- Add mask_api_key() and is_masked_or_placeholder() to llm_provider service - Return masked keys in all provider CRUD endpoints - Reject masked/placeholder keys in fetch_models and test_provider_config - Show masked key with Change button in ProviderConfig.svelte edit form - Exclude masked keys from fetch-models, test, and submit payloads on frontend - Update semantics-core skill with clarified complexity tier rules - Switch agent modes from subagent to all
1227 lines
62 KiB
JSON
1227 lines
62 KiB
JSON
{
|
|
"/key/aliases": {
|
|
"get": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "Key Aliases",
|
|
"description": "Lists key aliases with pagination and optional search.\n\nNon-admin users only see aliases for keys they own or keys belonging to\ntheir teams.\n\nReturns:\n {\n \"aliases\": List[str],\n \"total_count\": int,\n \"current_page\": int,\n \"total_pages\": int,\n \"size\": int,\n }",
|
|
"operationId": "key_aliases_key_aliases_get",
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
],
|
|
"parameters": [
|
|
{
|
|
"name": "page",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"type": "integer",
|
|
"minimum": 1,
|
|
"description": "Page number",
|
|
"default": 1,
|
|
"title": "Page"
|
|
},
|
|
"description": "Page number"
|
|
},
|
|
{
|
|
"name": "size",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"type": "integer",
|
|
"maximum": 100,
|
|
"minimum": 1,
|
|
"description": "Page size",
|
|
"default": 50,
|
|
"title": "Size"
|
|
},
|
|
"description": "Page size"
|
|
},
|
|
{
|
|
"name": "search",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Search key aliases (case-insensitive partial match)",
|
|
"title": "Search"
|
|
},
|
|
"description": "Search key aliases (case-insensitive partial match)"
|
|
},
|
|
{
|
|
"name": "team_id",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Filter aliases to keys belonging to this team",
|
|
"title": "Team Id"
|
|
},
|
|
"description": "Filter aliases to keys belonging to this team"
|
|
}
|
|
],
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": true,
|
|
"title": "Response Key Aliases Key Aliases Get"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/key/block": {
|
|
"post": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "Block Key",
|
|
"description": "Block an Virtual key from making any requests.\n\nParameters:\n- key: str - The key to block. Can be either the unhashed key (sk-...) or the hashed key value\n\n Example:\n```bash\ncurl --location 'http://0.0.0.0:4000/key/block' --header 'Authorization: Bearer sk-1234' --header 'Content-Type: application/json' --data '{\n \"key\": \"sk-Fn8Ej39NxjAXrvpUGKghGw\"\n}'\n```\n\nNote: This is an admin-only endpoint. Only proxy admins, team admins, or org admins can block keys.",
|
|
"operationId": "block_key_key_block_post",
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
],
|
|
"parameters": [
|
|
{
|
|
"name": "litellm-changed-by",
|
|
"in": "header",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
|
|
"title": "Litellm-Changed-By"
|
|
},
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability"
|
|
}
|
|
],
|
|
"requestBody": {
|
|
"required": true,
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/BlockKeyRequest"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"$ref": "#/components/schemas/LiteLLM_VerificationToken"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"title": "Response Block Key Key Block Post"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/key/bulk_update": {
|
|
"post": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "Bulk Update Keys",
|
|
"description": "Bulk update multiple keys at once.\n\nThis endpoint allows updating multiple keys in a single request. Each key update\nis processed independently - if some updates fail, others will still succeed.\n\nParameters:\n- keys: List[BulkUpdateKeyRequestItem] - List of key update requests, each containing:\n - key: str - The key identifier (token) to update\n - budget_id: Optional[str] - Budget ID associated with the key\n - max_budget: Optional[float] - Max budget for key\n - team_id: Optional[str] - Team ID associated with key\n - tags: Optional[List[str]] - Tags for organizing keys\n\nReturns:\n- total_requested: int - Total number of keys requested for update\n- successful_updates: List[SuccessfulKeyUpdate] - List of successfully updated keys with their updated info\n- failed_updates: List[FailedKeyUpdate] - List of failed updates with key_info and failed_reason\n\nExample request:\n```bash\ncurl --location 'http://0.0.0.0:4000/key/bulk_update' --header 'Authorization: Bearer sk-1234' --header 'Content-Type: application/json' --data '{\n \"keys\": [\n {\n \"key\": \"sk-1234\",\n \"max_budget\": 100.0,\n \"team_id\": \"team-123\",\n \"tags\": [\"production\", \"api\"]\n },\n {\n \"key\": \"sk-5678\",\n \"budget_id\": \"budget-456\",\n \"tags\": [\"staging\"]\n }\n ]\n}'\n```",
|
|
"operationId": "bulk_update_keys_key_bulk_update_post",
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
],
|
|
"parameters": [
|
|
{
|
|
"name": "litellm-changed-by",
|
|
"in": "header",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
|
|
"title": "Litellm-Changed-By"
|
|
},
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability"
|
|
}
|
|
],
|
|
"requestBody": {
|
|
"required": true,
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/BulkUpdateKeyRequest"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/BulkUpdateKeyResponse"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/key/delete": {
|
|
"post": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "Delete Key Fn",
|
|
