User Keys

Issue virtual keys that applications use to access the FinOps AI Gateway with governance attached.

User Keys (virtual keys) are how applications authenticate to the FinOps AI Gateway. Each key carries an organization scope, optional budgets, rate limits, and model restrictions.

Access

Open Finops Config → User Keys.

Create a virtual key

  1. Click + Create.
  2. Set Name — a recognizable label (e.g. Dev user 2, Production chatbot).
  3. Set Description (optional).
  4. Choose Organization — the tenant visibility org for this key.
  5. Set Governance Scope Organization when budget, rate limit, and routing should follow a different org than the visibility org.
  6. Toggle Is Active on to allow traffic.
  7. Optionally enable Calendar Aligned for budgets that reset on calendar boundaries (day/week/month/year in UTC).
  8. Click Submit.

What a virtual key controls

CapabilityConfigured via
Model allowlist / blocklistOrganization Models or key-scoped model rules
Spend capOrganization Budget or key-level budget
Request/token throttlingRate Limit or org-level limits
Routing behaviorRouting Rules scoped to the key or its org

Model rules for a virtual key

When creating a model rule, select the virtual key in the Virtual Key Id field of GovernanceVirtualKeyProviderConfig Save Flow:

Virtual key scoped model configuration form

Next steps

Monetize360 issues a signed JWT for each virtual key. Applications send this token in the Authorization header — never embed provider API keys in client code.