BYOK

Bring Your Own Key (BYOK) allows you to use your own API keys for AI providers, giving you direct control over costs and configuration.

Endpoints

Method	Endpoint	Description
GET	`/byok`	Get BYOK configurations
POST	`/byok`	Add BYOK configuration
DELETE	`/byok`	Delete BYOK configuration
GET	`/byok/config`	Get provider configurations

Supported Providers

Provider	Category	Description
`deepgram`	STT	Speech-to-Text (transcription)
`openai`	LLM	Large Language Model (GPT)
`elevenlabs`	TTS	Text-to-Speech
`xai`	Realtime Voice	xAI Realtime Voice API
`resend`	Email	Email notifications

INFO

All API keys are securely encrypted and stored. Only encrypted references are stored in the database.

Get BYOK Configurations

Retrieve all configured BYOK providers and their configurations for your organization.

GET /byok

Request

Response

{
  "byok_keys": {
    "deepgram_secret_id": "secret-ref-1",
    "openai_secret_id": "secret-ref-2",
    "elevenlabs_secret_id": null,
    "xai_secret_id": null,
    "resend_secret_id": null
  }
}

Response Fields:

byok_keys - Object containing encrypted references for each provider

A non-null value indicates the provider has an API key configured

Null values mean no key is configured for that provider

WARNING

The actual API keys are never returned in API responses. This ensures your keys remain secure.

Add BYOK Configuration

Add or update a BYOK API key. The key is securely encrypted and stored.

POST /byok

Request Body

Field	Type	Required	Description
`provider`	string	Yes	Provider ID: `deepgram`, `openai`, `elevenlabs`, `xai`, or `resend`
`api_key`	string	Yes	API key for the provider

Example Request

Response

{
  "success": true,
  "byok_keys": {
    "deepgram_secret_id": "secret-ref-1",
    "openai_secret_id": "secret-ref-new",
    "elevenlabs_secret_id": null,
    "xai_secret_id": null,
    "resend_secret_id": null
  }
}

INFO

If a key already exists for the provider, it will be replaced. The old key is automatically deleted from secure storage.

Delete BYOK Configuration

Remove a BYOK configuration and permanently delete the encrypted key.

DELETE /byok

Request Body

Field	Type	Required	Description
`provider`	string	Yes	Provider to remove

Example Request

Response

{
  "success": true,
  "byok_keys": {
    "deepgram_secret_id": "secret-ref-1",
    "openai_secret_id": null,
    "elevenlabs_secret_id": null,
    "xai_secret_id": null,
    "resend_secret_id": null
  }
}

Get Provider Configurations

Retrieve metadata about available BYOK providers and their supported models.

GET /byok/config

Request

Response

{
  "providers": [
    {
      "id": "deepgram",
      "name": "Deepgram",
      "category": "stt",
      "docs_url": "https://developers.deepgram.com/",
      "models": [
        { 
          "id": "nova-3-general", 
          "name": "Nova 3 General", 
          "default": true 
        }
      ]
    },
    {
      "id": "openai",
      "name": "OpenAI",
      "category": "llm",
      "docs_url": "https://platform.openai.com/docs",
      "models": [
        { 
          "id": "gpt-4o-mini", 
          "name": "GPT-4o Mini", 
          "default": true 
        },
        { 
          "id": "gpt-4o", 
          "name": "GPT-4o", 
          "default": false 
        }
      ]
    },
    {
      "id": "elevenlabs",
      "name": "ElevenLabs",
      "category": "tts",
      "docs_url": "https://elevenlabs.io/docs",
      "models": [
        { 
          "id": "eleven_flash_v2_5", 
          "name": "Flash v2.5", 
          "default": true 
        }
      ]
    },
    {
      "id": "xai",
      "name": "xAI",
      "category": "realtime",
      "docs_url": "https://docs.x.ai/docs",
      "models": [
        {
          "id": "grok-beta-realtime",
          "name": "Grok Beta Realtime",
          "default": true
        }
      ],
      "voices": [
        { "id": "alloy", "name": "Alloy" },
        { "id": "echo", "name": "Echo" },
        { "id": "shimmer", "name": "Shimmer" }
      ]
    },
    {
      "id": "resend",
      "name": "Resend",
      "category": "email",
      "docs_url": "https://resend.com/docs",
      "models": []
    }
  ]
}

Response Fields:

providers - Array of available BYOK providers

id - Provider identifier used in API calls

category - Provider category (stt, llm, tts, realtime, email)

docs_url - Link to provider's official documentation

models - Available models for the provider (if applicable)

voices - Available voices (only for xAI Realtime)

Usage with Agents

Once you configure a BYOK key, you can reference it in agent configurations:

{
  "name": "My Agent",
  "llm_config": {
    "provider": "openai",
    "model": "gpt-4o"
  },
  "tts_config": {
    "provider": "elevenlabs",
    "model": "eleven_flash_v2_5"
  }
}

The system automatically uses your BYOK keys when:

A provider is configured in BYOK

An agent specifies that provider

TIP

This allows you to:

Control costs directly with your provider

Use custom models or voices

Track usage in your provider dashboard

Comply with data residency requirements

Security Notes

API keys are encrypted at rest and in transit

Keys are stored in secure, isolated storage

Only encrypted references are stored in the database

Deleting a BYOK config permanently removes the key

Each organization's keys are isolated and cannot be accessed by others

Agents API - Configure agents to use BYOK providers

Calls API - Start calls with BYOK-enabled agents

Usage API - Track usage across BYOK and standard providers

Endpoints#

Supported Providers#

Get BYOK Configurations#

Request#

Response#

Add BYOK Configuration#

Request Body#

Example Request#

Response#

Delete BYOK Configuration#

Request Body#

Example Request#

Response#

Get Provider Configurations#

Request#

Response#

Usage with Agents#

Security Notes#

Related Endpoints#

Endpoints

Supported Providers

Get BYOK Configurations

Request

Response

Add BYOK Configuration

Request Body

Example Request

Response

Delete BYOK Configuration

Request Body

Example Request

Response

Get Provider Configurations

Request

Response

Usage with Agents

Security Notes

Related Endpoints