> ## Documentation Index
> Fetch the complete documentation index at: https://docs.obiguard.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Virtual Keys

> Obiguard’s virtual key system lets you securely store your LLM API keys in our vault and manage them easily using a unique virtual identifier.

This feature offers several advantages:

* Simplified key rotation
* Ability to create multiple virtual keys linked to a single API key
* Flexible restrictions based on cost, request volume, or user access

You can manage these options in your account under the **Virtual Keys** tab.

## Creațing a Virtual Key

To set up a virtual key, follow these instructions:

1. Go to the **Virtual Keys** tab in your Obiguard sidebar.
2. Select **Create**.
3. Enter a unique name to your key, select the guardrail policy to apply on this key, choose your AI provider, and specify any usage details if necessary.
   If your AI provider is not listed, you can select **Local/Privately hosted provider** and enter the API endpoint URL.

<Info>Tip: You can add multiple keys for a single provider or use distinct names for the same key to simplify management.</Info>

## How are the provider API keys stored?

Your API keys are encrypted and stored in secure vaults, accessible only during a request. Decryption happens solely within isolated workers and only when required, providing maximum data security.

## How are provider keys associated with virtual keys?

Virtual keys are generated randomly and mapped to the securely stored provider keys.
This ensures that your original API keys cannot be derived or reconstructed from the virtual keys.

## Using Virtual Keys

### Using the Obiguard SDK

Add the virtual key to the Obiguard Python SDK initialization configuration.

<Tabs>
  <Tab title="Python SDK">
    ```python theme={null}
    from obiguard import Obiguard

    client = Obiguard(
      provider='openai',
      base_url='https://gateway.obiguard.ai/v1',
      obiguard_api_key='vk-obg***',  # Your Obiguard virtual key here
    )
    ```
  </Tab>
</Tabs>

### Using the OpenAI SDK

Add the virtual key directly to the initialization configuration for the OpenAI client.

<Tabs>
  <Tab title="OpenAI Python">
    ```python theme={null}
    from openai import OpenAI
    from obiguard import createHeaders

    client = OpenAI(
      base_url='https://gateway.obiguard.ai/v1',
      api_key='sk-***',  # Your OpenAI API key here
      default_headers=createHeaders(
        provider="openai",
        api_key="vk-obg***",  # Your Obiguard virtual key here
      )
    )
    ```
  </Tab>
</Tabs>

### Using cURL

Add the virtual key directly to the request headers of your API call.

<Tabs>
  <Tab title="cURL">
    ```curl theme={null}
    curl https://gateway.obiguard.ai/v1/chat/completions \
    -H "Content-Type: application/json" \
    -H "x-obiguard-api-key: vk-obg***" \
    -d '{
      "model": "Qwen/Qwen2.5-32B-Instruct",
      "messages": [{
        "role": "user",
        "content": "Hello!"
      }]
    }'
    ```
  </Tab>
</Tabs>