OpenAI
Sign in to the
OpenAI API keys page,
create a new secret key, copy it once, and add it inside the app
when HabitSage asks for it.
If you are working inside a team setup, prefer a project-based key
instead of reusing one shared personal key across multiple people.
OpenAI's help docs on
creating API keys
and
key safety
are the right references.
To limit spend, use an OpenAI project and set a monthly budget in
that project's Limits settings. OpenAI treats that budget as a soft
threshold for alerts, not a guaranteed hard stop, so it is best
used as a warning line rather than an absolute cutoff.
OpenRouter
Sign in to
OpenRouter key settings,
create a key, give it a clear name, and optionally set a credit
limit before adding it inside HabitSage.
OpenRouter's
authentication docs
explain the current key and account model if you want to use
OpenRouter as the provider behind HabitSage.
To cap usage, set a credit limit on the OpenRouter key itself when
you create it, or edit the key later and add a limit there.
OpenRouter also exposes remaining credits and key limits, which
makes it the cleaner choice if you want a stricter per-key spend
ceiling.
How HabitSage handles your key
HabitSage stores your API key locally on your own device in
Keychain so you can use your own provider account. The point is
simple: your key stays tied to your device and your account,
rather than being managed as a shared app credential.
In practical terms, treat it like any other secret saved on your
phone or computer. Protect your device with a strong passcode, use
Face ID or Touch ID if available, avoid sharing screenshots that
show settings screens, and rotate the key immediately if you think
someone else may have seen it.
If you want an extra safety margin, create a dedicated key just for
HabitSage and set a spending limit or usage cap with the provider
when that option is available. In practice, OpenRouter supports a
direct key credit limit, while OpenAI is better thought of as
budget alerts plus account monitoring.