> ## Documentation Index
> Fetch the complete documentation index at: https://docs.portkey.ai/docs/llms.txt
> Use this file to discover all available pages before exploring further.
# Goose
> Add usage tracking, cost controls, and security guardrails to your Goose AI agent
Goose is a local, extensible, open source AI agent that automates engineering tasks. While Goose delivers powerful autonomous coding capabilities, Portkey adds essential enterprise controls for production deployments:
* **Unified AI Gateway** - Single interface for 1600+ LLMs with API key management. (not just OpenAI & Anthropic)
* **Centralized AI observability**: Real-time usage tracking for 40+ key metrics and logs for every request
* **Governance** - Real-time spend tracking, set budget limits and RBAC in your Goose setup
* **Security Guardrails** - PII detection, content filtering, and compliance controls
This guide will walk you through integrating Portkey with Goose and setting up essential enterprise features including usage tracking, access controls, and budget management.
If you are an enterprise looking to use Goose in your organisation, [check out this section](#3-set-up-enterprise-governance-for-goose).
# 1. Setting up Portkey
Portkey allows you to use 1600+ LLMs with your Goose setup, with minimal configuration required. Let's set up the core components in Portkey that you'll need for integration.
Virtual Keys are Portkey's secure way to manage your LLM provider API keys. Think of them like disposable credit cards for your LLM API keys, providing essential controls like:
* Budget limits for API usage
* Rate limiting capabilities
* Secure API key storage
To create a virtual key:
Go to [Virtual Keys](https://app.portkey.ai/virtual-keys) in the Portkey App. Save and copy the virtual key ID
Save your virtual key ID - you'll need it for the next step.
Configs in Portkey are JSON objects that define how your requests are routed. They help with implementing features like advanced routing, fallbacks, and retries.
We need to create a default config to route our requests to the virtual key created in Step 1.
To create your config:
1. Go to [Configs](https://app.portkey.ai/configs) in Portkey dashboard
2. Create new config with:
```json theme={"system"}
{
"virtual_key": "YOUR_VIRTUAL_KEY_FROM_STEP1",
"override_params": {
"model": "gpt-4o" // Your preferred model name
}
}
```
3. Save and note the Config name for the next step
This basic config connects to your virtual key. You can add more advanced portkey features later.
Now create Portkey API key access point and attach the config you created in Step 2:
1. Go to [API Keys](https://app.portkey.ai/api-keys) in Portkey and Create new API key
2. Select your config from `Step 2`
3. Generate and save your API key
Save your API key securely - you'll need it for Goose integration.
# 2. Integrate Portkey with Goose
Now that you have your Portkey components set up, let's connect them to Goose. Since Portkey provides OpenAI API compatibility, integration is straightforward and requires just a few configuration steps in your Goose setup.
You need your Portkey API Key from [Step 1](#Getting-started-with-portkey) before going further.
Open Goose either through:
* The desktop application
* The CLI by running `goose` in your terminal
1. Navigate to Goose's LLM provider settings
2. Select **OpenAI** as your provider
In the OpenAI provider settings, configure:
* **Base URL**: `https://api.portkey.ai/v1`
* **API Key**: Your Portkey API key from the setup
That's it! Goose will now route all LLM requests through Portkey.
You can monitor your requests and usage in the [Portkey Dashboard](https://app.portkey.ai/dashboard).
Make sure your virtual key has sufficient budget and rate limits for your expected usage. Also use the complete model name given by the provider.
# 3. Set Up Enterprise Governance for Goose
**Why Enterprise Governance?**
If you are using Goose inside your orgnaization, you need to consider several governance aspects:
* **Cost Management**: Controlling and tracking AI spending across engineering teams
* **Access Control**: Managing which teams can use specific models
* **Usage Analytics**: Understanding how AI agents are being used across the organization
* **Security & Compliance**: Maintaining enterprise security standards
* **Reliability**: Ensuring consistent service across all developers
Portkey adds a comprehensive governance layer to address these enterprise needs. Let's implement these controls step by step.
**Enterprise Implementation Guide**
### Step 1: Implement Budget Controls & Rate Limits
Virtual Keys enable granular control over LLM access at the team/department level. This helps you:
* Set up [budget limits](/product/ai-gateway/virtual-keys/budget-limits)
* Prevent unexpected usage spikes using Rate limits
* Track departmental spending
#### Setting Up Department-Specific Controls:
1. Navigate to [Virtual Keys](https://app.portkey.ai/virtual-keys) in Portkey dashboard
2. Create new Virtual Key for each engineering team with budget limits and rate limits
3. Configure department-specific limits
### Step 2: Define Model Access Rules
As your AI usage scales, controlling which teams can access specific models becomes crucial. Portkey Configs provide this control layer with features like:
#### Access Control Features:
* **Model Restrictions**: Limit access to specific models
* **Data Protection**: Implement guardrails for sensitive code and data
* **Reliability Controls**: Add fallbacks and retry logic
#### Example Configuration:
Here's a basic configuration to route requests to OpenAI, specifically using GPT-4o:
```json theme={"system"}
{
"strategy": {
"mode": "single"
},
"targets": [
{
"virtual_key": "YOUR_OPENAI_VIRTUAL_KEY",
"override_params": {
"model": "gpt-4o"
}
}
]
}
```
Create your config on the [Configs page](https://app.portkey.ai/configs) in your Portkey dashboard. You'll need the config ID for connecting to Goose's setup.
