Free · macOS · No account needed

Your AI keys
wallet

One place for every API key. Routes to the best available provider automatically. Tracks exactly what's being used. Everything stays on your Mac.

🔐 Wallet
·
Router
·
📊 Ledger
Download for macOS — it's free View on GitHub

macOS 13 or later · Apple Silicon & Intel · Open source

Saferkeys
🖥️

App screenshot coming soon

Sound familiar?

More AI tools.
More keys to manage.

When you move beyond managed AI tools, you hit the same wall. Keys scattered everywhere, no visibility, and a nagging worry about accidentally spending money.

🤔
Where did I put that key?
You set it up weeks ago — was it in your notes, a project folder, or an environment variable you can't find? Every time you need it, you search all over again.
💸
Am I going to get charged?
You're not sure which providers bill you and which ones are free. You added a card somewhere, maybe. You're not sure how much you're spending or on what.
🔎
Is it my key or the provider?
A tool stops responding. You don't know if your key expired, if the provider is down, or if something else broke. There's no status — just silence and guesswork.
Three things in one

Saferkeys is a wallet,
a router, and a ledger

Not just secure storage. It actively routes your requests to the best available provider and keeps a clear record of what's being used — all without leaving your Mac.

Wallet

Your keys,
safe on your Mac

Like a wallet for your AI access — one place to keep everything, always with you, opened with your fingerprint.

Stored in macOS Keychain — not a text file
Touch ID to open, every time
Copy any key instantly from the menu bar
Encrypted backup — take it to a new Mac
Router

Your priority.
Best available.

Set your preferred provider order once. Saferkeys picks the first healthy, configured one — and routes around limits or outages automatically.

Built-in support across every major capability
Skips unhealthy providers automatically
Set monthly call limits per provider
Apps request a capability — not a specific key
Ledger

See everything,
no surprises

Track which apps are using which providers, how many calls this month, and which keys are actually working.

Calls today and this month, per provider
Per-app breakdown — see who's using what
Health status for every configured key
All local — never leaves your machine
Smart routing

Set it once.
Saferkeys handles the rest.

Drag providers into your preferred order. Saferkeys works through the list — skipping anything that's down, at its limit, or not configured — and hands the right key to whichever app needs it.

Apps never ask for a specific provider. They ask for a capability — "I need an LLM", "I need a search provider" — and Saferkeys resolves it. Swap providers in the priority list without touching a single app configuration.

🔌

Built-in support for every major capability

LLMs, search, embeddings, speech, image generation, web scraping. Add any provider that's missing as a custom entry — the registry is open source.

Routing request — LLM capability
⚡ resolve("llm")
1
Anthropic
✓ Selected
2
Groq
3
Gemini
4
Mistral
Anthropic selected — key returned to app
When Anthropic hits its monthly limit
⚡ resolve("llm") — threshold reached
1
Anthropic
⚠ At limit
2
Groq
✓ Selected
Groq selected — automatic fallback, no interruption
Supported providers

Every major provider, built in

LLMs, search, audio, image generation, embeddings, and web scraping. Don't see yours? Add it as a custom entry — the registry is open source.

🤖 AI & Language Models
AN
Anthropic
OAI
OpenAI
GQ
Groq
GM
Gemini
MI
Mistral
CO
Cohere
XAI
xAI / Grok
DS
DeepSeek
TO
Together AI
FW
Fireworks
PP
Perplexity
HF
Hugging Face
🔍 Search & Research
TV
Tavily
BR
Brave Search
EX
Exa
SP
Serper
🔊 Audio · 🎨 Image · 🧠 Embeddings · 🕸 Scraping
EL
ElevenLabs
CA
Cartesia
DG
Deepgram
ASM
AssemblyAI
FL
fal.ai
RP
Replicate
ST
Stability AI
JN
Jina AI
VY
Voyage AI
FC
Firecrawl

Need one that's not listed? Add a custom entry with any name and environment variable — GitHub tokens, Notion integrations, anything. Stored and routed the same way. Or contribute it to the open source registry.

The ledger

See what's being used.
No surprises.

Saferkeys tracks every request made through it — which provider, which app, how many calls today and this month. All local, never sent anywhere.

