📖

Help & Documentation

Trimio — User Guide

🔍
← Back to app
📖

Overview

What is Trimio?

Trimio is an AI proxy and observability layer that sits between your applications and LLM providers.

Trimio acts as a secure, intelligent gateway for all your AI API traffic. Instead of connecting directly to Anthropic, OpenAI, or other providers, your applications connect to Trimio, which then forwards requests to the appropriate upstream provider.

This gives you a single control plane for:

  • Cost visibility — see exactly what each team, user, or application is spending
  • Budget enforcement — set hard spending limits per virtual key
  • Traffic optimization — automatically route to cheaper models when quality allows
  • Security — your provider API keys never leave Trimio's custody
  • Audit trail — every request is logged with full metadata

Trimio is provider-agnostic. It speaks the OpenAI API format, so most applications that work with OpenAI will work with Trimio with a simple endpoint swap.

Last updated 2026-04-17

🗝️

Virtual Keys

Virtual Keys Overview

Virtual keys are the credentials your applications use to authenticate with Trimio.

A virtual key (sk-trimio-...) is what you give to an application, team member, or integration. It is not a real provider API key — it is a Trimio-issued credential that Trimio maps to a real upstream provider key internally.

This separation means:

  • Revoke instantly without touching the upstream provider
  • Set per-key budgets — the application stops working when the budget is exhausted
  • Apply rate limits — requests per minute (RPM) and tokens per day (TPD)
  • Restrict models — a key can be locked to only certain models
  • Audit independently — each key has its own usage history

Virtual keys are the primary unit of access control in Trimio. Think of them like API keys with built-in spending accounts.

Last updated 2026-04-17

Budgets & Rate Limits

Control how much each key can spend and how fast it can send requests.

Budget Limit (USD): The maximum cumulative spend allowed on this key. Once reached, all requests are rejected with a 402 error. Budgets do not auto-reset — you must manually reset or increase the limit.

Rate Limit RPM: Maximum requests per minute. Excess requests receive a 429 response. Use this to prevent runaway loops or aggressive clients from spiking costs.

Rate Limit TPD: Maximum tokens per day (input + output combined). Resets at midnight UTC (timezone preferences will affect this display in future).

Tradeoffs: Tight rate limits protect you from surprise bills but can cause application errors if set too low. Start with generous limits and tighten based on observed usage patterns.

Last updated 2026-04-17

Model Restrictions

Lock a virtual key to specific models to control cost and capability.

By default, a virtual key can access any model available through its mapped provider keys. You can restrict this to a specific list.

Why restrict models?

  • Prevent accidental use of expensive flagship models (e.g. claude-opus-4-5) when cheaper ones suffice
  • Lock a dev/test key to fast, cheap models
  • Ensure a production key only uses the model your application was tested against

How it works: If a request asks for a model not in the allowed list, Trimio rejects it with a 400 error before it reaches the provider. No cost is incurred.

Last updated 2026-04-17

🔑

Provider Keys

Provider Keys Overview

Provider keys are the real upstream API credentials Trimio uses to call LLM providers.

Provider keys are the actual API keys from Anthropic, OpenAI, Google, or other providers. Trimio encrypts and stores them, then uses them to make upstream API calls on behalf of your virtual keys.

Admins can create org-wide provider keys visible to all users, team-scoped keys visible only to team members, or user-scoped keys visible only to a specific person.

Users can add their own personal provider keys (e.g. their own Anthropic account key). Personal keys are private by default — only you can see or use them.

Visibility levels:

  • 🌐 Org-wide — all org members can see and map this key to their virtual keys
  • 🔒 Scoped — only users/teams explicitly granted access can see it
  • 👤 Private — only the owner can see it

Security note: The raw API key is shown exactly once when created. After that, only a masked preview is shown. Store it securely if you need it elsewhere.

Last updated 2026-04-17