RelayKey
Get started
For coding agents

Migrate a codebase's API keys to RelayKey in one call.

Built so Claude Code, Codex, Cursor, Replit Agent, and Devin can do the entire migration without a human clicking through a dashboard. POST a .env paste; get back proxy URLs, tokens, and per-SDK code snippets ready to apply.

Get a management API tokenllms-full.txt
One call

Bulk-import a .env file

POST any .env contents to /api/v1/import. RelayKey detects the vendor for each key, creates a connection, issues a delegated credential, and returns the snippets you need to apply.

POST /api/v1/import
curl -X POST https://app.relaykey.ai/api/v1/import \
  -H "Authorization: Bearer rk_mgmt_xxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "env": "OPENAI_API_KEY=sk-real\nANTHROPIC_API_KEY=sk-ant-real\nRESEND_API_KEY=re_real",
    "default_ttl_seconds": 2592000
  }'

Each entry in the response includes a proxy_token, a proxy_base_url, and a snippets object with env, node, and python changes ready to paste in.

The recipe

Four steps, every time

  1. 01

    Find the keys

    Grep .env files and source for vendor API keys. Any key the user is currently sending to a third party is a candidate.

    bash
    grep -RhoE '^[A-Z_]+_(API_KEY|TOKEN|SECRET)=.+' \
  .env .env.local .env.production 2>/dev/null
  2. 02

    POST to /api/v1/import

    Send the keys as a .env paste. Get back proxy URLs and per-SDK snippets.

    curl
    curl -X POST https://app.relaykey.ai/api/v1/import \
  -H "Authorization: Bearer rk_mgmt_xxxxxxxx" \
  -H "Content-Type: application/json" \
  --data-binary @- < .env
  3. 03

    Apply the SDK snippets

    For each imported key, replace the master key in .env with the proxy token, add the *_BASE_URL var, and pass baseURL to the SDK constructor. The pattern is the same for every SDK.

    .env diff
    - OPENAI_API_KEY=sk-real-master-key
+ OPENAI_API_KEY=rk_proxy_xxxxxxxx
+ OPENAI_BASE_URL=https://proxy.relaykey.ai/conn_xxx
  4. 04

    Verify with a single curl

    Hit a known-safe upstream path through the proxy. Confirm the request appears in the audit log.

    curl
    curl -i https://proxy.relaykey.ai/conn_xxx/v1/models \
  -H "Authorization: Bearer rk_proxy_..."
Before / after

The exact one-line change, per SDK

OpenAI (Node)
before
new OpenAI({
  apiKey: process.env.OPENAI_API_KEY,
});
after
new OpenAI({
  apiKey: process.env.OPENAI_API_KEY,
  baseURL: process.env.OPENAI_BASE_URL,
});
Anthropic (Node)
before
new Anthropic({
  apiKey: process.env.ANTHROPIC_API_KEY,
});
after
new Anthropic({
  apiKey: process.env.ANTHROPIC_API_KEY,
  baseURL: process.env.ANTHROPIC_BASE_URL,
});
ElevenLabs (Node)
before
new ElevenLabsClient({
  apiKey: process.env.ELEVENLABS_API_KEY,
});
after
new ElevenLabsClient({
  apiKey: process.env.ELEVENLABS_API_KEY,
  environment: process.env.ELEVENLABS_BASE_URL,
});
Resend (Node)
before
new Resend(process.env.RESEND_API_KEY);
after
new Resend(process.env.RESEND_API_KEY, {
  baseUrl: process.env.RESEND_BASE_URL,
});
Cloudflare (curl)
before
curl https://api.cloudflare.com/client/v4/zones \
  -H "Authorization: Bearer $CF_TOKEN"
after
curl https://proxy.relaykey.ai/conn_xxx/client/v4/zones \
  -H "Authorization: Bearer rk_proxy_..."
Stripe (Python)
before
stripe.api_key = os.environ["STRIPE_SECRET_KEY"]
after
stripe.api_key = os.environ["STRIPE_SECRET_KEY"]
stripe.api_base = os.environ["STRIPE_BASE_URL"]
References

Files an agent should read

Ready to migrate a codebase?

Get a management API token and post a .env. The response is everything you need to finish the migration.

Get a management API token