BYOK (Bring Your Own Keys)

Use your own API keys from OpenAI, Grok, and OpenClaw to generate content.

Why BYOK?

Elcine Studios uses a BYOK model for AI generation. This means you provide your own API keys from the providers you want to use. There are several advantages:

  • Cost control — You only pay for what you use, directly to the provider
  • No markup — We don't add fees on top of provider costs
  • Direct relationship — Your usage data stays with the provider you choose
  • Full features — Access all provider features without restrictions

Supported Providers

OpenAI

OpenAI provides DALL-E 3 for image generation and GPT-4 for chat completions.

How to get your key:

  1. 1. Go to platform.openai.com
  2. 2. Navigate to API Keys
  3. 3. Click "Create new secret key"
  4. 4. Copy the key (it starts with sk-)

Grok

Grok from xAI provides image generation capabilities with extended prompt support.

How to get your key:

  1. 1. Sign up at the xAI developer portal
  2. 2. Create a new API application
  3. 3. Generate an API key (starts with xai-)

OpenClaw

OpenClaw offers various image generation models with flexible parameters.

How to get your key:

  1. 1. Create an account at OpenClaw
  2. 2. Navigate to Developer Settings
  3. 3. Generate a new API key (starts with oc-)

Adding Keys to Elcine

Via Settings UI

The recommended way to add keys is through the Settings page:

  1. Navigate to Settings → BYOK
  2. Click "Add Key" for the provider you want to configure
  3. Paste your API key
  4. Click "Test Connection" to verify
  5. Save the configuration

Via Environment Variables

For self-hosted deployments, you can configure keys via environment variables:

OPENAI_API_KEY=sk-your-openai-key
GROK_API_KEY=xai-your-grok-key
OPENCLAW_API_KEY=oc-your-openclaw-key

Security

Key Security

Keys stored via the Settings UI are encrypted at rest using AES-256 encryption. They are decrypted only at the moment of API call and are never logged or exposed in client-side code.

Best Practices

  • Use restricted keys — Create keys with only the permissions needed
  • Set spending limits — Configure budget alerts with your provider
  • Rotate regularly — Replace keys periodically for safety
  • Monitor usage — Check your provider dashboard for unusual activity

Never Share Keys

API keys are like passwords. Never share them in screenshots, code repositories, or public forums. If you accidentally expose a key, revoke it immediately and generate a new one.

Troubleshooting

Invalid Key Error

If you receive an "Invalid API key" error:

  • Double-check that the key is copied correctly (no extra spaces)
  • Verify the key hasn't been revoked
  • Ensure you have sufficient credits/quota with the provider

Rate Limiting

If you're hitting rate limits:

  • Check your provider's rate limit documentation
  • Reduce batch sizes for generation
  • Add delays between requests in the Settings

Connection Errors

If you can't connect to a provider:

  • Verify your internet connection
  • Check the provider's status page for outages
  • Try the "Test Connection" button to diagnose