You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the current AI workspace, access to LLM providers and proxies is controlled at the API key level, which ties usage to individual credentials rather than to the applications actually consuming AI capabilities.
This creates a gap where:
AI usage cannot be attributed to specific applications or teams
There is no unified view of how different applications consume models, tokens, or cost
Governance is fragmented, making it difficult to enforce limits, policies, or quotas at an application level
As a result, the platform lacks application-level visibility, control, and accountability for Generative AI usage.
Who are we solving the problem for?
Gen AI Application developers.
Platform Administrators
Why should it be solved?
Application developers and Platform Administrators would want to get an idea on how much resources have been consumed by Generative AI related applications.
Platform Administrators will need to enforce usage caps on Applications that consume the particular LLM Provider.
Use Cases
AI Workspace use case
Gen AI app developers need to map their existing API keys generated, to an Application.
Gen AI app developers need to view existing mappings for API keys and remove unwanted mappings that exists.
Analytics Dashboard use case
Gen AI app developers need to be able to view how much resources have been consumed by their particular application.
Platform administrators need to keep track of resource utilization by each app so that they can enforce necessary controls as and when required.
Proposed Solution
User Flow
GenAI App Developers generate API keys to access LLM Providers or proxies.
Go to LLM Provider/Proxy -> Overview page to generate API keys to access the entity.
GenAI App Developers Create a new application to represent the GenAI application they are working on.
Gen AI App developers attach their api key generated initially to their application created
Gen AI App developers view/remove application keys attached to the particular application
When the AI gateway is accessed with this mapped API key, the gateway should identify the application and publish analytics data and enforce controls accordingly.
Implementation
GenAI App Developers Create a new application to represent the GenAI application they are working on.
Implement /applications REST API in platform-api to store these applications
A developer or admin can remove a mapping created by another developer since the application is shared within the project.
When the AI gateway is accessed with this mapped API key, the gateway should identify the application and publish analytics data and enforce controls accordingly.
Store application ID to key ID mappings along with Application name in the Gateway level, and use this information to publish application information in analytics events and for consumer based rate limiting.
Alternative approach: Store and update these mappings in the Moesif end and show analytics dashboards depending on these mappings.
Introduce new Application update event to update the gateway with new application to API Key mappings.
typeApplicationKeyMappingPayloadstruct {
ApiKeyUuidstring`json:"apiKeyUuid"`
}
// ApplicationUpdatedEventPayload represents the payload for application mapping updates.typeApplicationUpdatedEventPayloadstruct {
ApplicationIdstring`json:"applicationId"`ApplicationUuidstring`json:"applicationUuid"`ApplicationNamestring`json:"applicationName"`ApplicationTypestring`json:"applicationType"`Mappings []ApplicationKeyMappingPayload`json:"mappings"`
}
// ApplicationUpdatedEvent represents the complete application updated event.typeApplicationUpdatedEventstruct {
Typestring`json:"type"`PayloadApplicationUpdatedEventPayload`json:"payload"`Timestampstring`json:"timestamp"`CorrelationIDstring`json:"correlationId"`UserIdstring`json:"userId"`
}
Add tables in the gateway end to store these mappings along with the application metadata
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
GenAI Applications
What is the problem that we are trying to solve?
In the current AI workspace, access to LLM providers and proxies is controlled at the API key level, which ties usage to individual credentials rather than to the applications actually consuming AI capabilities.
This creates a gap where:
As a result, the platform lacks application-level visibility, control, and accountability for Generative AI usage.
Who are we solving the problem for?
Why should it be solved?
Use Cases
AI Workspace use case
Analytics Dashboard use case
Proposed Solution
User Flow
Implementation
{ "id": "app-handle", "name": "Docs Assistant App", "projectId": "019d047d-bd5d-76ed-852b-0aca99d41fac", "type": "genai", "description": "Doc Assistant Application developed to serve users going through our documentation", "createdBy": "david" }{ "apiKeys": [ { "keyId": "production-key-1", "associatedEntity": { "id": "mistral-provider" } } ] }{ "count": 1, "list": [ { "keyId": "production-key-1", "associatedEntity": { "id": "mistral-provider", "kind": "LlmProvider" }, "status": "active", "userId": "david", "createdAt": "2026-03-05T18:04:16.685422+05:30", "updatedAt": "2026-03-05T18:04:16.685422+05:30", "expiresAt": "2026-12-31T23:59:59Z" }, ], "pagination": { "total": 1, "offset": 0, "limit": 10 } }DELETE /applications/{appId}/api-keys/{keyId}/?entityID=mistral-provider
A developer or admin can remove a mapping created by another developer since the application is shared within the project.
When the AI gateway is accessed with this mapped API key, the gateway should identify the application and publish analytics data and enforce controls accordingly.
Store application ID to key ID mappings along with Application name in the Gateway level, and use this information to publish application information in analytics events and for consumer based rate limiting.
Alternative approach: Store and update these mappings in the Moesif end and show analytics dashboards depending on these mappings.
Introduce new Application update event to update the gateway with new application to API Key mappings.
Beta Was this translation helpful? Give feedback.
All reactions