The current workflow to create keys, requires adding a user to your Organization, which adds that user as a Member of the Default Project. Org owner can reassign user to a different project. The desire is for that user to create any API keys under the new project, for proper tracking. However, novice users often do not notice and do not switch projects creating API keys under the Default project. Can API creation be disabled under Default Project or is there some other mechanism?
Yes, just another lack of insight is that organization keeps on working the way it did before, not enforcing any access controls.
Invite a user: they can bill their own API keys to your organization.
The method you would have to use is to distribute the project API key you generate yourself with limits you have placed on it.
I am ok with that - I Just want them to create their keys in one and only one place