Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.karta.sh/llms.txt

Use this file to discover all available pages before exploring further.

By default, turns run on Karta’s platform model key. BYOK lets an org supply its own provider key so usage bills to your provider account and runs under your own rate limits and contracts.

Supported providers

anthropic, openai, bedrock, vertex, openrouter — one active key per (org, provider).

Store a key

Keys are AES-256 encrypted at rest (Rails MessageEncryptor, domain-separated purpose). Set one from the dashboard or the management SDK: 
import { Karta } from "@karta/sdk";
const karta = new Karta({ apiKey: process.env.KARTA_API_KEY! });

await karta.modelKeys.create("anthropic", process.env.ANTHROPIC_API_KEY!, "primary");
await karta.modelKeys.list();
await karta.modelKeys.revoke(id);

How it’s used at request time

The data plane fetches the decrypted key on demand (short-TTL cached, default 60s) and uses it for the customer’s turn, falling back to the platform key when no BYOK is set. Rotations propagate quickly because the control plane push-invalidates the BYOK cache when a key changes. If a provider rejects a BYOK key, the turn surfaces a byok_key_rejected error — 422 for unary requests, or an error event mid-stream for streaming requests.

Safety

BYOK plaintext is never logged, never put on spans, and scrubbed from error reports. The platform operator runs your harness and is therefore technically capable of reading tenant content — Karta’s direction is BYOK-based encryption of tenant content, backed by an operators-don’t-read policy and audit. This is the platform’s single biggest trust claim; see Personas.
Status: the control plane stores and serves BYOK keys today; the request-time path that injects per-request customer credentials into the harness is the next focused pass. See Architecture → honest seams.