"description": "Delete a key from the key management system.\n\nParameters::\n- keys (List[str]): A list of keys or hashed keys to delete. Example {\"keys\": [\"sk-QWrxEynunsNpV1zT48HIrw\", \"837e17519f44683334df5291321d97b8bf1098cd490e49e215f6fea935aa28be\"]}\n- key_aliases (List[str]): A list of key aliases to delete. Can be passed instead of `keys`.Example {\"key_aliases\": [\"alias1\", \"alias2\"]}\n\nReturns:\n- deleted_keys (List[str]): A list of deleted keys. Example {\"deleted_keys\": [\"sk-QWrxEynunsNpV1zT48HIrw\", \"837e17519f44683334df5291321d97b8bf1098cd490e49e215f6fea935aa28be\"]}\n\nExample:\n```bash\ncurl --location 'http://0.0.0.0:4000/key/delete' --header 'Authorization: Bearer sk-1234' --header 'Content-Type: application/json' --data '{\n \"keys\": [\"sk-QWrxEynunsNpV1zT48HIrw\"]\n}'\n```\n\nRaises:\n HTTPException: If an error occurs during key deletion.",
|
|
"operationId": "delete_key_fn_key_delete_post",
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
],
|
|
"parameters": [
|
|
{
|
|
"name": "litellm-changed-by",
|
|
"in": "header",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
|
|
"title": "Litellm-Changed-By"
|
|
},
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability"
|
|
}
|
|
],
|
|
"requestBody": {
|
|
"required": true,
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/KeyRequest"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {}
|
|
}
|
|
}
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/key/generate": {
|
|
"post": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "Generate Key Fn",
|
|
"description": "Generate an API key based on the provided data.\n\nDocs: https://docs.litellm.ai/docs/proxy/virtual_keys\n\nParameters:\n- duration: Optional[str] - Specify the length of time the token is valid for. You can set duration as seconds (\"30s\"), minutes (\"30m\"), hours (\"30h\"), days (\"30d\").\n- key_alias: Optional[str] - User defined key alias\n- key: Optional[str] - User defined key value. If not set, a 16-digit unique sk-key is created for you.\n- team_id: Optional[str] - The team id of the key\n- user_id: Optional[str] - The user id of the key\n- agent_id: Optional[str] - The agent id associated with the key.\n- organization_id: Optional[str] - The organization id of the key. If not set, and team_id is set, the organization id will be the same as the team id. If conflict, an error will be raised.\n- project_id: Optional[str] - The project id of the key. When set, models and max_budget are validated against the project's limits.\n- budget_id: Optional[str] - The budget id associated with the key. Created by calling `/budget/new`.\n- models: Optional[list] - Model_name's a user is allowed to call. (if empty, key is allowed to call all models)\n- aliases: Optional[dict] - Any alias mappings, on top of anything in the config.yaml model list. - https://docs.litellm.ai/docs/proxy/virtual_keys#managing-auth---upgradedowngrade-models\n- config: Optional[dict] - any key-specific configs, overrides config in config.yaml\n- spend: Optional[int] - Amount spent by key. Default is 0. Will be updated by proxy whenever key is used. https://docs.litellm.ai/docs/proxy/virtual_keys#managing-auth---tracking-spend\n- send_invite_email: Optional[bool] - Whether to send an invite email to the user_id, with the generate key\n- max_budget: Optional[float] - Specify max budget for a given key.\n- budget_duration: Optional[str] - Budget is reset at the end of specified duration. If not set, budget is never reset. You can set duration as seconds (\"30s\"), minutes (\"30m\"), hours (\"30h\"), days (\"30d\").\n- max_parallel_requests: Optional[int] - Rate limit a user based on the number of parallel requests. Raises 429 error, if user's parallel requests > x.\n- metadata: Optional[dict] - Metadata for key, store information for key. Example metadata = {\"team\": \"core-infra\", \"app\": \"app2\", \"email\": \"ishaan@berri.ai\" }\n- guardrails: Optional[List[str]] - List of active guardrails for the key\n- policies: Optional[List[str]] - List of policy names to apply to the key. Policies define guardrails, conditions, and inheritance rules.\n- disable_global_guardrails: Optional[bool] - Whether to disable global guardrails for the key.\n- permissions: Optional[dict] - key-specific permissions. Currently just used for turning off pii masking (if connected). Example - {\"pii\": false}\n- model_max_budget: Optional[Dict[str, BudgetConfig]] - Model-specific budgets {\"gpt-4\": {\"budget_limit\": 0.0005, \"time_period\": \"30d\"}}}. IF null or {} then no model specific budget.\n- model_rpm_limit: Optional[dict] - key-specific model rpm limit. Example - {\"text-davinci-002\": 1000, \"gpt-3.5-turbo\": 1000}. IF null or {} then no model specific rpm limit.\n- model_tpm_limit: Optional[dict] - key-specific model tpm limit. Example - {\"text-davinci-002\": 1000, \"gpt-3.5-turbo\": 1000}. IF null or {} then no model specific tpm limit.\n- tpm_limit_type: Optional[str] - Type of tpm limit. Options: \"best_effort_throughput\" (no error if we're overallocating tpm), \"guaranteed_throughput\" (raise an error if we're overallocating tpm), \"dynamic\" (dynamically exceed limit when no 429 errors). Defaults to \"best_effort_throughput\".\n- rpm_limit_type: Optional[str] - Type of rpm limit. Options: \"best_effort_throughput\" (no error if we're overallocating rpm), \"guaranteed_throughput\" (raise an error if we're overallocating rpm), \"dynamic\" (dynamically exceed limit when no 429 errors). Defaults to \"best_effort_throughput\".\n- allowed_cache_controls: Optional[list] - List of allowed cache control values. Example - [\"no-cache\", \"no-store\"]. See all values - https://docs.litellm.ai/docs/proxy/caching#turn-on--off-caching-per-request\n- blocked: Optional[bool] - Whether the key is blocked.