Enforcing Default Configs on API Keys

​

Overview

Portkey allows you to attach default configs to API keys, enabling you to enforce specific routing rules, security controls, and other governance measures across all API calls made with those keys. This feature provides a powerful way to implement organization-wide policies without requiring changes to individual application code.

​

How It Works

When you attach a default config to an API key:

1. All API calls made using that key will automatically apply the config settings
2. Users don’t need to specify config IDs in their code
3. Administrators can update governance controls by simply updating the config, without requiring code changes

This creates a clean separation between application development and governance controls.

​

Benefits of Default Configs

Attaching default configs to API keys provides several governance benefits:

• Centralized Control: Update policies for multiple applications by changing a single config
• Access Management: Control which models and providers users can access
• Cost Control: Implement budget limits and control spending across teams
• Reliability: Enforce fallbacks, retries, and timeout settings organization-wide
• Security: Apply guardrails and content moderation across all applications
• Consistent Settings: Ensure all applications use the same routing logic

​

Setting Up Default Configs

​

Prerequisites

Before attaching a config to an API key, you need to:

1. Create a config on Portkey app with your desired settings
2. Note the config ID that want to attach to your API keys

​

Attaching Configs via the UI

Navigate to API Keys in the sidebar, then:

• New Keys: Click Create and select your desired config from the Config dropdown
• Existing Keys: Click the edit icon on any key and update the config selection

​

Attaching Config via the API

You can also programmatically attach config when creating or updating API keys using the Portkey API.

​

Creating a New API Key with Default Config

from portkey_ai import Portkey

portkey = Portkey(api_key="YOUR_ADMIN_API_KEY")

api_key = portkey.api_keys.create(
    name="engineering-team",
    type="organisation",
    workspace_id="YOUR_WORKSPACE_ID",
    defaults={
        "config_id": "pc-your-config-id",
        "metadata": {
            "environment": "production",
            "department": "engineering"
        }
    },
    scopes=["logs.view", "configs.read"]
)

print(f"API Key created: {api_key.key}")

​

Updating an Existing API Key

For detailed information on API key management, refer to our API documentation:

​

Config Precedence

When using API keys with default configs, it’s important to understand how they work:

• The default config attached to the API key will be automatically applied to all requests made with that key
• If a user explicitly specifies a config ID in their request, that config will override the default config attached to the API key

This flexibility allows for centralized governance while still enabling exceptions when needed.

​

Use Cases

​

Enterprise AI Governance

For large organizations with multiple AI applications, attaching default configs to API keys enables centralized governance:

1. Create department-specific API keys with appropriate configs
2. Apply budget limits and define model usage per department
3. Track usage and spending per team by filtering logs by config_id
4. Update policies centrally without requiring code changes

​

Security and Compliance

Ensure all API interactions follow security protocols by enforcing:

• Specific models that have been approved for use
• Content moderation with input/output guardrails
• PII detection and redaction

​

Cost Management

Control AI spending by:

• Routing to cost-effective models by default
• Implementing caching for frequently used prompts
• Applying rate limits to prevent unexpected usage spikes

​

Support

For questions about configuring default settings for API keys or troubleshooting issues, contact Portkey support or reach out on Discord.