BYOK (Bring Your Own Key)

BYOK is shorthand for a deployment pattern where the SaaS application acts as orchestration and UI, but every call to an AI provider (OpenAI, Anthropic, Google Gemini) runs on a credential the customer owns. The vendor never holds the plaintext key; the customer owns the relationship with the AI provider directly.

Functionally, you paste your API key into the SaaS once. The vendor encrypts it at rest, decrypts it inside the worker process at runtime, makes the LLM call with that key, then drops the plaintext. Your provider sees your usual usage pattern (just with the vendor's prompts attached). Your bill comes from OpenAI / Anthropic / Google — not from the SaaS.

It's the opposite of the typical SaaS-AI model where the vendor holds a master account, marks up token spend, and bills you a flat or usage-based fee. BYOK removes the markup and the trust gap in one move.

AI code review burns tokens. A single 300-line PR review on GPT-4o runs about $0.05-$0.15. Multiply by 50 PRs/week and 10 engineers and you're looking at $200-$600/month — easily more than the SaaS subscription itself. If the vendor adds a 30-50% markup on top of provider cost (typical), you're paying $260-$900/month for what should be ~$200-$600.

Beyond cost: BYOK lets you audit your own token spend at the provider dashboard, set usage limits and alerts on your account, switch models without asking the vendor to add support, and walk away from the vendor without losing access to your AI workflow (the key is yours).

For regulated or privacy-sensitive teams, BYOK also matters because it cuts the data-flow path. The vendor's prompts reach the LLM via your key — your provider's data-handling agreement applies, not the vendor's separate agreement with the LLM company.

Vendor-managed (the default): the SaaS holds an API key for the LLM provider, bills you a flat or per-seat fee, and absorbs the token cost. Simple, hidden cost structure, but vendor sees every prompt and response.

BYOK: customer holds the API key, pays the LLM provider directly, controls usage limits and model selection. Vendor sees orchestration metadata (which prompts ran, when) but not the cost or quota.

The middle ground is rare: a few vendors let you choose. BYOK is increasingly common in dev-tool space (LGTM, Cursor, some agent platforms) because devs already have their own AI provider accounts and don't want a second markup.

A BYOK implementation that doesn't encrypt at rest is worse than no BYOK — you've created a single high-value target containing every customer's provider key. Industry-standard pattern: AES-256-GCM encryption with a server-side master key stored separately (e.g. in HashiCorp Vault, AWS KMS, or a host secrets manager like Fly secrets).

The master key never lives in the same place as the encrypted blobs. Decryption happens in worker process memory at the moment a job fires — never in a request handler, never logged, never returned to the client UI. After the LLM call returns, the plaintext key is dropped by garbage collection.

Display in the customer UI should redact aggressively: show only a prefix (e.g. sk-...AbCd) so users can identify which key is saved without exposing the full secret to anyone with access to the dashboard.

LGTM follows the BYOK model strictly. When you add an OpenAI / Anthropic / Gemini key in Settings, we validate it against the provider's /v1/models endpoint, encrypt with AES-256-GCM, and store the encrypted blob in MongoDB. The master key lives in Fly secrets.

At review time, the worker decrypts in memory, makes the LLM call, then drops. Your bill comes from OpenAI / Anthropic / Google directly. LGTM doesn't see your token usage, doesn't proxy your requests, and doesn't mark up provider cost.

Per-repo model overrides are a Pro feature — you can pin GPT-4o on a high-stakes payments repo and Claude Haiku on a marketing blog, all running on your single BYOK key.