Bring your own keys (BYOK)
Why Bilbis asks you to provide your own provider credentials, what it stores, and what it costs.
Short answer
Bilbis runs on your provider accounts. You bring your own API key for an AI engine and your own access token for a Git provider. Bilbis uses those to do the work, and the bills go to your accounts - not to Bilbis.
This pattern is called BYOK, short for "bring your own key". It's why every organization has to add credentials before any pipeline can run.
How it works
A pipeline talks to two kinds of provider:
- An AI engine (Anthropic, OpenAI, Cloudflare Workers AI). The engine reads the task and writes code. Each call to the engine costs money - paid out of the AI provider account whose key you supplied.
- A Git provider (GitLab or GitHub). The agents clone the repo, push branches, and open merge requests using your token. The Git provider may charge for compute time inside CI; that bill goes to your Git provider account.
Bilbis itself charges a separate subscription for seats and platform features. That's a flat plan, not metered to provider usage. See Plans and usage.
What Bilbis stores
When you paste a credential into Settings → Integrations, Bilbis stores it encrypted at rest. The agent's container reads the key only when it needs to make a call.
What Bilbis does not store or expose:
- Plain-text keys - they're encrypted and decrypted only inside the worker.
- Your provider account billing details.
- Anything from your provider account beyond what the key explicitly grants.
Why BYOK
The short version: it puts you in control of cost, identity, and trust.
- Cost. You see provider charges directly on your provider's invoice. No middleman markup.
- Identity. Pull requests show up under whatever Git account the token belongs to. The agent acts as your bot user, not as a third-party service.
- Trust. Bilbis can't run up your bill in someone else's Anthropic account because the key has to be yours.
What you need to set up
Pipelines won't dispatch until you have all four:
- An LLM provider credential (Anthropic or OpenAI).
- A Git provider credential (GitLab or GitHub).
- A product.
- At least one repository inside that product.
The dashboard's setup checklist walks you through each step. See Setup checklist.
Cost implications
You pay two bills:
| Bill | Goes to | What it covers |
|---|---|---|
| Bilbis subscription | Bilbis | Seats, the dashboard, the pipeline orchestration. |
| AI provider | Anthropic / OpenAI / Cloudflare | Each LLM call the agents make. The bigger the engine, the more it costs per call. |
| Git provider CI | GitLab / GitHub | If your CI runs paid compute, those minutes still count. |
Pipelines run with a budget cap so a single pipeline can't run away with cost. See Budgets, dry runs, and priority.
Where you see it in Bilbis
- Settings → Integrations - paste, validate, and remove credentials.
- Setup checklist on the dashboard - gates pipeline runs on the four prerequisites.
- Pipeline detail → LLM calls - every prompt the agents made, with cost.
- Insights → Analytics - spend trends and engine breakdowns.
Related pages
- Integrations overview - what credentials Bilbis supports and where to paste them.
- LLM providers - Anthropic and OpenAI credential setup.
- Git providers - GitLab and GitHub credential setup.
- Settings → Integrations - manage credentials after the initial setup.
- Plans and usage - the Bilbis subscription side of the bill.