Scoped client keys
Give each tool or environment its own key so usage can be reviewed, disabled, and budgeted independently.
Guides
Controlled client workflow
Run Codex and Claude through a controlled API gateway
Use one prepaid NexRelay wallet to create scoped client keys, enforce budgets before routing, and verify each completed request in a usage ledger.
Workflow
Problem
Direct keys are easy to leak, hard to cap, and hard to audit across teammates or clients.
Setup
Create one controlled key with model allowlists, daily budgets, monthly budgets, IP rules, and output caps.
Client
Use the same wallet with Codex, Claude-style clients, OpenAI SDKs, and Gemini-compatible tools.
Proof
Each completed request leaves a ledger row with token meters, billed amount, model, key, and time.
Setup checklist
- 1Create a dedicated key for a coding client instead of reusing a broad provider key.
- 2Set a daily budget, monthly budget, model allowlist, IP policy, and output cap.
- 3Copy the Codex or Claude setup command from the API key page.
- 4Run one request through the gateway.
- 5Confirm the request appears in usage logs with model, token meters, status, and billed amount.
Why teams put a relay between clients and providers
Pre-route protection
Wallet balance, budgets, model allowlists, IP rules, and output caps are checked before upstream cost is created.
Usage proof
Request-level logs make it possible to explain which key, model, and token meters consumed credits.