\n- rpm_limit: Optional[int] - Specify rpm limit for a given key (Requests per minute)\n- tpm_limit: Optional[int] - Specify tpm limit for a given key (Tokens per minute)\n- soft_budget: Optional[float] - Specify soft budget for a given key. Will trigger a slack alert when this soft budget is reached.\n- tags: Optional[List[str]] - Tags for [tracking spend](https://litellm.vercel.app/docs/proxy/enterprise#tracking-spend-for-custom-tags) and/or doing [tag-based routing](https://litellm.vercel.app/docs/proxy/tag_routing).\n- prompts: Optional[List[str]] - List of prompts that the key is allowed to use.\n- enforced_params: Optional[List[str]] - List of enforced params for the key (Enterprise only). [Docs](https://docs.litellm.ai/docs/proxy/enterprise#enforce-required-params-for-llm-requests)\n- prompts: Optional[List[str]] - List of prompts that the key is allowed to use.\n- allowed_routes: Optional[list] - List of allowed routes for the key. Store the actual route or store a wildcard pattern for a set of routes. Example - [\"/chat/completions\", \"/embeddings\", \"/keys/*\"]\n- allowed_passthrough_routes: Optional[list] - List of allowed pass through endpoints for the key. Store the actual endpoint or store a wildcard pattern for a set of endpoints. Example - [\"/my-custom-endpoint\"]. Use this instead of allowed_routes, if you just want to specify which pass through endpoints the key can access, without specifying the routes. If allowed_routes is specified, allowed_pass_through_endpoints is ignored.\n- object_permission: Optional[LiteLLM_ObjectPermissionBase] - key-specific object permission. Example - {\"vector_stores\": [\"vector_store_1\", \"vector_store_2\"], \"agents\": [\"agent_1\", \"agent_2\"], \"agent_access_groups\": [\"dev_group\"]}. IF null or {} then no object permission.\n- key_type: Optional[str] - Type of key that determines default allowed routes. Options: \"llm_api\" (can call LLM API routes), \"management\" (can call management routes), \"read_only\" (can only call info/read routes), \"default\" (uses default allowed routes). Defaults to \"default\".\n- prompts: Optional[List[str]] - List of allowed prompts for the key. If specified, the key will only be able to use these specific prompts.\n- auto_rotate: Optional[bool] - Whether this key should be automatically rotated (regenerated)\n- rotation_interval: Optional[str] - How often to auto-rotate this key (e.g., '30s', '30m', '30h', '30d'). Required if auto_rotate=True.\n- allowed_vector_store_indexes: Optional[List[dict]] - List of allowed vector store indexes for the key. Example - [{\"index_name\": \"my-index\", \"index_permissions\": [\"write\", \"read\"]}]. If specified, the key will only be able to use these specific vector store indexes. Create index, using `/v1/indexes` endpoint.\n- router_settings: Optional[UpdateRouterConfig] - key-specific router settings. Example - {\"model_group_retry_policy\": {\"max_retries\": 5}}. IF null or {} then no router settings.\n- access_group_ids: Optional[List[str]] - List of access group IDs to associate with the key. Access groups define which models a key can access. Example - [\"access_group_1\", \"access_group_2\"].\n\nExamples:\n\n1. Allow users to turn on/off pii masking\n\n```bash\ncurl --location 'http://0.0.0.0:4000/key/generate' --header 'Authorization: Bearer sk-1234' --header 'Content-Type: application/json' --data '{\n \"permissions\": {\"allow_pii_controls\": true}\n}'\n```\n\nReturns:\n- key: (str) The generated api key\n- expires: (datetime) Datetime object for when key expires.\n- user_id: (str) Unique user id - used for tracking spend across multiple keys for same user id.",
|
|
"operationId": "generate_key_fn_key_generate_post",
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
],
|
|
"parameters": [
|
|
{
|
|
"name": "litellm-changed-by",
|
|
"in": "header",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
|
|
"title": "Litellm-Changed-By"
|
|
},
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability"
|
|
}
|
|
],
|
|
"requestBody": {
|
|
"required": true,
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/GenerateKeyRequest"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/GenerateKeyResponse"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/key/health": {
|
|
"post": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "Key Health",
|
|
"description": "Check the health of the key\n\nChecks:\n- If key based logging is configured correctly - sends a test log\n\nUsage \n\nPass the key in the request header\n\n```bash\ncurl -X POST \"http://localhost:4000/key/health\" -H \"Authorization: Bearer sk-1234\" -H \"Content-Type: application/json\"\n```\n\nResponse when logging callbacks are setup correctly:\n\n```json\n{\n \"key\": \"healthy\",\n \"logging_callbacks\": {\n \"callbacks\": [\n \"gcs_bucket\"\n ],\n \"status\": \"healthy\",\n \"details\": \"No logger exceptions triggered, system is healthy. Manually check if logs were sent to ['gcs_bucket']\"\n }\n}\n```\n\n\nResponse when logging callbacks are not setup correctly:\n```json\n{\n \"key\": \"unhealthy\",\n \"logging_callbacks\": {\n \"callbacks\": [\n \"gcs_bucket\"\n ],\n \"status\": \"unhealthy\",\n \"details\": \"Logger exceptions triggered, system is unhealthy: Failed to load vertex credentials. Check to see if credentials containing partial/invalid information.\"\n }\n}\n```",
|
|
"operationId": "key_health_key_health_post",
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/KeyHealthResponse"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"/key/info": {
|
|
"get": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "Info Key Fn",
|
|
