Validio

Bring Your Own Key

Your API keys, your cost. Validio orchestrates.

Connect one or several keys from the LLM providers you already use. Validio encrypts them, validates them and uses them only for analyses you launch yourself. You pay inference to the provider; we debit credits from your plan.

Activate BYOK in my accountHow it works

Why BYOK

Real savings, no surprises.

If you already have a contract with Anthropic, OpenAI or any other LLM provider, Validio leverages your pricing instead of charging it against your credits.

up to -65%
Cut on the LLM cost of an analysis with BYOK Anthropic.
6
Providers supported from day one. More on the roadmap.
€0
Extra activation cost. BYOK is part of the product.

Actual savings depend on the chosen provider, the type of analysis and your monthly volume. The -65% figure is an average observed on Audit Web analyses with BYOK Anthropic Claude Sonnet 4.6.

How it works

4 steps. 5 minutes. End-to-end encryption.

BYOK is built into your Validio dashboard. No server configuration. No install. Nothing to deploy.

  1. 1

    Get your API key from the provider

    Open the provider console (Anthropic, OpenAI, Google, etc.) and generate a key dedicated to Validio. We give you direct links.

  2. 2

    Paste it into your Validio dashboard

    Go to `/dashboard/byok` and paste the key. Validio validates it live against the provider: if it answers 200 it is accepted; if not, we tell you before saving anything.

  3. 3

    Validio encrypts and stores it

    AES-256-GCM encryption (authenticated) using a rotatable master key. The key never appears in logs or API responses. Only the orchestrator decrypts it in memory when an analysis runs.

  4. 4

    Each analysis uses your key

    When you launch an analysis, Validio automatically picks the best available key for the task and applies the credit discount.

Key security

Defense-in-depth, not marketing.

An API key is a secret. We treat it as one — four independent layers that do not depend on each other.

  • Encrypted at rest with AES-256-GCM

    Keys are encrypted with AES-256-GCM (authenticated encryption) using a master key managed via Railway environment variables, rotatable with zero downtime. Supabase never sees the plaintext key.

  • Never logged

    Validio structured logs (Sentry + Supabase audit) never record the key content. Only the 4-character prefix used to identify it in the UI.

  • You can delete it anytime

    Immediate delete from the dashboard. The row is removed from Supabase and the encrypted key is purged from storage in the same transaction.

  • Scoped to your account

    The key is bound to your `user_id`. No other user, agent or internal process can invoke it. Only analyses you launch yourself.

Supported providers

Bring the key from the provider you already use.

Validio supports the six LLM providers with the best European coverage. Same onboarding flow and same security guarantees for all of them.

  • Anthropic

    Claude Sonnet 4.6 and Haiku 4.5 — the Validio pipeline default. Highest average discount.

    Open console

  • OpenAI

    GPT-4o and text-embedding-3-small embeddings. Useful for vector-search-heavy analyses.

    Open console

  • Google AI Studio

    Gemini 2.0 Flash for low-cost analyses. Long context (1M tokens) for extensive reports.

    Open console

  • DeepSeek

    DeepSeek V3 — aggressive pricing. Useful for high-volume use cases.

    Open console

  • Mistral

    Mistral Large 2 — European provider (France). Compliance-friendly for regulated sectors.

    Open console

  • Groq

    Ultra-low-latency inference (Llama 3.3 70B) on LPU hardware. Useful when latency matters.

    Open console

The discount

Your key, your cost. Your credit, mostly untouched.

Real example of an Audit Web analysis with Claude Sonnet 4.6. Your key covers LLM inference; credits cover orchestration, agents, persistence and delivery.

Without BYOK

4

credits per analysis · fully charged to your plan

With BYOK Anthropic

1.5

credits per analysis · up to -65% savings

Same depth. Same report. Same latency. Only the bill payer to the LLM changes.

Frequently asked

Clear common doubts before activating BYOK.

What if my key expires or the provider revokes it?
Validio re-validates each key every 7 days against the provider. If a key stops working, we email you and disable its use automatically. The analysis does not break: it falls back to the standard plan pricing until you renew the key.
What if I add several keys from different providers?
Even better. Validio automatically picks the optimal key for each analysis based on task type, context and applicable discount. You don't have to decide per analysis.
Can I combine BYOK with a paid plan?
Yes, and it is the recommended setup. The plan gives you credits for orchestration and agents; BYOK lowers the LLM cost. Combining both delivers the biggest real saving.
Can Validio use my key outside the analyses I launch?
No. The key is scoped to your `user_id` and is only decrypted when you launch an analysis from your account. We do not use it for internal processes, training, or other users' tasks. Ever.

Ready when you are

Activate BYOK in my account.

Five minutes to set up. Cut analysis cost from the first run.

Go to /dashboard/byokSee plans and credits