Configs can be updated anytime to adjust controls without affecting running applications.
### Step 3: Implement Access Controls
Create User-specific API keys that automatically:
* Track usage per developer/team with the help of virtual keys
* Apply appropriate configs to route requests
* Collect relevant metadata to filter logs
* Enforce access permissions
Create API keys through:
* [Portkey App](https://app.portkey.ai/)
* [API Key Management API](/api-reference/admin-api/control-plane/api-keys/create-api-key)
Example using Python SDK:
```python theme={"system"}
from portkey_ai import Portkey
portkey = Portkey(api_key="YOUR_ADMIN_API_KEY")
api_key = portkey.api_keys.create(
name="frontend-engineering",
type="organisation",
workspace_id="YOUR_WORKSPACE_ID",
defaults={
"config_id": "your-config-id",
"metadata": {
"environment": "development",
"department": "engineering",
"team": "frontend"
}
},
scopes=["logs.view", "configs.read"]
)
```
For detailed key management instructions, see our [API Keys documentation](/api-reference/admin-api/control-plane/api-keys/create-api-key).
### Step 4: Deploy & Monitor
After distributing API keys to your engineering teams, your enterprise-ready Goose setup is ready to go. Each developer can now use their designated API keys with appropriate access levels and budget controls.
Apply your governance setup using the integration steps from earlier sections
Monitor usage in Portkey dashboard:
* Cost tracking by engineering team
* Model usage patterns for AI agent tasks
* Request volumes
* Error rates and debugging logs
### Enterprise Features Now Available
**Goose now has:**
* Team-level budget controls
* Model access governance
* Usage tracking & attribution
* Security guardrails for code generation
* Reliability features for uninterrupted development
# Portkey Features
Now that you have enterprise-grade Goose setup, let's explore the comprehensive features Portkey provides to ensure secure, efficient, and cost-effective AI agent operations.
### 1. Comprehensive Metrics
Using Portkey you can track 40+ key metrics including cost, token usage, response time, and performance across all your LLM providers in real time. You can also filter these metrics based on custom metadata that you can set in your configs. Learn more about metadata here.
### 2. Advanced Logs
Portkey's logging dashboard provides detailed logs for every request made by Goose. These logs include:
* Complete request and response tracking for debugging
* Metadata tags for filtering by team or project
* Cost attribution per task
* Complete conversation history with the AI agent
### 3. Unified Access to 1600+ LLMs
You can easily switch between 1600+ LLMs. Call various LLMs such as Anthropic, Gemini, Mistral, Azure OpenAI, Google Vertex AI, AWS Bedrock, and many more by simply changing the `virtual key` in your default `config` object.
### 4. Advanced Metadata Tracking
Using Portkey, you can add custom metadata to your LLM requests for detailed tracking and analytics. Use metadata tags to filter logs, track usage, and attribute costs across engineering teams and projects.
### 5. Enterprise Access Management
Set and manage spending limits across teams and departments. Control costs with granular budget limits and usage tracking.
Enterprise-grade SSO integration with support for SAML 2.0, Okta, Azure AD, and custom providers for secure authentication.
Hierarchical organization structure with workspaces, teams, and role-based access control for enterprise-scale deployments.
Comprehensive access control rules and detailed audit logging for security compliance and usage tracking.
### 6. Reliability Features
Automatically switch to backup targets if the primary target fails.
Route requests to different targets based on specified conditions.
Distribute requests across multiple targets based on defined weights.
Enable caching of responses to improve performance and reduce costs.
Automatic retry handling with exponential backoff for failed requests
Set and manage budget limits across teams and departments. Control costs with granular budget limits and usage tracking.
### 7. Advanced Guardrails
Protect your codebase and enhance reliability with real-time checks on LLM inputs and outputs. Leverage guardrails to:
* Prevent sensitive code or API key leaks
* Enforce compliance with coding standards
* PII detection and masking in generated code
* Content filtering for inappropriate code generation
* Custom security rules for your organization
* Compliance checks for internal coding policies
Implement real-time protection for your AI agent interactions with automatic detection and filtering of sensitive content, PII, and custom security rules. Enable comprehensive data protection while maintaining compliance with organizational policies.
# FAQs
You can update your Virtual Key limits at any time from the Portkey dashboard:
1. Go to Virtual Keys section
2. Click on the Virtual Key you want to modify
3. Update the budget or rate limits
4. Save your changes
Yes! You can create multiple Virtual Keys (one for each provider) and attach them to a single config. This config can then be connected to your API key, allowing you to use multiple providers through a single API key. This enables Goose to leverage different models for different tasks.
Portkey provides several ways to track team costs:
* Create separate Virtual Keys for each team
* Use metadata tags in your configs
* Set up team-specific API keys
* Monitor usage in the analytics dashboard
When a team reaches their budget limit:
1. Further requests will be blocked
2. Team admins receive notifications
3. Usage statistics remain available in dashboard
4. Limits can be adjusted if needed
# Next Steps
**Join our Community**
* [Discord Community](https://portkey.sh/discord-report)
* [GitHub Repository](https://github.com/Portkey-AI)
For enterprise support and custom features, contact our [enterprise team](https://calendly.com/portkey-ai).