How Tokmeter handles your keys and data

Provider API keys you bring (OpenAI, Anthropic, etc.) are encrypted per organization using a key derived from a server-held master key plus an org-scoped salt before being written to storage. Plaintext keys never leave request memory, are never logged, and are never returned to the browser after the initial save.

On Enterprise, you can rotate or revoke at any time. Bring-your-own-encryption-key (BYOEK) for envelope encryption is on the roadmap.

Gateway keys are random 256-bit tokens. We store only a SHA-256 hash plus a short prefix and last-4 for display. Revoke is instant — the auth path checks revoked_at on every request.

Per-key controls include IP allowlists (exact IPv4/IPv6 and IPv4 CIDR), allowed providers, allowed models, environment scope, and monthly USD caps.

Every table containing tenant data has RLS enabled. Policies scope reads and writes to the caller's organization via membership lookups, and admin-only operations are gated by a has_role() security-definer function backed by a separate user_roles table — roles are never stored on the profile.

Cross-organization splice attempts (e.g. attaching a key from org A to a request from org B) are blocked by database triggers, not just policy checks.

Sensitive actions — minting or revoking keys, adding provider credentials, changing budgets — are written to an append-only audit log. Updates and deletes on the log are blocked at the database level.

Gateway requests are recorded into a monthly time-partitioned table. By default we keep the metadata row (model, tokens, cost, latency, status) for the organization's configured trace_retention_days(default 30) and only sample 5% of full request/response bodies into a separate table for debugging. Sampling rate and retention are tunable per organization.

Body payloads are isolated from the hot dashboard query path so trace volume cannot slow down cost rollups.

Inbound webhooks (billing, integrations) verify signatures before any side effects run and are deduped on (provider, event_id) so a replay cannot double-bill or re-trigger a downstream action.

Tokmeter is responsible for the platform — encryption, RLS, audit logging, infrastructure patching, and the gateway proxy code path. You are responsible for: who you invite to your organization, which roles you grant, where your provider keys originated, and how you scope virtual keys to teams.

Email security disclosures to security@tokmeter.ai. Please include a clear reproduction and a non-destructive proof. We acknowledge within two business days.