I have an app in development where the user enters their OpenAI API key, I verify it with a call to the models api endpoint, then store it in the database, and make API requests with it from the backend on their behalf when they take certain actions in the front end app. This works just fine. You can leave the organization field of the npm package’s Configuration object empty and only supply the api key.
UPDATE: guess I can’t roll it out this way. Here’s the canonical post:
Would have been good if the docs were clearer on this point, and if there was an OAuth or other method for doing this, because otherwise, no one can write an app that users can access for free.