HOW TO USE
Privacy-First • Client-Side Validation
Step 1: Paste Your API Keys
Enter Your Keys
In the text area labeled "LLM API keys — one per line", paste your API keys. You can check multiple keys at once by entering each on a new line.
sk-proj-...
AIzaSy...
Step 2: Click "CHECK KEYS"
Instant Validation
Click the glowing "CHECK KEYS" button. CheckAPIs will automatically:
- Detect the provider for each key
- Make direct API calls from your browser
- Validate each key in parallel
- Retrieve available models and rate limits
Step 3: View Results
Detailed Information
Results appear in a table showing:
- Key: First 8 characters (truncated for security)
- Provider: Detected API provider (OpenAI, Anthropic, etc.)
- Status: ✓ Valid or ✗ Invalid
- Models: List of available models
- Latency: Response time in milliseconds
- Rate Limits: Usage limits (if provided by API)
- Error: Detailed error message for invalid keys
Privacy & Security
Zero-Trust Architecture
CheckAPIs is designed with privacy as the top priority:
- Client-Side Only: All validation runs in your browser
- Direct API Calls: Keys sent directly to providers, never to our servers
- No Logging: Keys never logged, stored, or transmitted to third parties
- No Analytics: We don't track what keys you check
- Open Source: Code is public for security audits
- Memory Only: Keys cleared from memory after validation
Understanding Results
Status Indicators
Valid Key
Key is active and working. You'll see available models and rate limits.
Invalid Key
Key is revoked, expired, or malformed. Check the error message for details.
Timeout/Error
Provider API is temporarily unavailable. Try again later.
Supported Providers
Fully Supported:
- OpenAI (GPT-4, GPT-3.5)
- Anthropic (Claude)
- Google Gemini
- Groq
- Perplexity
- HuggingFace
Also Supported:
- Replicate
- Together AI
- Cohere
- Mistral
- AWS Bedrock (detection)
- Azure OpenAI (detection)
Tips & Best Practices
- Batch Checking: Check multiple keys at once for efficiency
- Regular Validation: Periodically verify keys haven't been revoked
- Error Messages: Read error details to understand why a key failed
- Latency Monitoring: High latency may indicate provider issues
- Rate Limits: Check limits to avoid hitting quotas in production
- Incognito Mode: Use private browsing for extra security
API Usage (curl)
Programmatic Access
Use CheckAPIs from the command line or integrate into your applications:
Endpoint:
Example Request:
-H "Content-Type: application/json"
-d '{"keys": ["sk-proj-...", "sk-ant-..."]}'
Response:
"success": true,
"count": 2,
"results": [
{{
"key": "sk-proj-...",
"provider": "openai",
"valid": true,
"models": ["gpt-4", "gpt-3.5-turbo"],
"latency": 245
}
]
}
Limits:
- Maximum 50 keys per request
- 10 second timeout per key
- CORS enabled for browser requests
- No authentication required