Create API Key

Creates a new API key in your OpenRouter account programmatically. Requires a Provisioning API key.

Common Properties

• Name - The custom name of the node.
• Color - The custom color of the node.
• Delay Before (sec) - Waits in seconds before executing the node.
• Delay After (sec) - Waits in seconds after executing node.
• Continue On Error - Automation will continue regardless of any error. The default value is false.

info

If the ContinueOnError property is true, no error is caught when the project is executed, even if a Catch node is used.

Inputs

• Connection Id - The connection identifier from Connect node (optional if API Key is provided directly).
• Name - Display name for the new API key. Required and cannot be empty.
• Credit Limit - Optional credit limit for the API key (in USD). Leave empty for unlimited.
• Include BYOK in Limit - Optional. When true, BYOK (Bring Your Own Key) usage counts toward the credit limit.

Options

• API Key - OpenRouter Provisioning API key credential (optional if using Connection Id). Regular API keys will fail.

warning

This node does NOT support "Use Robomotion AI Credits" mode and requires a Provisioning API key, not a regular API key.

Outputs

• Created API Key - Metadata for the created API key containing:
  • name - The key name
  • label - Display label
  • limit - Credit limit
  • disabled - Whether key is disabled
  • created_at - Creation timestamp
  • updated_at - Last update timestamp
  • hash - Key hash identifier
• API Key String - The actual API key string. This is only shown once - save it securely.

How It Works

When executed, the node:

1. Validates inputs (name cannot be empty)
2. Validates that a Provisioning API key is being used (blocks Robomotion AI Credits)
3. Builds the request with name and optional parameters
4. Makes POST request to /keys endpoint
5. Returns both the key metadata and the actual key string
6. The key string is only available in this response - it cannot be retrieved later

Requirements

• Provisioning API Key (not a regular API key)
• Non-empty key name
• OpenRouter account with key creation permissions

Error Handling

The node will return specific errors in the following cases:

• Empty or missing Name
• Using Robomotion AI Credits mode (unsupported)
• Using regular API key instead of Provisioning API key (401 Unauthorized)
• API service errors (500, 502, 503, 504)

Provisioning API Key

To use this node, you need a Provisioning API key:

1. Go to https://openrouter.ai/keys
2. Click "Create Key"
3. Select "Provisioning Key" type
4. This key can create, read, update, and delete other keys
5. Cannot be used for AI inference operations

Examples

Example 1: Create Basic API Key

Inputs:

• Connection Id: msg.connection (using Provisioning API key)
• Name: "Development Key"

Outputs:

• Created API Key: (metadata object)
• API Key String: "sk-or-v1-abc123..."

danger

Save the API Key String immediately - it cannot be retrieved later!

---

Example 2: Create Key with Limit

Inputs:

• Connection Id: msg.connection
• Name: "QA Environment"
• Credit Limit: 25.00

Output: Creates a key with $25 spending limit.

---

Example 3: Create Key with BYOK Limit

Inputs:

• Connection Id: msg.connection
• Name: "Production App"
• Credit Limit: 100.00
• Include BYOK in Limit: true

Output: Creates a key where BYOK usage counts toward the $100 limit.

---

Example 4: Auto-Provision Keys for Projects

const projects = ["Project A", "Project B", "Project C"];
msg.project_keys = {};

for (let project of projects) {
  // Create API Key Node
  // Input: Name = project + " Key"
  // Output: msg.created_key, msg.key_string

  msg.project_keys[project] = {
    hash: msg.created_key.hash,
    key: msg.key_string,
    limit: msg.created_key.limit
  };

  // Store key_string securely in vault or database
  storeInVault(project, msg.key_string);
}

---

Example 5: Secure Key Storage

// Create API Key Node
// Output: msg.created_key, msg.key_string

// Immediately store the key securely
const key_data = {
  hash: msg.created_key.hash,
  name: msg.created_key.name,
  key_string: msg.key_string,  // Only available now!
  created_at: msg.created_key.created_at,
  limit: msg.created_key.limit
};

// Store in secure vault
vault.store("openrouter_keys", msg.created_key.hash, key_data);

// Clear from message to avoid logging
delete msg.key_string;

console.log(`Key created: ${msg.created_key.hash}`);

Best Practices

1. Secure Storage:

   • Save API Key String immediately upon creation
   • Store in secure vaults or secrets management systems
   • Never log or display keys in plain text
   • Clear keys from messages after storing

2. Key Organization:

   • Use descriptive names
   • Create separate keys for different environments
   • Set appropriate limits per use case

3. Limit Configuration:

   • Set limits for non-production keys
   • Use unlimited limits only for trusted environments
   • Enable BYOK limit tracking if using BYOK

4. Provisioning Key Security:

   • Protect Provisioning API keys carefully
   • They can create unlimited keys
   • Limit access to authorized automation only

5. Key Management:

   • Track created keys with metadata
   • Document key purposes
   • Regular audit of created keys

Use Cases

1. Multi-Environment Setup: Create separate keys for dev, staging, production
2. Customer Provisioning: Auto-create keys for new customers
3. Project Isolation: Separate keys per project for cost tracking
4. Temporary Access: Create limited keys for contractors
5. Team Management: Provision keys for team members
6. API Key Rotation: Create new keys and retire old ones

Related Nodes

• List API Keys - View all created keys
• Get API Key - Get details of a specific key
• Update API Key - Modify key settings
• Delete API Key - Remove a key