"description": "Retrieve information about a key.\nParameters:\n key: Optional[str] = Query parameter representing the key in the request\n user_api_key_dict: UserAPIKeyAuth = Dependency representing the user's API key\nReturns:\n Dict containing the key and its associated information\n\nExample Curl:\n```\ncurl -X GET \"http://0.0.0.0:4000/key/info?key=sk-test-example-key-123\" -H \"Authorization: Bearer sk-1234\"\n```\n\nExample Curl - if no key is passed, it will use the Key Passed in Authorization Header\n```\ncurl -X GET \"http://0.0.0.0:4000/key/info\" -H \"Authorization: Bearer sk-test-example-key-123\"\n```",
|
|
"operationId": "info_key_fn_key_info_get",
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
],
|
|
"parameters": [
|
|
{
|
|
"name": "key",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Key in the request parameters",
|
|
"title": "Key"
|
|
},
|
|
"description": "Key in the request parameters"
|
|
}
|
|
],
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {}
|
|
}
|
|
}
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/key/list": {
|
|
"get": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "List Keys",
|
|
"description": "List all keys for a given user / team / organization.\n\nParameters:\n expand: Optional[List[str]] - Expand related objects (e.g. 'user' to include user information)\n status: Optional[str] - Filter by status. Currently supports \"deleted\" to query deleted keys.\n\nReturns:\n {\n \"keys\": List[str] or List[UserAPIKeyAuth],\n \"total_count\": int,\n \"current_page\": int,\n \"total_pages\": int,\n }\n\nWhen expand includes \"user\", each key object will include a \"user\" field with the associated user object.\nNote: When expand=user is specified, full key objects are returned regardless of the return_full_object parameter.",
|
|
"operationId": "list_keys_key_list_get",
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
],
|
|
"parameters": [
|
|
{
|
|
"name": "page",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"type": "integer",
|
|
"minimum": 1,
|
|
"description": "Page number",
|
|
"default": 1,
|
|
"title": "Page"
|
|
},
|
|
"description": "Page number"
|
|
},
|
|
{
|
|
"name": "size",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"type": "integer",
|
|
"maximum": 100,
|
|
"minimum": 1,
|
|
"description": "Page size",
|
|
"default": 10,
|
|
"title": "Size"
|
|
},
|
|
"description": "Page size"
|
|
},
|
|
{
|
|
"name": "user_id",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Filter keys by user ID. Supports partial matching (substring, case-insensitive).",
|
|
"title": "User Id"
|
|
},
|
|
"description": "Filter keys by user ID. Supports partial matching (substring, case-insensitive)."
|
|
},
|
|
{
|
|
"name": "team_id",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Filter keys by team ID",
|
|
"title": "Team Id"
|
|
},
|
|
"description": "Filter keys by team ID"
|
|
},
|
|
{
|
|
"name": "organization_id",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Filter keys by organization ID",
|
|
"title": "Organization Id"
|
|
},
|
|
"description": "Filter keys by organization ID"
|
|
},
|
|
{
|
|
"name": "key_hash",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Filter keys by key hash",
|
|
"title": "Key Hash"
|
|
},
|
|
"description": "Filter keys by key hash"
|
|
},
|
|
{
|
|
"name": "key_alias",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Filter keys by key alias. Supports partial matching (substring, case-insensitive).",
|
|
"title": "Key Alias"
|
|
},
|
|
"description": "Filter keys by key alias. Supports partial matching (substring, case-insensitive)."
|
|
},
|
|
{
|
|
"name": "return_full_object",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"type": "boolean",
|
|
"description": "Return full key object",
|
|
"default": false,
|
|
"title": "Return Full Object"
|
|
},
|
|
"description": "Return full key object"
|
|
},
|
|
{
|
|
"name": "include_team_keys",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"type": "boolean",
|
|
"description": "Include all keys for teams that user is an admin of.",
|
|
"default": false,
|
|
"title": "Include Team Keys"
|
|
},
|
|
"description": "Include all keys for teams that user is an admin of."
|
|
},
|
|
{
|
|
"name": "include_created_by_keys",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"type": "boolean",
|
|
"description": "Include keys created by the user",
|
|
"default": false,
|
|
"title": "Include Created By Keys"
|
|
},
|
|
"description": "Include keys created by the user"
|
|
},
|
|
{
|
|
"name": "sort_by",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Column to sort by (e.g. 'user_id', 'created_at', 'spend')",
|
|
"title": "Sort By"
|
|
},
|
|
"description": "Column to sort by (e.g. 'user_id', 'created_at', 'spend')"
|
|
},
|
|
{
|
|
"name": "sort_order",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"type": "string",
|
|
"description": "Sort order ('asc' or 'desc')",
|
|
"default": "desc",
|
|
"title": "Sort Order"
|
|
},
|
|
"description": "Sort order ('asc' or 'desc')"
|
|
},
|
|
{
|
|
"name": "expand",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Expand related objects (e.g. 'user')",
|
|
"title": "Expand"
|
|
},
|
|
"description": "Expand related objects (e.g. 'user')"
|
|
},
|
|
{
|
|
"name": "status",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Filter by status (e.g. 'deleted')",
|
|
"title": "Status"
|
|
},
|
|
"description": "Filter by status (e.g. 'deleted')"
|
|
},
|
|
{
|
|
"name": "project_id",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Filter keys by project ID",
|
|
"title": "Project Id"
|
|
},
|
|
"description": "Filter keys by project ID"
|
|
},
|
|
{
|
|
"name": "access_group_id",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "Filter keys by access group ID",
|
|
"title": "Access Group Id"
|
|
},
|
|
"description": "Filter keys by access group ID"
|
|
}
|
|
],
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/KeyListResponseObject"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/key/regenerate": {
