Unexpected Model Requests on My API Key: Seeking Clarification

giuntagioele3 · August 29, 2023, 9:24am

Hey there,

I wanted to bring up something I’ve noticed regarding the requests I’ve been receiving on my API key. I’ve set up my fetch requests to specifically use the “gpt-3.5-turbo” model. However, I’ve been receiving requests for “gpt-4” on my key, despite never having made any requests for that model.

I was wondering if you could shed some light on why this might be happening. I’d really appreciate your help in understanding this situation better.

Code to making a request to OpenAI’s API using the fetch and gpt-3.5-turbo:

const requestOptions = {
      method: 'POST',
      headers: {
        'Content-Type': 'application/json',
        Authorization: `Bearer ${token}`,
      },
      body: JSON.stringify({
        model: 'gpt-3.5-turbo',
        messages : prompts,
        max_tokens: 500,
        temperature: 0.5,
        n: 1,
      }),
    };

    const response = await fetch(
      'https://api.openai.com/v1/chat/completions',
      requestOptions
    );

Thanks in advance for your assistance!

Foxabilo · August 29, 2023, 9:46am

Hi and welcome to the developer forum!

Is your API key in any public repositories or inside any applications you have built and distributed?

Have you shared your key or login details with a 3rd party? Have you, for example, signed up to any application which required you to put in your OpenAI key?

If you have, then I think another person may be using your key, I would revoke the key right away and ensure that you treat your key the same as your would your wallet, or cash, i.e. do not distribute it to anyone else. You should use best practices in your development environment, details can be found here

https://help.openai.com/en/articles/5112595-best-practices-for-api-key-safety