Guides
Guides

Authentication

Suggest Edits

Overview

This guide explains how to authenticate with Pay-i, regardless of which operational approach you choose - Direct Provider Call with Telemetry or Proxy Routing.

Authentication for Direct Provider Call with Telemetry

When using the Direct Provider Call with Telemetry approach, you authenticate with Pay-i by initializing the SDK with your API key:

from payi import Payi
from payi.lib.instrument import payi_instrument

# Initialize Pay-i with your API key
payi = Payi(
    api_key="YOUR_PAYI_API_KEY"  # Use environment variables in production
    # For private deployments only: base_url="YOUR_PRIVATE_DEPLOYMENT_URL"
)
payi_instrument(payi)

Note: For public SaaS deployments, you can omit the base_url parameter as it defaults to the public endpoint. Private deployments require specifying your custom Pay-i URL.

Authentication for Proxy Routing

When using the Proxy Routing approach, you need to include your Pay-i API key in request headers and direct requests to the appropriate Pay-i endpoint:

import os
from openai import OpenAI
from payi.lib.helpers import payi_openai_url

# API keys (use environment variables in production)
openai_key = os.getenv("OPENAI_API_KEY", "YOUR_OPENAI_API_KEY")
payi_key = os.getenv("PAYI_API_KEY", "YOUR_PAYI_API_KEY")

# Pay-i URL and endpoints
payi_base_url = "https://api.pay-i.com"  # For private deployments: "YOUR_PRIVATE_DEPLOYMENT_URL"
payi_openai_endpoint = payi_openai_url()

# Create client with Pay-i authentication
client = OpenAI(
    api_key=openai_key,
    base_url=payi_openai_endpoint,
    default_headers={"xProxy-Api-Key": payi_key}  # Pay-i authentication
)

# Now use the client as normal - requests will be routed through Pay-i
response = client.chat.completions.create(
    model="gpt-4",
    messages=[{"role": "user", "content": "Hello"}]
)

The primary difference between public and private deployments is just the payi_base_url value - the authentication headers remain the same.

Helper Functions for Provider Endpoints

Pay-i provides helper functions to construct the correct provider-specific endpoints:

  • payi_openai_url() - For OpenAI endpoints
  • payi_azure_openai_url() - For Azure OpenAI endpoints
  • payi_anthropic_url() - For Anthropic endpoints

These helpers automatically handle constructing the correct URLs based on your deployment type.

Provider-Specific Examples

For complete code examples showing authentication and configuration with different providers, refer to the provider-specific guides:

Environment Variables

The Pay-i SDK can automatically pick up authentication information from environment variables, which is the recommended approach for production environments. For a complete guide to environment variables in Pay-i, see the Environment Variables documentation.

Key environment variables for authentication include:

  • PAYI_API_KEY: Your Pay-i API key
  • PAYI_BASE_URL: Your Pay-i base URL (only needed for private deployments)

API Key Management

Pay-i API keys should be treated as sensitive credentials:

  • Store keys securely using environment variables or a secure secrets manager
  • Do not hardcode API keys in your application code
  • Rotate keys periodically according to your security policies
  • Use different API keys for different environments (development, staging, production)

For more information about Pay-i API keys and how to manage them, see the Pay-i API Keys documentation.

from payi import Payi

client = Payi(
    api_key=YOUR_PAYI_KEY
    base_url=YOUR_PAYI_ENDPOINT
)

Updated about 1 month ago