Introduction
Welcome! As a project owner or advanced user, you are empowered to manage your own OpenAI API keys and set usage limits that fit your project’s needs and budget. This guide will show you how to:
- Provision and manage API keys for your OpenAI Project
- Set and adjust usage limits and alerts for your project
- Understand your budget responsibility and billing cycle
- Follow data security and compliance requirements
Note:
If you only requested a single API key and are not a project owner, your key and limits are managed by CMTS and you will not need to interact with the dashboard. After receiving your key, you will receive an email detailing default limits, and instructions for requesting any changes. For projects requiring multiple keys or more advanced controls, you must manage your own project as described below:
Project Provisioning and Default Budget
When a new OpenAI Project is created for you, it is set up with the API Monthly Budget Limit you provided in the form.
This limit is set up to get you started and prevent misuse if an API key is made public or repeated calls to the service are made. You are encouraged to adjust your project limit appropriately based on your project’s scale and budget. You may also restrict individual keys to particular endpoints, if needed.
Select your project, and inspect or change the limits.
Under Project select Limits, from here you can change your monthly limit. If you haven't added one you can Set Budget or click Edit Budget if you would like to change it.
Estimating Budget (If You've Never Counted Tokens)
Pricing for model usage is listed at https://platform.openai.com/docs/pricing, usually around a few dollars per 1M tokens. Tokens are incurred roughly by character-length of text input or encoded data, but it is not straightforward to estimate usage cost until you send many requests.
If you have not yet issued queries via the API, you will need to run a substantial number of queries in your intended format to estimate the cost of a standard message.
Refer to https://platform.openai.com/docs/quickstart to get started issuing API calls using your key.
You should start issuing queries using your key, assuming that standard text based queries will incur cost at fractions of a cent, and richer queries incorporating documents or images may incur cost at a few cents per API transaction. Make sure your first test runs are making calls on-demand, not automatic until you get a feel for what usage may be. Use inexpensive, or less-verbose as indicated on https://platform.openai.com/docs/pricing while testing your AI calls, and move to preferred models as you feel comfortable making the calls and move to test accuracy of your integration.
For reference, longer conversations or single documents with instructions and structural data - similar to what you might issue from a chat interface - can range between 300 to 10,000 tokens per query.
Once you've run enough queries to establish a predictable rate, estimate your usage budget with extra overhead to avoid disruptions. Set up alerts to remind you to check the usage dashboard regularly.
Set a limit below your budget, along with an alert threshold at a percentage under that limit to provide overhead. Configure the alert so you have time to raise the limit or adjust your budget without disrupting your project's operation. It is difficult to judge token use until you've run the regular job for a while, and assume you will use incur more usage during testing than after deployment.
Project Model Restriction
You can allow or block models from the list of endpoints
Visit https://platform.openai.com/docs/models to confirm which models you will need access to from the latest up-to-date list of available models. Typically, when provisioning single keys we will block deprecated or retired models https://developers.openai.com/api/docs/deprecations
- high-cost models not needed by the project. You'll need to determine this based on your needs, but pricier models have included endpoints for
- image generation
- audio or real-time processing
- deep-research if not specifically needed
- pro versions of reasoning models
- models that only provide streaming responses
Rate Limits
OpenAI sets default request rate limits at 10,000 requests per minute. Each request is a payload sent to the API, which may be triggered by other parts of your software. For simpler projects, we recommend setting a lower limit - for example, 300 requests per minute for basic text-exchange transactions where queries can be split into batches. Ultimately, only you will know how you intend to integrate calls to the service.
During integration, the most useful step is to ensure API calls are on-demand during initial testing, or triggered at a predictable rate as your project develops. Be sure to build in logging that records when calls are made and how often.
Managing API Keys
As a Project Owner, you are responsible for provisioning and managing API keys for your team, research group, or course.
You will need to create an API key in order to start issuing request.
Creating a New API Key
1. Navigate to your Project Dashboard at https://platform.openai.com/.
2. Go to API Keys in your project.
3. Click Create new secret key.
4. Give your key a meaningful name (e.g., “Course2025-key1” or “ResearchBot-key-prod”).
Restricting Endpoints on a Key
If you don't plan on using certain endpoints (image generation, embeddings, audio) for your project, you should restrict permissions on each key as appropriate here to prevent unintended use of the key.
