KeyVault Edge Docs
Quickstart
Go from zero to a working sanitized token in under 5 minutes.
- Install the SDK
- Create your first token
- Replace in your codebase
- Test the proxy
SDK Reference
Full API reference for the KeyVault Edge Node.js and Python SDKs.
- Node.js SDK
- Python SDK
- REST API
- Webhooks
Security Model
How host-binding encryption works and our threat model.
- Token architecture
- AES-256-GCM encryption
- Host-binding
- Breach detection
Integration Guides
Step-by-step guides for every major API provider.
- OpenAI / GPT-4
- Anthropic Claude
- Stripe
- GitHub API
- AWS SDK
- Twilio
Quickstart
- 5 minutes to production1
Install the SDK
bash
npm install @keyvault-edge/sdk2
Initialise and create a token
typescript
import { KeyVaultEdge } from '@keyvault-edge/sdk'; const kve = new KeyVaultEdge({ apiKey: process.env.KVE_API_KEY,}); const token = await kve.tokens.create({ name: 'openai-prod', realKey: 'sk-proj-abc123...your_real_key', provider: 'openai', allowedHosts: ['api.myapp.com', 'myapp.com'], rateLimit: { requests: 1000, window: '1m' },}); console.log(token.sanitizedKey);// kve_hb_...safe_to_commit3
Replace in your env file
bash
# BeforeOPENAI_API_KEY=sk-proj-abc123...real_key_exposed # After (safe to commit)OPENAI_API_KEY=kve_hb_<YOUR_TOKEN_HERE>4
Point your API calls at our proxy
typescript
import OpenAI from 'openai'; const openai = new OpenAI({ apiKey: process.env.OPENAI_API_KEY, // your sanitized token baseURL: 'https://proxy.keyvaultedge.com/openai', // our edge proxy}); // Everything else is identical - no other code changes.const response = await openai.chat.completions.create({ model: 'gpt-4o', messages: [{ role: 'user', content: 'Hello!' }],});