Recommended way to deal with API key(s) for students in programming courses

I’m teaching a course on open source development this fall, and want to have my students work with the OpenAI API in their labs and assignments (i.e., build things using the API). I’m wondering what the recommended way of dealing with API key(s) is in this scenario? Not every student has a credit card, so having them all do their own account API key isn’t really workable. Do I create an account with my work email and share keys? Can institutions do something better?

How are other professors handling this in their courses? How does OpenAI suggest I do this? I really want to integrate this into my course work so the students can get practical experience building things.

Thanks for any info,



Welcome to the forum.

I don’t have an official answer on this, but I’m bumping in hope someone has better info / experience…

My guess would be some form of API gateway relay, I know AWS has such a feature and a few others, I’ve also seen Short Courses | Learn Generative AI from DeepLearning.AI using a system where they obfuscate their API key with a placeholder one, might be an Idea to reach out to Andy Ng?

You could write an endpoint proxy of some sort, I’d need to put some thought into a solution like that.

(Gateway relays)

  • AWS API Gateway: Amazon’s solution which integrates well with other AWS services.
  • Kong: An open-source API gateway and microservices management layer.
  • Express Gateway: A microservices API Gateway built on Express.js.
  • Google Cloud Endpoints: Google Cloud’s equivalent of AWS’s API Gateway.

Also could be that Azure has similar and maybe even an educators option, but I’ve not looked into it.


Just an emulator that uses your own account system, strips the student bearer API key after validating against your own student account system, moderates, and forwards on their behalf with your org key.

This allows more robust user and usage tracking than the organization system that allows invited users to bill their API keys to your organization account. The organization method also requires all the personal credentials to create an OpenAI account.

Thanks for the ideas. It sounds like longer-term, I should build my own API gateway with institutional SSO or something.

Until then, is it possible for students without a credit card to use the $5 free trial on new accounts, or do you have to have a payment option added to your account in order to trigger that? I’m a bit confused about this, reading through previous posts.

1 Like

New accounts on an unused phone number should get an API trial credit.

When not also offering up a payment method for future usages (or now buying more credits), the rate limit of trial requests is limited 3/minute, 200/day.

Many students could have already been using ChatGPT, but not API, and their unaccessed API trial period would have expired.

This is really helpful. I hadn’t considered that students would already have accounts, but this makes sense, given ChatGPT requires accounts.

I guess I’ll give up on this idea until I can build some infra to support it. It’s too bad there isn’t a better story for academic use of the API. For example, I teach Amazon AWS as well, and with them I can use AWS Academy to get accounts for students with $100 in credits for the course, without requiring credit cards.

I appreciate people’s recommendations.

I’m going to go ahead and say you probably don’t want to be giving your API keys to your students.[1]

You can mitigate risks somewhat with usage limits, so… if you really trust your students, you’re probably fine.

But, what you really need to do is build, essentially, an API proxy server, ideally behind some sort of authentication.

The two main benefits of this are,

  1. The can be accountability because you can know who is sending which request.
  2. You can ensure the moderation endpoint processes every request before sending it to OpenAI (so your account doesn’t get banned because one of your students tried to have sex with the robot).

I can’t imagine it would be to challenging to build your own API to accept and pass through a request to OpenAI’s API’s (though it’ll add some latency).

Another possible approach:

Build it with the students!

Building a simple API will help some of the students better contextualize exactly how APIs work and will help them understand using them more later.

  1. Just like you wouldn’t give them the keys to your car ↩︎

Agreed. It’s well scoped for a project to build with my students next term. Doing it myself isn’t hard; but I was hoping there was already an established path I could walk with the students this term.


Google cloud console is free for a personal account and I do a lot of my testing there… It cost to run the console but the cost is so little I’ve paid 0.11 in the last 3 months to use for my purposes… I won’t mention my openai API cost since I don’t know it off hand… but significantly more than 11 cents so in the scheme of the cost of what they are doing… My opinion is to make a working endpoint in the cloud console and deploy from there

anything that u want coming from node in this package

node http-proxy seems to work.

code here

Best! Students get tokens to 3rd party rev-proxy on discord ( ie PAAS version of the API )

I am an instructor with a modest course budget (a few hundred dollars). I am thinking about generating a fresh API key for my students to share in class. I would simply set my account usage limit at or below the course budget.

This is not a technically intensive course; the primary purpose would be for all students to experience using the API, learn a tiny bit about how LLMs work, and do one or two creative projects with it at home and in class.

Am I correct in thinking that the main risks with this approach are as follows?

  • Students spend all of the course budget, potentially earlier than I would hope
  • Students use the API in unauthorized ways that are difficult to disambiguate because of the shared API keys