See and control every AI dollar your company spends.

Cap spend, route to cheaper models, and attribute every AI request across every provider, with one API.

# point any OpenAI-compatible client at Byoky
baseURL: 'https://api.byoky.com/v1',

Works with every major provider

Claude
OpenAI
Gemini
Mistral
Grok
DeepSeek
Cohere
Groq
Perplexity
Together AI
Fireworks
OpenRouter
Hugging Face
Replicate
Azure OpenAI
Ollama
Bedrock
LM Studio
Vertex AI
Live metering

See the waste, and watch it get cut.

Every AI request is metered the instant it runs. Byoky shows would-be spend, what it cut, and how much you actually saved, in real dollars against a real baseline.

managed spend · this month metering
$128,400would-be spend
−$41,900cut by Byoky · 33%
budgetpolicyrouted cheapermetered
The whole integration

Change one line. Route through Byoky.

Point any OpenAI-compatible client at our URL with a scoped byk_ key. Every request now flows through budgets, policy, and optimization — no rewrite, no migration.

  import OpenAI from 'openai';

  const client = new OpenAI({
-   baseURL: 'https://api.openai.com/v1',   // straight to the provider
+   baseURL: 'https://api.byoky.com/v1',    // route through Byoky
    apiKey:  process.env.BYOKY_KEY,          // a byk_ key, not the raw one
  });
Your appor agent
api.byoky.com
budgetpolicyoptimizemeter
OpenAI · Anthropic
Gemini · +10

Works with the OpenAI & Anthropic SDKs, LangChain, the Vercel AI SDK, or curl. Your real provider keys stay sealed server-side. And if Byoky is ever unreachable, the SDK fails open straight to the provider — so it's a reliability upgrade, never a new point of failure.

One control plane

Everything runs through it, and you see all of it.

Budgets

Spend caps, like corporate cards.

Issue a monthly cap to any team, app, or agent. Alert at a threshold, hard-stop with a 402 at the limit.

  • Per team / app / agent
  • Alert, then block at cap
  • Live spend, not month-end
Budgets this month
Marketing$1,840 / $2,000
92% — alert sent
Engineering$5,400 / $12,000
Support$300 / $300
at cap · new requests get 402
Policy

Guardrails that enforce themselves.

Model allow/deny lists, auto-stop on spend spikes, and a loop kill-switch for runaway agents. Every request gets a verdict.

  • Model allow / deny
  • Auto-stop on spend spikes
  • Loop kill-switch for agents
Policy verdicts live
gpt-5.5Engineeringallow
claude-opus-4-7not in allowlistblock
support-botauto-stop · $6.20/min spikeauto-stopped
Observability

Every request, attributable.

Break spend down by user, app, model, cost, latency, and verdict. Searchable, without handing any app a raw provider key.

  • Who / what / which model
  • Cost + latency on every call
  • Opt-in, PII-redacted prompts
Recent requests
AgentModelCostLatencyVerdict
eng-copilotgpt-5.5$0.421.2sallow
marketing-genclaude-sonnet$0.182.0sallow
data-pipelinegemini-flash$0.030.6salert
Kill-switch

Stop a runaway agent cold.

Pause any agent instantly, or let auto-stop trip it on a spike or loop. Your team is pinged; resume with one click.

  • Instant 403 at the gateway
  • Fires automatically + alerts
  • One-click resume
Agents kill-switch
support-botauto-stopped on loop⏸ paused
eng-copilot$16.25 · 1,686 req● active
marketing-gen$93.09 · 905 req● active
🛑 “support-bot” auto-paused — your team was alerted.
The easy yes for finance

Byoky pays for itself on day one.

You see exactly where the money goes — then Byoky tells you where it's being wasted and fixes it. Over-powered models, uncached traffic, agents burning loops, uncapped teams. Every recommendation is a real dollar figure, computed from your actual usage. Apply the fix in one click.

  • Savings measured against a real no-Byoky baseline — no vanity math.
  • Routing is opt-in and reversible — you approve each model swap, and a pinned model is never silently downgraded.
  • One-click apply: enable a cheaper route or set a cap, right from the alert.
See your savings →
💡 Opportunities$93,000 more to save
Route claude-opus → claude-sonnetsave $75,80080% of these calls don't need a frontier model.
🛡️
Uncapped agent: marketing-gen$93k ran through it with no budget cap.
Route gpt-5.5 → gpt-5.4-minisave $11,400Same task, cheaper equivalent.
Illustrative — figures come from your real traffic.
Okta for AI access

Every employee gets AI. You keep control.

Not just a developer gateway — a company-wide access rail for humans and agents, on every provider and device.

1

Request

Any employee browses the model/app catalog and requests access — in the console or Slack.

2

Approve

Routed to the right approver by role. Auto-approve the safe stuff instantly.

3

Granted

A scoped key is minted inside their team’s budget and policy — working in seconds.

4

Lifecycle

Auto-provision on hire via your IdP; revoke every key, grant, and budget on offboard.

Enterprise by architecture

The controls security and IT ask for — already built in.

SSO & RBAC

OIDC login (Google/Microsoft/Okta) with scoped roles — owner, admin, finance, security, member.

Tenant isolation

Postgres row-level security enforces org boundaries at the database, not just in app code.

Sealed credentials

Provider keys are KMS-envelope encrypted per org. Apps carry scoped byk_ keys, never the real thing.

Immutable audit

Every budget, policy, key, and access change logged — who, when, what. Prompt capture is opt-in and PII-redacted.

Fail-open

On an outage, requests degrade straight to the provider. Byoky is a reliability upgrade, never a single point of failure.

Kill-switch

Pause any agent instantly — or let auto-stop do it on a spend spike or loop, and alert your team.

Why Byoky

A gateway shows you spend. Byoky controls it.

Most tools are either an LLM gateway (routing + logs) or a FinOps dashboard (read-only reports). Byoky is the control plane that does both — and enforces.

ByokyLLM gatewaysFinOps dashboards
OpenAI-compatible gateway
Budgets that hard-stop spendpartialread-only
Policy + auto-stop + agent kill-switchpartial
Company-wide access management (SSO, requests, JML)
Cost optimization + one-click fixespartialinsights only
Keys sealed server-side (KMS), never in your apppartial
Fails open — never a new point of failuren/a
Fee model2% of spendper-seat / token markupper-seat
Self-hostable + open sourcepartial

Comparison reflects common capabilities in each category, not any single named product. Bring your own shortlist — we'll map it honestly.

Earn the trust, don’t claim it

No lock-in. No black box. No new SPOF.

Open source

The full stack is on GitHub, MIT-licensed. Read the code that touches your keys.

Self-hostable

Run it in your own cloud with your own KMS and IdP. Your data never has to leave.

Your keys, your accounts

You keep paying providers directly on your own committed-use discounts. We never resell tokens.

Fails open

If Byoky is down, requests go straight to the provider. Adopting it can’t make you less reliable.

Read the security overview →
Pricing

2% of managed spend. Nothing else.

No seats. No flat fee. No per-token markup. We only make money on the spend that flows through us — and the console proves you saved far more than the fee. Every feature included.

Prefer to start small?

The free on-device wallet.

Individuals and side projects can start bottoms-up: a keys-never-leave-device wallet for Chrome, Firefox, iOS, and Android. When your team's ready, upgrade to the control plane.

Take control of your AI spend — today.