API key.
  2. Pass to python function which decrypts it and sends it as a parameter in a call to the API service.


What is the recommended way to do this?

1 Like

Looks like this app did it using a one way hash + encrypted session state storage. See the FAQ “How does GPT Lab ensure the security of my information?”. The details are not provided.

1 Like

Unless you need to store them in your data store, just use session state variables.