|
|
"post": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "Regenerate Key Fn",
|
|
"description": "Regenerate an existing API key while optionally updating its parameters.\n\nParameters:\n- key: str (path parameter) - The key to regenerate\n- data: Optional[RegenerateKeyRequest] - Request body containing optional parameters to update\n - key: Optional[str] - The key to regenerate.\n - new_master_key: Optional[str] - The new master key to use, if key is the master key.\n - new_key: Optional[str] - The new key to use, if key is not the master key. If both set, new_master_key will be used.\n - key_alias: Optional[str] - User-friendly key alias\n - user_id: Optional[str] - User ID associated with key\n - team_id: Optional[str] - Team ID associated with key\n - models: Optional[list] - Model_name's a user is allowed to call\n - tags: Optional[List[str]] - Tags for organizing keys (Enterprise only)\n - spend: Optional[float] - Amount spent by key\n - max_budget: Optional[float] - Max budget for key\n - model_max_budget: Optional[Dict[str, BudgetConfig]] - Model-specific budgets {\"gpt-4\": {\"budget_limit\": 0.0005, \"time_period\": \"30d\"}}\n - budget_duration: Optional[str] - Budget reset period (\"30d\", \"1h\", etc.)\n - soft_budget: Optional[float] - Soft budget limit (warning vs. hard stop). Will trigger a slack alert when this soft budget is reached.\n - max_parallel_requests: Optional[int] - Rate limit for parallel requests\n - metadata: Optional[dict] - Metadata for key. Example {\"team\": \"core-infra\", \"app\": \"app2\"}\n - tpm_limit: Optional[int] - Tokens per minute limit\n - rpm_limit: Optional[int] - Requests per minute limit\n - model_rpm_limit: Optional[dict] - Model-specific RPM limits {\"gpt-4\": 100, \"claude-v1\": 200}\n - model_tpm_limit: Optional[dict] - Model-specific TPM limits {\"gpt-4\": 100000, \"claude-v1\": 200000}\n - allowed_cache_controls: Optional[list] - List of allowed cache control values\n - duration: Optional[str] - Key validity duration (\"30d\", \"1h\", etc.)\n - permissions: Optional[dict] - Key-specific permissions\n - guardrails: Optional[List[str]] - List of active guardrails for the key\n - blocked: Optional[bool] - Whether the key is blocked\n - grace_period: Optional[str] - Duration to keep old key valid after rotation (e.g. \"24h\", \"2d\"). Omitted = immediate revoke. Env: LITELLM_KEY_ROTATION_GRACE_PERIOD\n\n\nReturns:\n- GenerateKeyResponse containing the new key and its updated parameters\n\nExample:\n```bash\ncurl --location --request POST 'http://localhost:4000/key/sk-1234/regenerate' --header 'Authorization: Bearer sk-1234' --header 'Content-Type: application/json' --data-raw '{\n \"max_budget\": 100,\n \"metadata\": {\"team\": \"core-infra\"},\n \"models\": [\"gpt-4\", \"gpt-3.5-turbo\"]\n}'\n```\n\nNote: This is an Enterprise feature. It requires a premium license to use.",
|
|
"operationId": "regenerate_key_fn_key_regenerate_post",
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
],
|
|
"parameters": [
|
|
{
|
|
"name": "key",
|
|
"in": "query",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"title": "Key"
|
|
}
|
|
},
|
|
{
|
|
"name": "litellm-changed-by",
|
|
"in": "header",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
|
|
"title": "Litellm-Changed-By"
|
|
},
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability"
|
|
}
|
|
],
|
|
"requestBody": {
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"$ref": "#/components/schemas/RegenerateKeyRequest"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"title": "Data"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"$ref": "#/components/schemas/GenerateKeyResponse"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"title": "Response Regenerate Key Fn Key Regenerate Post"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/key/service-account/generate": {
|
|
"post": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "Generate Service Account Key Fn",
|
|
"description": "Generate a Service Account API key based on the provided data. This key does not belong to any user. It belongs to the team.\n\nWhy use a service account key?\n- Prevent key from being deleted when user is deleted.\n- Apply team limits, not team member limits to key.\n\nDocs: https://docs.litellm.ai/docs/proxy/virtual_keys\n\nParameters:\n- duration: Optional[str] - Specify the length of time the token is valid for. You can set duration as seconds (\"30s\"), minutes (\"30m\"), hours (\"30h\"), days (\"30d\").\n- key_alias: Optional[str] - User defined key alias\n- key: Optional[str] - User defined key value. If not set, a 16-digit unique sk-key is created for you.\n- team_id: Optional[str] - The team id of the key\n- user_id: Optional[str] - [NON-FUNCTIONAL] THIS WILL BE IGNORED. The user id of the key\n- budget_id: Optional[str] - The budget id associated with the key. Created by calling `/budget/new`.\n- models: Optional[list] - Model_name's a user is allowed to call. (if empty, key is allowed to call all models)\n- aliases: Optional[dict] - Any alias mappings, on top of anything in the config.yaml model list. - https://docs.litellm.ai/docs/proxy/virtual_keys#managing-auth---upgradedowngrade-models\n- config: Optional[dict] - any key-specific configs, overrides config in config.yaml\n- spend: Optional[int] - Amount spent by key. Default is 0. Will be updated by proxy whenever key is used. https://docs.litellm.ai/docs/proxy/virtual_keys#managing-auth---tracking-spend\n- send_invite_email: Optional[bool] - Whether to send an invite email to the user_id, with the generate key\n- max_budget: Optional[float] - Specify max budget for a given key.