LogoToRouter Docs
LogoToRouter Docs
HomepageWhat is ToRouter5-minute quickstartCore concepts
Create your first API keyIP whitelist & blacklist (CIDR)Quota, rate limits & expirationRestrict which models a key can callRotate or revoke a key
API Keys

Restrict which models a key can call

Limit a ToRouter API key to a specific list of model IDs. Inherits the group catalog when empty.

A key's model whitelist is a comma-separated list of model IDs the key is allowed to call. It is enforced server-side before the upstream request.

Behaviour

WhitelistEffect
emptyKey can call every model in the subscribed group's catalog
setKey can call only the listed models

A request whose model is not in the whitelist returns 403 model_not_allowed and is not billed.

Format

Comma-separated, no quotes. Whitespace is trimmed.

model whitelist
gpt-5, gpt-5-mini, claude-opus-4-7, gemini-3-flash-preview

OpenRouter-style vendor prefixes are matched literally:

anthropic/claude-opus-4-7, google/gemini-2.5-pro

ToRouter strips the -thinking suffix internally, so claude-opus-4-7 covers both claude-opus-4-7 and claude-opus-4-7-thinking. List the base ID and you'll cover the reasoning variant.

Why use it

  • Lock a cheap key (e.g. for a chatbot) to gpt-5-mini only — no risk of claude-opus-4-7 blowing through your budget.
  • Give a teammate a key that can only run embeddings.
  • Restrict an experimental key to a single model under evaluation.

Setting the whitelist

API Keys → Edit → Model whitelist field → save.

Browse model IDs in Models · Catalog or via GET /v1/models (see Base URL).

Next steps

Model identifiers

Naming rules and vendor prefixes.

Model catalog

Browse every supported model.

Quota, rate limits & expiration

Cap per-key spend in USD, throttle requests per window, and auto-expire keys after N days.

Rotate or revoke a key

Replace a leaked ToRouter API key, or instantly revoke one you no longer need.

Table of Contents

BehaviourFormatWhy use itSetting the whitelistNext steps