When you click 'create secret key,' the key will be displayed once. Save this securely
Best Practices for Provisioning Keys
You can use a single API key in as many places/calls as you need to. However is best practice to provision keys.
1. For each unique set of limits you need to define (different users or applications should be limited to particular models or budget)
2. For each user or app you will need to break down the report on usage
3. For each application deployment to allow easily updating keys without disrupting other services
If a key is shared externally, or you encounter usage from outside your application immediately rotate (delete and re-create) the key and update any affected applications .
Monitoring Usage & Alerts
- Regularly review your project and per-key usage in the OpenAI dashboard on the Usage page.
Note you can filter views to see usage per-key, so if you need to account for budget of multiple keys within your project, here is where you will do that.
- Set up email alerts for yourself and team members to warn of high usage or when approaching limits.
- Adjust limits as your project’s needs evolve.
**Note - it is not currently possible to set up alerts or limits per-key, if you plan to distribute keys to your students or research team. You will need to set alerts appropriately and monitor the usage dashboard to ensure tokens are being used at or below the expected rate for your budget.
Remember, you or the approving department are financially responsible for any usage incurred by your project
Budget Responsibility and Billing
- API usage costs are charged to your cost center on a quarterly basis via internal cost transfer.
- You are responsible for monitoring your usage and ensuring it aligns with your budget.
- CMTS and OpenAI do not monitor or manage per-key usage; this is your responsibility as project owner.
Advanced Controls & Documentation
For advanced configuration, consult the latest OpenAI API documentation https://platform.openai.com/docs/guides/ for:
- Scoping keys to certain endpoints
- Fine-grained usage reporting
- Comprehensive guides for utilizing your API key in your software
If you need help, contact CMTS at cmtshelp@jhu.edu or visit support.cmts.jhu.edu.
FAQ
-
Q: Can I set a project-wide limit?
A: Yes. When your project is provisioned, a default limit is set, but you can request adjustments via the console or by contacting CMTS.
-
Q: Who gets billed for usage?*
A: Your cost center. Make sure your usage aligns with your approved budget.
-
Q: What if I need to add or remove users/students?
A: As project owner, you can manage API keys to distribute and manage users. You only need to add users to platform.openai.com if others need to manage keys on your project.
-
Q: “What if I want to delegate key management to a TA or co-PI?”
A: You can make others co-owners of your project in platform.openai.com, allowing them to provision and manage keys as well.
Example Workflow
1. You receive an invite via your @jh.edu email to OpenAI with your project, set up with the default $200 budget.
2. You create keys for yourself, TAs, or automated services, instruct on use, and monitor the usage dashboard to confirm token use rate is as expected. Or, you invite or request others invited to platform.openai.org to provision keys for your project on your behalf.
3. Set usage alerts at 80% and 95% for each key the project.
4. Monitor usage monthly, adjust as needed.
5. At quarter end, review usage and compare with internal billing summary sent by CMTS at cost-transfer time.
Where to Get Help
- Technical help or billing questions: cmtshelp@jhu.edu
Data Disclaimer
OpenAI enterprise platform is appropriate for use with John Hopkins University WSE enterprise data. If you have received guidance that protected data is appropriate for transmittal to OpenAI via Platform API, you are still responsible for ensuring that any integrating software, and all external tools or platforms that store or transmit enterprise data are also approved for handling the data they store or transmit.
If you plan to integrate Platform API with external tools, it is generally best to use with other university-subscribed software if available.
Please refer to https://it.johnshopkins.edu/ai/guidelines-for-responsible-use-of-ai/ for general guidance on best practices around using AI tools or contact itpolicy@jhu.edu or Research IT RITServices@jh.edu you are unsure about your particular use-case or source data. Use of university data with OpenAI APIs is subject to university policy. For details, refer to
- Johns Hopkins Information Technology Policies
- JHIT's Guidelines for Responsible Use of AI
- JHIT's Policies for Research Computing