\n- budget_duration: Optional[str] - Budget is reset at the end of specified duration. If not set, budget is never reset. You can set duration as seconds (\"30s\"), minutes (\"30m\"), hours (\"30h\"), days (\"30d\").\n- max_parallel_requests: Optional[int] - Rate limit a user based on the number of parallel requests. Raises 429 error, if user's parallel requests > x.\n- metadata: Optional[dict] - Metadata for key, store information for key. Example metadata = {\"team\": \"core-infra\", \"app\": \"app2\", \"email\": \"ishaan@berri.ai\" }\n- guardrails: Optional[List[str]] - List of active guardrails for the key\n- permissions: Optional[dict] - key-specific permissions. Currently just used for turning off pii masking (if connected). Example - {\"pii\": false}\n- model_max_budget: Optional[Dict[str, BudgetConfig]] - Model-specific budgets {\"gpt-4\": {\"budget_limit\": 0.0005, \"time_period\": \"30d\"}}}. IF null or {} then no model specific budget.\n- model_rpm_limit: Optional[dict] - key-specific model rpm limit. Example - {\"text-davinci-002\": 1000, \"gpt-3.5-turbo\": 1000}. IF null or {} then no model specific rpm limit.\n- model_tpm_limit: Optional[dict] - key-specific model tpm limit. Example - {\"text-davinci-002\": 1000, \"gpt-3.5-turbo\": 1000}. IF null or {} then no model specific tpm limit.\n- tpm_limit_type: Optional[str] - TPM rate limit type - \"best_effort_throughput\", \"guaranteed_throughput\", or \"dynamic\"\n- rpm_limit_type: Optional[str] - RPM rate limit type - \"best_effort_throughput\", \"guaranteed_throughput\", or \"dynamic\"\n- allowed_cache_controls: Optional[list] - List of allowed cache control values. Example - [\"no-cache\", \"no-store\"]. See all values - https://docs.litellm.ai/docs/proxy/caching#turn-on--off-caching-per-request\n- blocked: Optional[bool] - Whether the key is blocked.\n- rpm_limit: Optional[int] - Specify rpm limit for a given key (Requests per minute)\n- tpm_limit: Optional[int] - Specify tpm limit for a given key (Tokens per minute)\n- soft_budget: Optional[float] - Specify soft budget for a given key. Will trigger a slack alert when this soft budget is reached.\n- tags: Optional[List[str]] - Tags for [tracking spend](https://litellm.vercel.app/docs/proxy/enterprise#tracking-spend-for-custom-tags) and/or doing [tag-based routing](https://litellm.vercel.app/docs/proxy/tag_routing).\n- enforced_params: Optional[List[str]] - List of enforced params for the key (Enterprise only). [Docs](https://docs.litellm.ai/docs/proxy/enterprise#enforce-required-params-for-llm-requests)\n- allowed_routes: Optional[list] - List of allowed routes for the key. Store the actual route or store a wildcard pattern for a set of routes. Example - [\"/chat/completions\", \"/embeddings\", \"/keys/*\"]\n- object_permission: Optional[LiteLLM_ObjectPermissionBase] - key-specific object permission. Example - {\"vector_stores\": [\"vector_store_1\", \"vector_store_2\"], \"agents\": [\"agent_1\", \"agent_2\"], \"agent_access_groups\": [\"dev_group\"]}. IF null or {} then no object permission.\nExamples:\n- allowed_vector_store_indexes: Optional[List[dict]] - List of allowed vector store indexes for the key. Example - [{\"index_name\": \"my-index\", \"index_permissions\": [\"write\", \"read\"]}]. If specified, the key will only be able to use these specific vector store indexes. Create index, using `/v1/indexes` endpoint.\n\n\n1. Allow users to turn on/off pii masking\n\n```bash\ncurl --location 'http://0.0.0.0:4000/key/generate' --header 'Authorization: Bearer sk-1234' --header 'Content-Type: application/json' --data '{\n \"permissions\": {\"allow_pii_controls\": true}\n}'\n```\n\nReturns:\n- key: (str) The generated api key\n- expires: (datetime) Datetime object for when key expires.\n- user_id: (str) Unique user id - used for tracking spend across multiple keys for same user id.",
|
|
"operationId": "generate_service_account_key_fn_key_service_account_generate_post",
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
],
|
|
"parameters": [
|
|
{
|
|
"name": "litellm-changed-by",
|
|
"in": "header",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
|
|
"title": "Litellm-Changed-By"
|
|
},
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability"
|
|
}
|
|
],
|
|
"requestBody": {
|
|
"required": true,
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/GenerateKeyRequest"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {}
|
|
}
|
|
}
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/key/unblock": {
|
|
"post": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "Unblock Key",
|
|
"description": "Unblock a Virtual key to allow it to make requests again.\n\nParameters:\n- key: str - The key to unblock. Can be either the unhashed key (sk-...) or the hashed key value\n\nExample:\n```bash\ncurl --location 'http://0.0.0.0:4000/key/unblock' --header 'Authorization: Bearer sk-1234' --header 'Content-Type: application/json' --data '{\n \"key\": \"sk-Fn8Ej39NxjAXrvpUGKghGw\"\n}'\n```\n\nNote: This is an admin-only endpoint. Only proxy admins, team admins, or org admins can unblock keys.",
|
|
"operationId": "unblock_key_key_unblock_post",
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
],
|
|
"parameters": [
|
|
{
|
|
"name": "litellm-changed-by",
|
|
"in": "header",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
|
|
"title": "Litellm-Changed-By"
|
|
},
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability"
|
|
}
|
|
],
|
|
"requestBody": {
|
|
"required": true,
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/BlockKeyRequest"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {}
|
|
}
|
|
}
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/key/update": {
|
|
"post": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "Update Key Fn",
|
|
