Please allow me to lock or pin my API-Key to a given model (like chatgpt3.5-turbo only for example)… This way if my API-Key gets hijacked, the attackers can’t quickly run up extreme charges with expensive models to GPT4 and etc. A bonus would be able to limit the context window to only 4k or something… It would be a form of Least privilege, where I could manage to my own implementation.
I have iOS App, and an API gateway with my Open AI API-Keyed call embeded in my own cloud function, and I’ve put in every security measure I can think of (I’ve use AppCheck & etc)… Don’t ask me how, but some-how after months of being solid security wise my API-Key was hacked. My app gives away ChatGPT3.5-turbo usage for free which is only a few bucks a week, but after the attackers got access they were able to rack-up 100s of dollars of ChatGPT4 calls in just a few hours… I do not want any access to ChatGPT4 calls for this API-Key for this free service I’m offering, so if I could disallow this, it would save me some $ when this happens, and probably discourage the hackers from seeing this as such an opportunity… In the meantime yes I’ll rotate my api-keys and look at adding more security measures, but allowing me to more granularly lock down my business cases would make for a much less enticing attack surface for all these a-holes out there that are looking to exploit things. Thanks for your consideration!
Hi, welcome to the community!
Could you roughly block out how how your api key, functions, and openai interaction works? Are you familiar with a sequence diagram?
So you should NEVER embed any API keys directly in code. You’re asking for trouble if you do that. Instead your keys should all be passed in via environment variables at startup. Every major hosting service has a mechanism for securely storing and retrieving API keys. Make sure you’re using that mechanism.
You can also look into the use of .env files which is a common technique for loading private keys in a secure way when running your code locally for testing.
One last tip would be that you need at least two separate API keys. One that you use locally for testing and one that you use in the cloud for your production code. For projects with multiple developers, each engineer needs their own private API key
I was using environment settings for my function. So I’m still not sure how the api-key could’ve leaked; like I said I’ve had the setup securely working for ~4 months or so (and plenty of hackers had tried and failed)… So my request stands: If I could lock my API-Key to a lessor 3.5 model, it would enable me to minimize such damage. Thanks
well one thought here would be: I’m not seeing any mention of Secret Manager | Google Cloud
There could be a bunch of things, like maybe you accidentally commited it to your repo, maybe you’re logging stuff you’re not supposed to, maybe it leaked in any other way, but ultimately it’s your responsibility to secure your API keys. 
I’m not sure but I think there’s been talks of adding more cost control features for organizations, but I could have misheard that. In any case, it probably won’t do what you’re calling for. And I don’t think restricting the API key to 3.5 is gonna solve your issue, because they can just call the 3.5 api 30x as fast to rack up the same costs.
Ultimately I think all this what you’re requesting should be part of your api monetization layer, your gateway. You need to figure out to secure your functions code.