OpenAI BYOK

OpenAI BYOK on a hosted coding agent — bring your own OpenAI API key (sk-… / sk-proj-…) or sign in with your ChatGPT Plus / Pro subscription via Codex OAuth. AI charges go direct to OpenAI with zero VibeKit markup. The free tier is genuinely free with BYOK — hosting, iOS app, Telegram bot, GitHub, custom domains, all of it.

Two ways to bring OpenAI

OpenAI BYOK works two ways on VibeKit. Pick whichever matches what you already pay for:

OpenAI API key

Paste an sk-… or sk-proj-… key for the GPT family and Codex models. OpenAI bills your own account per token. Need the format? See the sk-proj key format breakdown.

ChatGPT Plus / Pro — Codex OAuth

No API key. Sign in with ChatGPT and the Codex agent runs against your existing Plus / Pro subscription quota — no per-token charge on top. In VibeKit, this is the OpenAI BYOK path: a ChatGPT subscription, not a separate provider. More on the Codex / ChatGPT-subscription route.

Zero markup — the bill is yours

On BYOK, the token bill is strictly between you and OpenAI. VibeKit is never in the billing path and adds zero markup — we can't pad the meter because the meter isn't ours.

API key route. You pay OpenAI's list price on your own account. Track exactly what each task cost on the OpenAI usage dashboard.
Codex OAuth route. You pay nothing beyond the ChatGPT Plus / Pro subscription you're already paying for. The agent just uses the quota you have.
Provider rate limits, not ours. Whatever your OpenAI account can do per minute is what the agent gets. We don't impose a quota on top.

What you get free with BYOK

Bring your own OpenAI credentials and the rest of VibeKit is genuinely free — nothing here is paywalled:

Hosting on AWS Fargate, served at <name>.vibekit.bot.
The iOS app — control your agents from your phone.
The Telegram bot — drive the agent from chat.
The agent runtime — the persistent coding agent itself.
GitHub integration — connect a repo, push, and deploy.
Custom domains — map your own domain to a hosted app.

No OpenAI key? Platform fallback

No OpenAI API key and no ChatGPT subscription? The agent still works. VibeKit's platform fallback routes the OpenAI GPT family through OpenRouter on a gateway-level key, at OpenRouter list price plus a flat 20% platform markup, deducted from your prepaid credits.

Other fallback providers are available too — including Qwen, which runs on OpenRouter's free pool at $0 cost and $0 markup, so the platform stays genuinely free even without any OpenAI credentials. See the full BYOK hub for every routing option.

Key security

Your OpenAI key is encrypted at rest with AES-GCM, decrypted in memory only when the request fires, and never logged — it won't appear in any chat transcript, log, or telemetry stream we keep. Keys are scoped per-app, so a key you add for one app isn't shared with another. Rotate or revoke any time from Settings and the next request switches over. Server-side, the only thing that ever sees the plaintext key is the proxy that forwards the model request to OpenAI.

Setup

1. Profile → AI Provider → "Add key"
2. Paste sk-... / sk-proj-... (OpenAI API key)
   OR tap "Sign in with ChatGPT" (Codex OAuth)
3. Choose this provider for an app
4. The agent's next request runs on your OpenAI account

Per-app: different apps can use different keys — handy if a client requires its own OpenAI account, or you want one project on the API key and another on your ChatGPT subscription. New to OpenAI keys? See the sk-proj key format breakdown for what each piece means and how to generate one.

FAQ

What is OpenAI BYOK on a coding agent?

OpenAI BYOK (bring-your-own-key) means you supply your own OpenAI credentials and the agent's AI calls run on your OpenAI account. There are two ways to do it on VibeKit: paste an OpenAI API key (sk-… or sk-proj-… format), in which case OpenAI bills your account directly; or sign in with ChatGPT Plus / Pro via Codex OAuth, in which case the Codex agent runs against your existing subscription quota with no per-token charge on top. Either way, VibeKit never sits in the billing path.

Do I need an OpenAI API key, or can I use my ChatGPT Plus subscription?

Either works. If you have an OpenAI API key (sk-… / sk-proj-…), paste it and OpenAI bills you per token. If you only have a ChatGPT Plus or Pro subscription, sign in via Codex OAuth instead — in VibeKit, codex_oauth is the OpenAI BYOK path, so the Codex agent uses the subscription you already pay for, with no extra per-token charge. No API key required for the subscription route.

Does OpenAI BYOK have any VibeKit markup?

No. On BYOK, the token bill is strictly between you and OpenAI — VibeKit is never in the billing path and adds zero markup. With an API key you pay OpenAI's list price on your own account; with Codex OAuth you pay nothing beyond your ChatGPT subscription. The only place a markup exists is the platform fallback for users with no OpenAI key, which routes the GPT family via OpenRouter at list price plus 20%.

What if I don't have an OpenAI key or ChatGPT subscription?

The agent still works via platform fallback. VibeKit routes the OpenAI GPT family through OpenRouter on a gateway-level key at OpenRouter list price plus a flat 20% platform markup, deducted from your prepaid credits. Other fallback providers are available too — including Qwen, which runs on OpenRouter's free pool at $0 cost and $0 markup, so the platform is genuinely free even without any OpenAI credentials.

Is my OpenAI key safe with VibeKit?

Yes. Your OpenAI key is encrypted at rest with AES-GCM, decrypted in memory only at request time, and never logged or written into any chat transcript or telemetry. Keys are scoped per-app, so a key you add for one app isn't shared with another. You can rotate or revoke at any time from Settings, and the next request switches over.

Bring your own OpenAI key. Free forever.

OpenAI API key (sk-… / sk-proj-…) or ChatGPT Plus / Pro via Codex OAuth. Zero markup on BYOK. Qwen is free even without a key.

Add Your OpenAI Key →