"description": "Update an existing API key's parameters.\n\nParameters:\n- key: str - The key to update\n- key_alias: Optional[str] - User-friendly key alias\n- user_id: Optional[str] - User ID associated with key\n- team_id: Optional[str] - Team ID associated with key\n- agent_id: Optional[str] - The agent id associated with the key.\n- organization_id: Optional[str] - The organization id of the key.\n- budget_id: Optional[str] - The budget id associated with the key. Created by calling `/budget/new`.\n- models: Optional[list] - Model_name's a user is allowed to call\n- tags: Optional[List[str]] - Tags for organizing keys (Enterprise only)\n- prompts: Optional[List[str]] - List of prompts that the key is allowed to use.\n- enforced_params: Optional[List[str]] - List of enforced params for the key (Enterprise only). [Docs](https://docs.litellm.ai/docs/proxy/enterprise#enforce-required-params-for-llm-requests)\n- spend: Optional[float] - Amount spent by key\n- max_budget: Optional[float] - Max budget for key\n- model_max_budget: Optional[Dict[str, BudgetConfig]] - Model-specific budgets {\"gpt-4\": {\"budget_limit\": 0.0005, \"time_period\": \"30d\"}}\n- budget_duration: Optional[str] - Budget reset period (\"30d\", \"1h\", etc.)\n- soft_budget: Optional[float] - [TODO] Soft budget limit (warning vs. hard stop). Will trigger a slack alert when this soft budget is reached.\n- max_parallel_requests: Optional[int] - Rate limit for parallel requests\n- metadata: Optional[dict] - Metadata for key. Example {\"team\": \"core-infra\", \"app\": \"app2\"}\n- tpm_limit: Optional[int] - Tokens per minute limit\n- rpm_limit: Optional[int] - Requests per minute limit\n- model_rpm_limit: Optional[dict] - Model-specific RPM limits {\"gpt-4\": 100, \"claude-v1\": 200}\n- model_tpm_limit: Optional[dict] - Model-specific TPM limits {\"gpt-4\": 100000, \"claude-v1\": 200000}\n- tpm_limit_type: Optional[str] - TPM rate limit type - \"best_effort_throughput\", \"guaranteed_throughput\", or \"dynamic\"\n- rpm_limit_type: Optional[str] - RPM rate limit type - \"best_effort_throughput\", \"guaranteed_throughput\", or \"dynamic\"\n- allowed_cache_controls: Optional[list] - List of allowed cache control values\n- duration: Optional[str] - Key validity duration (\"30d\", \"1h\", etc.), null to never expire, or \"-1\" to never expire (deprecated, use null)\n- permissions: Optional[dict] - Key-specific permissions\n- send_invite_email: Optional[bool] - Send invite email to user_id\n- guardrails: Optional[List[str]] - List of active guardrails for the key\n- policies: Optional[List[str]] - List of policy names to apply to the key. Policies define guardrails, conditions, and inheritance rules.\n- disable_global_guardrails: Optional[bool] - Whether to disable global guardrails for the key.\n- prompts: Optional[List[str]] - List of prompts that the key is allowed to use.\n- blocked: Optional[bool] - Whether the key is blocked\n- aliases: Optional[dict] - Model aliases for the key - [Docs](https://litellm.vercel.app/docs/proxy/virtual_keys#model-aliases)\n- config: Optional[dict] - [DEPRECATED PARAM] Key-specific config.\n- temp_budget_increase: Optional[float] - Temporary budget increase for the key (Enterprise only).\n- temp_budget_expiry: Optional[str] - Expiry time for the temporary budget increase (Enterprise only).\n- allowed_routes: Optional[list] - List of allowed routes for the key. Store the actual route or store a wildcard pattern for a set of routes. Example - [\"/chat/completions\", \"/embeddings\", \"/keys/*\"]\n- allowed_passthrough_routes: Optional[list] - List of allowed pass through routes for the key. Store the actual route or store a wildcard pattern for a set of routes. Example - [\"/my-custom-endpoint\"]. Use this instead of allowed_routes, if you just want to specify which pass through routes the key can access, without specifying the routes. If allowed_routes is specified, allowed_passthrough_routes is ignored.\n- prompts: Optional[List[str]] - List of allowed prompts for the key. If specified, the key will only be able to use these specific prompts.\n- object_permission: Optional[LiteLLM_ObjectPermissionBase] - key-specific object permission. Example - {\"vector_stores\": [\"vector_store_1\", \"vector_store_2\"], \"agents\": [\"agent_1\", \"agent_2\"], \"agent_access_groups\": [\"dev_group\"]}. IF null or {} then no object permission.\n- auto_rotate: Optional[bool] - Whether this key should be automatically rotated\n- rotation_interval: Optional[str] - How often to rotate this key (e.g., '30d', '90d'). Required if auto_rotate=True\n- allowed_vector_store_indexes: Optional[List[dict]] - List of allowed vector store indexes for the key. Example - [{\"index_name\": \"my-index\", \"index_permissions\": [\"write\", \"read\"]}]. If specified, the key will only be able to use these specific vector store indexes. Create index, using `/v1/indexes` endpoint.\n- router_settings: Optional[UpdateRouterConfig] - key-specific router settings. Example - {\"model_group_retry_policy\": {\"max_retries\": 5}}. IF null or {} then no router settings.\n- access_group_ids: Optional[List[str]] - List of access group IDs to associate with the key. Access groups define which models a key can access. Example - [\"access_group_1\", \"access_group_2\"].\n\nExample:\n```bash\ncurl --location 'http://0.0.0.0:4000/key/update' --header 'Authorization: Bearer sk-1234' --header 'Content-Type: application/json' --data '{\n \"key\": \"sk-1234\",\n \"key_alias\": \"my-key\",\n \"user_id\": \"user-1234\",\n \"team_id\": \"team-1234\",\n \"max_budget\": 100,\n \"metadata\": {\"any_key\": \"any-val\"},\n}'\n```",
|
|
"operationId": "update_key_fn_key_update_post",
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
],
|
|
"parameters": [
|
|
{
|
|
"name": "litellm-changed-by",
