What you’ll need
- An access key.
- An access key configuration.
- The provider IDs and model IDs you want to allow.
Allow specific providers
Use provider restrictions when an access key should only call certain providers.Allow specific models
Use model restrictions when an access key should only call certain models.Allow providers and models together
Combine provider and model restrictions when you want a key to stay within a small set of approved providers and models.How this works with fallback
Every model in a fallback request must be allowed.Common patterns
| Goal | Configuration |
|---|---|
| Allow only OpenAI | Allow provider openai |
| Allow only Claude Sonnet | Allow model anthropic/claude-sonnet-4-6 |
| Give a team access to two providers | Allow both provider IDs |
| Block expensive models | Allow only approved model IDs |
| Limit a custom provider | Allow the custom provider ID and model IDs |
Next steps
- Access key configurations: Full configuration flow
- Choose a model: Use model IDs in requests
- Configure fallback models: Use allowed fallback models