Architecture reference · AI integration · ~5 minute read

Bring your own Anthropic key — BYOK setup for the Admaxxer AI chat

Admaxxer’s AI surfaces — the global ⌘J chat drawer, the dedicated /chat page, the dashboard analytics drawer, and the Maxxer ad-ops agent — all run on YOUR Anthropic API key (or OpenRouter, OpenAI, Google, Mistral, GLM, DeepSeek, … eleven providers in total). You pay Anthropic directly at provider pricing, prompt caching survives across requests with the same key for predictable TTFT, and you can revoke any key from Settings › AI providers in one click. This page documents how it works, why we built it that way, and the exact paste-and-test flow.

What “BYOK” means in Admaxxer

BYOK = bring your own key. You generate an Anthropic API key in your own Anthropic Console, paste it into Admaxxer, and from that point every call the Admaxxer chat surfaces make to Claude is billed to YOUR Anthropic account at standard Anthropic pricing — no Admaxxer markup, no per-message tax, no prompt-cap.

The model picker inside Admaxxer’s chat surfaces lets you choose any model your key has access to (Opus, Sonnet, Haiku for Anthropic; equivalent tiers for the other 10 providers). When you ask Maxxer to summarize last week’s spend or pause low-ROAS campaigns, the request goes:

Browser → Admaxxer server (with your session cookie).
Admaxxer server → Anthropic API at https://api.anthropic.com (with YOUR API key in the x-api-key header, AES-256-GCM-decrypted from Postgres on demand).
Anthropic streams Claude’s tokens back to Admaxxer via SSE.
Admaxxer pipes the SSE stream straight to your browser.

Your key never lives on the browser. Admaxxer holds it AES-256-GCM encrypted at rest and never logs the raw value — only a 6-character prefix appears in debug logs (e.g. sk-ant-…).

Why BYOK — provider pricing + prompt caching

No markup. Admaxxer doesn’t charge a per-message AI fee on top of Anthropic’s pricing. You see your usage directly in your Anthropic Console — same dashboard the rest of your AI workloads use.
Prompt caching survives across requests. Anthropic’s prompt cache (5-minute TTL on the system block + tools array) only works when the same API key is used across requests. With BYOK, every Admaxxer chat session in the same workspace uses your one key — so cache hit rate stays high (typical: 85–95% of the system block on warm sessions), TTFT stays low, and tool-call latency is dominated by the actual tool work rather than re-priming the model.
You own the audit trail. Every call shows up in your Anthropic Console’s usage logs — full request/response history if you have the appropriate org-level permissions. Admaxxer’s side records the chat session and tool-call metadata in chat_messages, but the model-side audit lives with you.
Use any tier you pay for. If your Anthropic plan unlocks Opus 4 or Claude Code limits, that’s the tier Admaxxer’s chat will use. We don’t cap the model picker to Sonnet.
Multiple providers without juggling subscriptions. The same paste-key flow works for OpenRouter (one key, every frontier model), OpenAI, Google, Mistral, DeepSeek, GLM, and 5 more. If you have an OpenRouter subscription that already covers Claude + GPT + Gemini, paste that one key and Admaxxer runs on it. No need for a separate Anthropic account.

Which Admaxxer features use BYOK?

Global ⌘J chat drawer — press ⌘J anywhere in the app for an inline conversational session. Same backend as /chat, scoped to your workspace.
/chat page — the full-screen Maxxer agent. Six tools: list_campaigns, get_campaign_insights, get_account_insights, query_metrics (read-only) plus update_campaign + pause_all_low_roas (destructive, requires explicit confirmed: true).
Dashboard analytics drawer — the analytics-focused chat that opens from /dashboard/analytics. Eight read-only tools, PIPE_ALLOWLIST-guarded, prompt-cached. Uses your BYOK key after the R31.5 fix landed.
Maxxer ad-ops agent — the same backend as /chat, exposed through the chat drawer plus surface-specific entry points like “Ask Maxxer about this campaign”.

Surfaces that do NOT use BYOK: SSR-rendered marketing content, billing portal redirects, the in-app onboarding wizard. None of these call an LLM directly. If a screen says “Powered by Claude” or shows a streaming SSE response, it’s using BYOK.

Step-by-step setup

Step 1 — Generate an Anthropic API key (~60 sec)

Open console.anthropic.com/settings/keys and sign in.
Click Create Key.
Give it a recognizable name — we suggest Admaxxer — <your workspace name>. Anthropic’s console shows this label on every billing line item, so naming it after the integration makes auditing trivial.
Click Create Key. The console reveals the full key once — copy it now (format sk-ant-api03-…). You won’t see the full value again from Anthropic’s side.

Permissions: a default key has access to every model + every endpoint your account is enabled for. If you want to restrict Admaxxer to specific models (e.g. only Sonnet, no Opus), use Anthropic’s key-scope feature on the same screen — the chat will surface a clear error if Admaxxer requests a model your key doesn’t allow.

Step 2 — Paste the key into Admaxxer (~30 sec)

In Admaxxer, open Settings › AI providers.
Find the Anthropic card in the provider grid (or the OpenRouter card if you’re using OpenRouter instead).
Click Connect.
Paste the key. Optionally add a label (we default to your workspace name).
Click Save key. Admaxxer immediately makes a test call to Anthropic’s /v1/messages endpoint with a tiny prompt — if the key works, the card flips to Connected with a green checkmark. If it fails (revoked, wrong format, network error), Admaxxer shows the exact error and does NOT persist the key.