|
|
"in": "header",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
|
|
"title": "Litellm-Changed-By"
|
|
},
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability"
|
|
}
|
|
],
|
|
"requestBody": {
|
|
"required": true,
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/UpdateKeyRequest"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {}
|
|
}
|
|
}
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/key/{key}/regenerate": {
|
|
"post": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "Regenerate Key Fn",
|
|
"description": "Regenerate an existing API key while optionally updating its parameters.\n\nParameters:\n- key: str (path parameter) - The key to regenerate\n- data: Optional[RegenerateKeyRequest] - Request body containing optional parameters to update\n - key: Optional[str] - The key to regenerate.\n - new_master_key: Optional[str] - The new master key to use, if key is the master key.\n - new_key: Optional[str] - The new key to use, if key is not the master key. If both set, new_master_key will be used.\n - key_alias: Optional[str] - User-friendly key alias\n - user_id: Optional[str] - User ID associated with key\n - team_id: Optional[str] - Team ID associated with key\n - models: Optional[list] - Model_name's a user is allowed to call\n - tags: Optional[List[str]] - Tags for organizing keys (Enterprise only)\n - spend: Optional[float] - Amount spent by key\n - max_budget: Optional[float] - Max budget for key\n - model_max_budget: Optional[Dict[str, BudgetConfig]] - Model-specific budgets {\"gpt-4\": {\"budget_limit\": 0.0005, \"time_period\": \"30d\"}}\n - budget_duration: Optional[str] - Budget reset period (\"30d\", \"1h\", etc.)\n - soft_budget: Optional[float] - Soft budget limit (warning vs. hard stop). Will trigger a slack alert when this soft budget is reached.\n - max_parallel_requests: Optional[int] - Rate limit for parallel requests\n - metadata: Optional[dict] - Metadata for key. Example {\"team\": \"core-infra\", \"app\": \"app2\"}\n - tpm_limit: Optional[int] - Tokens per minute limit\n - rpm_limit: Optional[int] - Requests per minute limit\n - model_rpm_limit: Optional[dict] - Model-specific RPM limits {\"gpt-4\": 100, \"claude-v1\": 200}\n - model_tpm_limit: Optional[dict] - Model-specific TPM limits {\"gpt-4\": 100000, \"claude-v1\": 200000}\n - allowed_cache_controls: Optional[list] - List of allowed cache control values\n - duration: Optional[str] - Key validity duration (\"30d\", \"1h\", etc.)\n - permissions: Optional[dict] - Key-specific permissions\n - guardrails: Optional[List[str]] - List of active guardrails for the key\n - blocked: Optional[bool] - Whether the key is blocked\n - grace_period: Optional[str] - Duration to keep old key valid after rotation (e.g. \"24h\", \"2d\"). Omitted = immediate revoke. Env: LITELLM_KEY_ROTATION_GRACE_PERIOD\n\n\nReturns:\n- GenerateKeyResponse containing the new key and its updated parameters\n\nExample:\n```bash\ncurl --location --request POST 'http://localhost:4000/key/sk-1234/regenerate' --header 'Authorization: Bearer sk-1234' --header 'Content-Type: application/json' --data-raw '{\n \"max_budget\": 100,\n \"metadata\": {\"team\": \"core-infra\"},\n \"models\": [\"gpt-4\", \"gpt-3.5-turbo\"]\n}'\n```\n\nNote: This is an Enterprise feature. It requires a premium license to use.",
|
|
"operationId": "regenerate_key_fn_key__key__regenerate_post",
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
],
|
|
"parameters": [
|
|
{
|
|
"name": "key",
|
|
"in": "path",
|
|
"required": true,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"title": "Key"
|
|
}
|
|
},
|
|
{
|
|
"name": "litellm-changed-by",
|
|
"in": "header",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
|
|
"title": "Litellm-Changed-By"
|
|
},
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability"
|
|
}
|
|
],
|
|
"requestBody": {
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"$ref": "#/components/schemas/RegenerateKeyRequest"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"title": "Data"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"$ref": "#/components/schemas/GenerateKeyResponse"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"title": "Response Regenerate Key Fn Key Key Regenerate Post"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"/key/{key}/reset_spend": {
|
|
"post": {
|
|
"tags": [
|
|
"key management"
|
|
],
|
|
"summary": "Reset Key Spend Fn",
|
|
"operationId": "reset_key_spend_fn_key__key__reset_spend_post",
|
|
"security": [
|
|
{
|
|
"APIKeyHeader": []
|
|
}
|
|
],
|
|
"parameters": [
|
|
{
|
|
"name": "key",
|
|
"in": "path",
|
|
"required": true,
|
|
"schema": {
|
|
"type": "string",
|
|
"title": "Key"
|
|
}
|
|
},
|
|
{
|
|
"name": "litellm-changed-by",
|
|
"in": "header",
|
|
"required": false,
|
|
"schema": {
|
|
"anyOf": [
|
|
{
|
|
"type": "string"
|
|
},
|
|
{
|
|
"type": "null"
|
|
}
|
|
],
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
|
|
"title": "Litellm-Changed-By"
|
|
},
|
|
"description": "The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability"
|
|
}
|
|
],
|
|
"requestBody": {
|
|
"required": true,
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/ResetSpendRequest"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"responses": {
|
|
"200": {
|
|
"description": "Successful Response",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"type": "object",
|
|
"additionalProperties": true,
|
|
"title": "Response Reset Key Spend Fn Key Key Reset Spend Post"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"422": {
|
|
"description": "Validation Error",
|
|
"content": {
|
|
"application/json": {
|
|
"schema": {
|
|
"$ref": "#/components/schemas/HTTPValidationError"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
} |