Coming from a subscription tool where you had no visibility into usage? This is the clarity you've been missing. You'll know immediately if something is burning through calls — and which app is doing it.

Calls today and this month, per provider
Per-app breakdown — see exactly which tool is using what
Set monthly call limits — automatic routing when you hit them
Key health status — know if a provider is down before your app tells you
Usage this month
AN
Anthropic
my-agent.py · writing-tool
2,341
GQ
Groq
quick-scripts · my-agent.py
1,102
GM
Gemini
writing-tool
489
TV
Tavily
my-agent.py
284
OAI
OpenAI
writing-tool
⚠ 180
⚠ OpenAI approaching monthly limit (180 / 200) — will route to Groq next
For developers

Integrate in
a few lines

Saferkeys exposes a simple local HTTP API. Your scripts and tools request keys by capability — Saferkeys handles routing, fallback, and the user approves access once.

No SDK. No config files. No hardcoded keys in your code. Any language that can make an HTTP request can use Saferkeys. The key never touches your codebase.

Request by capability — llm, search, tts — Saferkeys picks the right provider
Or request a specific provider's key directly
User approves your app once — revocable from the Apps tab
Fully local — localhost:5753, no internet required
View API docs on GitHub →
Register once 
# Register your script — user sees an approval prompt
curl -X POST http://localhost:5753/register \
  -H "Content-Type: application/json" \
  -d '{"app_name":"my-script","capabilities":["llm"]}'

# Returns your Bearer token
{ "client_id": "sk_live_..." }
Request by capability 
# Get the best available LLM key
curl http://localhost:5753/resolve/llm \
  -H "Authorization: Bearer sk_live_..."

# Saferkeys picks the first healthy provider
{ "provider": "anthropic", "key": "sk-ant-..." }
Python 
# No hardcoded keys — ever
import anthropic, requests

r = requests.get(
  "http://localhost:5753/resolve/llm",
  headers={"Authorization": f"Bearer {TOKEN}"}
)
client = anthropic.Anthropic(api_key=r.json()["key"])
How it works

Set up once.
Then it just works.

Four steps — after that, your keys are there whenever anything needs them.

1

It lives in your menu bar

Runs quietly in the background. Copy any key in one click without opening the full app. Set it to start at login — you'll never think about it.

2

Touch ID to unlock

Touch the sensor. The app opens. Your keys are there. Nothing to type, nothing to remember, no password to lose.

3

Add your keys once

Pick a provider from the built-in list and paste your key. Saferkeys tells you which ones are free and links you directly to where you get each key.

4

Approve the apps that need them

When any tool on your Mac requests a key, you see a prompt — approve it and it has access from now on. Revoke it any time from the Apps tab.

The wallet

Your keys, safe on your Mac

The security story is simple: your keys never go anywhere they don't need to.

🔑

Stored in your Mac's Keychain

The same place Safari saves your passwords. Keys never touch disk as plain text, are inaccessible to other apps, and are locked when your Mac sleeps. (Keychain API, service com.saferkeys)

👆

Fingerprint required, every time

The app shows nothing until you touch the sensor. No bypass, no password fallback, no "remember me." Your fingerprint is the only way in. (macOS LocalAuthentication)

🏠

Nothing ever leaves your Mac

The background service only listens on 127.0.0.1 — unreachable from outside. No account, no cloud, no company holding a copy. And the source code is open, so you can verify every word of this yourself.

💾

Getting a new Mac? Two minutes.

Export an encrypted backup from the Backup tab. Copy the file. Import it on your new machine. Every key lands in your new Keychain — no hunting, no re-pasting, no memory test. The backup is encrypted with your password. There's no recovery option — which is intentional.

AES-256-GCM .skeys format Merge mode

Your keys, in one place.
Routing handled.

Saferkeys takes five minutes to set up. Add your first key, set your routing priority, and every tool on your Mac works from there. Wallet, router, and ledger — all in one.

FREE · OPEN SOURCE · NO ACCOUNT · NO CLOUD

Download Saferkeys — it's free

macOS 13 Ventura or later · Apple Silicon & Intel · Always free

Prefer to build from source? It's all on GitHub →