Step 3 — Pick a model (~15 sec)

Open /chat or press ⌘J to open the global drawer.
Click the model picker in the bottom-right of the input box. The dropdown shows every model your connected providers expose — Anthropic Opus / Sonnet / Haiku, plus any other providers you’ve connected.
Pick the model you want. Admaxxer remembers this per-workspace, so future sessions default to the same choice.

Step 4 — Verify it’s using your key (~30 sec)

Send any message in the chat (e.g. “summarize my Meta spend this week”).
Open console.anthropic.com/usage in another tab.
Refresh — you should see a usage row with the model you picked, the prompt + completion token counts, and the timestamp matching your message. If you don’t see anything, your key isn’t connected (re-check the green checkmark on the AI providers card).

Cost mechanics — how prompt caching keeps TTFT low

Anthropic’s prompt cache works by hashing the prefix of every request (system block + tools array, in our case) and storing it server-side for 5 minutes. The next request with the SAME prefix and the SAME API key reuses the cached prefix at a 90% discount on tokens and roughly half the TTFT.

Admaxxer is built around prompt caching:

The system prompt + tool definitions are stable per chat session — we deliberately don’t inject changing context into the prefix.
Tools are declared with cache_control: { type: 'ephemeral' } on the array, so the entire tools array gets cached.
The system block is static across sessions in the same workspace, so cache hits are high even on first message of a fresh session if another session in the same workspace was active in the last 5 minutes.

Because BYOK pins one key per workspace, this caching effect compounds across users: if alice and bob are both members of the same workspace, alice’s session warms up bob’s session within the 5-minute window. The team feels “always responsive,” not “cold first message of the day.”

Practical cost. With prompt caching working, a typical Maxxer session of 5–10 turns runs $0.05–$0.20 on Sonnet, billed directly to your Anthropic account. Without caching the same session would run $0.20–$1.00. The 4–5x difference is why “same key across requests” matters more than just “no markup.”

Security — how Admaxxer stores your key

AES-256-GCM at rest. The key is encrypted before it ever touches the database. Encryption key is derived via scrypt from Admaxxer’s ENCRYPTION_KEY env var, with per-record nonces.
Workspace-bound. The encrypted key blob is stored in byok_keys with a foreign key to workspaces. A user with no membership in workspace X can’t read workspace X’s key — the read query is gated by workspace_members.
Never logged in plaintext. Application logs only show a 6-character prefix (e.g. sk-ant…) for debugging. Error reports redact the full x-api-key header.
One-click revoke. Click Disconnect on the AI providers card — the key is soft-deleted (revokedAt set, status='revoked') and immediately stops being decrypted on chat requests.
You can also revoke from Anthropic. Going to console.anthropic.com/settings/keys and revoking the key directly is independent of the Admaxxer side — chat will start failing with 401 from Anthropic, and Admaxxer surfaces a banner suggesting you reconnect with a new key.

How to revoke or rotate

Open Settings › AI providers.
Find the Anthropic card with the green Connected badge.
Click the menu icon › Disconnect. The card flips back to Connect.
To rotate (replace with a new key without losing chat history), click Connect again, paste the new key, click Save key. The old key stops being used the moment the new one is saved.

Chat session history (in chat_sessions + chat_messages) is unaffected by key rotation — only the credential changes. The next message you send just uses the new key.

FAQ

Q: Does Admaxxer charge me extra per AI message?

No. With BYOK, you pay Anthropic (or whichever provider you connect) directly at provider pricing. Admaxxer’s plan price (starting at $9/mo) covers analytics, ad ops, the pixel, attribution, and the agent infrastructure — not the model tokens. Model usage shows up on YOUR Anthropic Console invoice, separately from Admaxxer’s Stripe invoice.

Q: What if I don’t want to manage an Anthropic key separately?

Connect OpenRouter instead. One OpenRouter key gives access to Claude (all tiers) + GPT-4 / GPT-5 + Gemini + DeepSeek + Llama + Mistral + Qwen. The model picker in Admaxxer surfaces every model OpenRouter exposes. See the OpenRouter setup guide.

Q: Can my teammates use my key?

Yes — the key is workspace-scoped, not user-scoped. Every member of the workspace uses the same key for chat. Anthropic Console shows usage as one rolled-up line per workspace, which is what most teams want for billing simplicity. If you want per-user keys, that’s a feature request — today the model is one key per workspace.

Q: Does Admaxxer have a fallback if my key fails?

If Admaxxer can’t reach Anthropic with your key (revoked, rate-limited, network error), the chat surface returns a structured error with the failure reason. We do NOT silently fall back to a different key — that would surprise you on your Anthropic bill or hide a real problem. The error UI links back to Settings › AI providers so you can reconnect or switch providers.

Q: Can I see what model + tokens each chat used?

Yes. The chat surface shows model name + cumulative token total per session. For raw per-call audit, check your Anthropic Console’s usage page — it lists every API call with token counts, model, and timestamp. Admaxxer’s side stores the message blocks (text, tool_use, tool_result) in chat_messages for replay.

Q: What happens if I delete the workspace?

The encrypted key blob is soft-deleted with the workspace. The cleartext value isn’t recoverable from Admaxxer (we never persist it — only the encrypted blob), but the key itself is still valid at Anthropic’s side until you revoke it from console.anthropic.com/settings/keys. Workspace deletion is not the same as key revocation — revoke explicitly in Anthropic’s console for a clean teardown.

How Tinybird auth works in Admaxxer · Anthropic provider setup guide · All BYOK provider guides · Claude AI agent deep dive · Documentation home