Hi everyone,
I’m looking for some help understanding a billing issue we’re experiencing. We’re using GPT-4o Mini and GPT-4 Turbo on our Nenzy.ai platform, but we’re seeing charges for other advanced models like GPT-4 that we don’t actually use.
Has anyone else faced this issue or know why this might be happening? Any insights or suggestions would be greatly appreciated!
Thanks in advance!
Welcome to the community!
The go-to answer here would be that it’s possible that your API keys have been leaked. Rotating through your keys and ensuring that your keys ever don’t leave your servers (whether “encrypted” or not) would be a good start. 
I would also revoke any currently active keys and ensure that only you have access to any newly generated ones for now.
Also ensure that your applications are not trying to encrypt the keys internally, this will fail every time. You must enable OAuth level authentication with a server or service that obfuscates your API keys.
(Note: YOU SHOULD NEVER UNDER ANY CIRCUMSTANCES HAVE YOUR API KEY IN YOUR ENDUSER APPLICATION)
The only valid place for your API key is on a server that you own that uses OAuth level security to authenticate application user details and then passes the APi call to OpenAI with your API key or a service offered by Google, AWS, Azure, or similar that does the same job.