Why Bring Your Own API Keys?

One of the most powerful — and most underused — features of RunLobster is the ability to connect your own third-party API keys directly to your OpenClaw agent. Out of the box, your agent is ready to run in under 60 seconds. But if you're doing serious work, plugging in your own keys is one of the smartest configuration decisions you can make.

Here's the core reason: you pay the model provider directly, at cost, with no markup. If you're on the RunLobster Pro or Scale plan and running dozens of automation workflows daily, this can mean real savings — especially when working with high-throughput models like GPT-4o or Claude 3.5 Sonnet.

Beyond cost, bringing your own keys gives you:

  • Access to the latest models the moment they're released, without waiting for platform-level rollouts
  • Higher rate limits tied to your own account tier with the provider
  • Full usage visibility — you can monitor spend in the provider's own dashboard
  • Compliance confidence — your data flows under your own API agreement, not a shared pool

OpenClaw, the open-source AI agent framework with over 145,000 GitHub stars that powers RunLobster, was designed from the ground up to support multiple LLM backends. That architectural flexibility carries through directly to the RunLobster managed experience.

Which API Keys Does OpenClaw Support?

Because OpenClaw is open-source and community-driven, its integration surface is broad and grows constantly. Through RunLobster's 800+ integrations, you can connect keys from all major AI providers:

  • OpenAI — GPT-4o, GPT-4 Turbo, GPT-3.5, DALL·E, Whisper, Embeddings
  • Anthropic — Claude 3.5 Sonnet, Claude 3 Opus, Claude Haiku
  • Google AI / Gemini — Gemini 1.5 Pro, Gemini Flash
  • Mistral AI — Mistral Large, Mixtral 8x7B
  • Cohere — Command R+, Embed v3
  • Groq — Ultra-fast inference for Llama 3, Gemma, and Mistral models
  • ElevenLabs — Voice synthesis for audio-enabled agent workflows
  • Stability AI — Image generation pipelines

You're not locked into a single provider. A sophisticated OpenClaw agent workflow might use GPT-4o for reasoning, Groq for fast tool-call responses, and ElevenLabs for voice output — all running simultaneously inside your isolated private compute environment on RunLobster.

How to Add Your API Keys in RunLobster

The process is straightforward and takes less than two minutes. Your keys are stored encrypted and scoped entirely to your agent's private compute instance — they are never shared across users.

Step 1: Get Your API Key From the Provider

Before you touch the RunLobster dashboard, generate your key at the source. Here's where to find them:

  • OpenAI: platform.openai.com → API keys → Create new secret key
  • Anthropic: console.anthropic.com → API Keys → Create Key
  • Google AI Studio: aistudio.google.com → Get API key
  • Groq: console.groq.com → API Keys → Create API Key

Copy the key immediately — most providers only show it once. Store it temporarily in a password manager before pasting it into RunLobster.

Step 2: Open the Secrets Manager in RunLobster

  1. Log in to your RunLobster dashboard
  2. Select your agent from the agent list
  3. Navigate to Settings → Secrets & API Keys
  4. Click Add New Secret

You'll be prompted to enter a key name and the key value. Use a consistent naming convention — OpenClaw workflows reference secrets by name, so clarity matters here.

Step 3: Name Your Keys Consistently

OpenClaw uses environment-variable-style references internally. We recommend following this naming pattern so your workflow configs stay readable:

OPENAI_API_KEY=sk-...your-key...
ANTHROPIC_API_KEY=sk-ant-...your-key...
GOOGLE_API_KEY=AIza...your-key...
GROQ_API_KEY=gsk_...your-key...
ELEVENLABS_API_KEY=...your-key...

These names map directly to the environment variables that OpenClaw's integration modules expect by convention. If you've ever run OpenClaw locally from the GitHub repo, you'll recognize this pattern from the .env file setup.

