OpenAI has a set of recommendations on key safety. There are basically two types of keys: API keys and admin keys (to check usage limits, quotas etc.). Read more on those recommendations here, also summarised below.
The first recommendation (rule) is do not share API keys. API keys are unique to users, even if those users are on the same team.
The second recommendation is that the OpenAI API key should not be exposed in client-side environments like browsers or mobile apps, which could allow malicious users to make requests as you.
No comments:
Post a Comment