I’m currently building a chatbot service, and how can I ensure that each conversation is distinct even if A, B, and C use the same API key to converse at the same time?
An API key should NEVER be used in client software or be made available in client side code under any circumstances. It is not a method for managing users or giving people access to your account unless you want abusers emptying your account balance.
You must build a service based on logins and sessions that manages conversations based on the identity of users, and with the calls to OpenAI services only behind a secure platform server.
1 Like
If you are managing the API key yourself and anticipate that multiple users will be chatting through the same API key, the following explanation may be helpful to you.
Even if the API key is the same, multiple users’ chats will not get mixed up due to the stateless nature of HTTPS sessions. However, please note that you need to send the conversation history for each user every time.
Here’s an example of how you might send a conversation history:
res = client.chat.completions.create(
model="gpt-3.5-turbo",
messages=[
{"role": "system", "content": "You are a helpful assistant."}, # Optional
{"role": "user", "content": "What is 1 plus 1?"}, # First question
{"role": "assistant", "content": "It is 2."}, # First answer
{"role": "user", "content": "Multiply that by 3."} # Following question
],
temperature=0.8 # Adjust hyperparameters as needed.
)
Additionally, it’s important to organize the conversation history for each user.
This could involve assigning unique identifiers to each user session to keep track of their interactions.
Implementing this part of the system will help ensure that each user’s conversation history is managed correctly.
Please remember to handle your API key with care.
It’s essential to protect it and make sure it’s not accessible to anyone who shouldn’t have it.
3 Likes
From the thread’s title, I already got the flag that the user is new to programming. Sorry to say that. It’s like asking how can I create a login page, only one so that multiple users can log in without mixing. If there’s an answer to this then there’s no way an idea of how the API will be working can fail.
Anyway to assume another scenario, where the ability to implement is available: Create DB to store the user’s data and maybe chat history. Every time a request is being made you have a code in place to identify who’s trying to make the request, append chat history (or not?) send the request to the API endpoint, receive the response and since your code is still running you can pull the previous variables holding the user detail to send the reply back to.
BONUS Tip: We’re moving away from fully built wrappers on AI APIs…these days it’s what your product offering that makes it stand out from the API capabilities because all these things are already available and your users might just soon find the alternatives to the chat capability (if you’re offering as paid) if anyone can come up one day and also just make this feature…readily available everywhere these days
I have very limited use for the API because of this…most stuff built is far from being trashed by the new releases of the API and capabilities. You may reconsider use-case 
Don’t mind my text…I’ve been spotted for being rude in helping and discouraging 
but you may find some helpful words in here
1 Like