Step 4: Reference Your Keys in Agent Workflows

Once saved, your secrets are available inside any workflow, tool, or integration your agent runs. In OpenClaw's workflow configuration syntax, you reference a secret like this:

{
  "model_provider": "openai",
  "api_key": "{{ secrets.OPENAI_API_KEY }}",
  "model": "gpt-4o",
  "temperature": 0.7
}

For a multi-provider setup — for instance, routing fast tasks to Groq and complex reasoning to Claude — your workflow might look like:

{
  "routing": {
    "fast_tasks": {
      "provider": "groq",
      "api_key": "{{ secrets.GROQ_API_KEY }}",
      "model": "llama3-70b-8192"
    },
    "deep_reasoning": {
      "provider": "anthropic",
      "api_key": "{{ secrets.ANTHROPIC_API_KEY }}",
      "model": "claude-3-5-sonnet-20241022"
    }
  }
}

This multi-model routing capability is one of the reasons OpenClaw became one of the most starred AI agent projects on GitHub — the framework treats LLMs as interchangeable, composable components rather than locked-in dependencies.

Security Best Practices for API Keys

Storing API keys requires care. RunLobster handles the infrastructure side — keys are encrypted at rest and never exposed in logs or agent outputs — but there are practices on your end that matter too.

Use Scoped Keys Where Possible

Most providers let you create keys with restricted permissions. For an OpenClaw agent that only needs to generate text, create an OpenAI key with only the Chat Completions scope enabled. If that key is ever compromised, the blast radius is contained.

Set Spending Limits at the Provider Level

OpenAI, Anthropic, and Google all support monthly spending caps. Set a hard limit that matches your expected usage plus a reasonable buffer. This protects you against runaway agent loops — which, even in well-designed systems, can occasionally happen during development.

Tip: Start with a low cap (e.g., $20/month) while you're building and testing new workflows. Raise it once you have a clear picture of your agent's typical monthly consumption.

Rotate Keys Periodically

Make a habit of rotating API keys every 90 days. In RunLobster, updating a key is a single field edit in the Secrets Manager — your agent picks up the new value immediately without any restart required, because secrets are resolved at runtime, not cached at startup.

Never Hard-Code Keys in Workflow Definitions

It might be tempting to paste a key directly into a workflow config for a quick test. Resist this. Workflow definitions in RunLobster are exportable and shareable. A key embedded in a workflow JSON is a key waiting to be accidentally exposed. Always use {{ secrets.YOUR_KEY_NAME }} references.

Checking That Your Keys Are Working

After adding a key, you can validate it without running a full workflow. In the RunLobster dashboard:

  1. Go to Settings → Secrets & API Keys
  2. Click the Test Connection button next to any supported integration
  3. RunLobster will make a lightweight API call (e.g., a model list request) and return a ✓ or a descriptive error

If a key fails validation, the most common causes are a trailing space in the pasted value, an incorrect permissions scope, or a billing issue on the provider side. The error message from RunLobster's diagnostic will usually point you to which it is.

Which Plan Do You Need?

Bring-your-own API keys are available on all RunLobster plans — including the Starter plan at $19/month. There's no plan-gating on this feature because it's a core part of how OpenClaw was designed to work. The difference between plans is primarily around compute, concurrent workflow capacity, and the number of integration channels (Telegram, Discord, Slack, and the web interface) you can run simultaneously.

If you're using multiple high-traffic API integrations — say, a Slack-connected agent that also pushes to webhooks, runs scheduled automations, and queries external databases — the Pro plan at $49/month or Scale plan at $79/month will give you the headroom you need. But for most individual users getting started with custom API keys, Starter is plenty.

The Bottom Line

Bringing your own API keys is one of those small configuration steps that pays compounding dividends. You get cost transparency, model flexibility, higher limits, and tighter compliance — all without touching a server, writing a Dockerfile, or managing infrastructure. RunLobster handles the orchestration, the daily backups, the uptime, and the security scaffolding. You just connect the keys and build.

If you've been using your OpenClaw agent on default settings, spend five minutes this week adding your own keys. It's the kind of low-effort, high-leverage setup change that separates a basic AI assistant from a genuinely powerful, production-grade personal agent.