Free · macOS · No account needed

Your AI keys
control center

Store them securely on your Mac. Route requests intelligently. Track every call. Nothing leaves your machine.

Download for macOS — it's free View on GitHub

macOS 13 or later · Apple Silicon & Intel · Open source

Saferkeys
🖥️

App screenshot coming soon

Sound familiar?

More AI tools.
More keys to manage.

When one AI tool isn't enough and you start collecting API keys, you hit the same wall every time.

🤔
Where did I put that key?
You set it up weeks ago — was it in your notes, a project folder, or an environment variable you can't find? Every time you need it, you search all over again.
🔁
Every new tool, same setup again.
Each AI tool you try wants your key configured separately. You copy the same credentials into five different places — and when something changes, you update each one by hand.
🔎
Is it my key or the provider?
A tool stops responding. You don't know if your key expired, if the provider is down, or if something else broke. There's no status — just silence and guesswork.

Saferkeys was built around three answers to these.

Three things in one

A wallet, a router,
and a ledger

Not just secure storage. Saferkeys actively routes requests to the best available provider and keeps a clear record of everything — all without leaving your Mac.

Wallet

Your keys,
safe on your Mac

Like a wallet for your AI access — one place to keep everything, always with you, opened with your fingerprint.

Stored in macOS Keychain — not a text file
Touch ID to open, every time
Copy any key instantly from the menu bar
Encrypted backup — take it to a new Mac
Router

Your priority.
Best available.

Set your preferred provider order once. Saferkeys picks the first healthy, configured one — and routes around limits or outages automatically.

Built-in support across every major capability
Skips unhealthy providers automatically
Set monthly call limits per provider
Apps request a capability — not a specific key
Ledger

See everything,
no surprises

Track which apps are using which providers, how many calls this month, and which keys are actually working.

Calls today and this month, per provider
Per-app breakdown — see who's using what
Health status for every configured key
All local — never leaves your machine
How it works

Set up once.
Then it just works.

Four steps — after that, your keys are there whenever anything needs them.

1

Lives in your menu bar

Runs quietly in the background. Copy any key in one click without opening the full app. Set it to start at login — you'll never think about it.

2

Touch ID to unlock

Touch the sensor. The app opens. Your keys are there. Nothing to type, nothing to remember, no password to lose.

3

Add your keys once

Pick a provider from the built-in list and paste your key. Saferkeys links you directly to where to get each key if you don't have one yet.

4

Approve the apps that need them

When any tool on your Mac requests a key, you see a prompt — approve it and it has access from now on. Revoke it any time from the Apps tab.

Smart routing

Set it once.
Saferkeys handles the rest.

Drag providers into your preferred order. Saferkeys works through the list — skipping anything that's down, at its limit, or not configured — and hands the right key to whichever app needs it.

Apps never ask for a specific provider. They ask for a capability — "I need an LLM", "I need a search provider" — and Saferkeys resolves it. Swap providers in the priority list without touching a single app configuration.

🔌

Built-in support for every major capability

LLMs, search, embeddings, speech, image generation, web scraping. Add any provider that's missing as a custom entry — the registry is open source.

Routing request — LLM capability
⚡ resolve("llm")
1
Anthropic
✓ Selected
2
Groq
3
Gemini
4
Mistral
Anthropic selected — key returned to app
When Anthropic hits its monthly limit
⚡ resolve("llm") — threshold reached
1
Anthropic
⚠ At limit
2
Groq
✓ Selected
Groq selected — automatic fallback, no interruption
Supported providers

Every major provider, built in

LLMs, search, audio, image generation, embeddings, and web scraping. Don't see yours? Add it as a custom entry — the registry is open source.

🤖 AI & Language Models
AN
Anthropic
OAI
OpenAI
GQ
Groq
GM
Gemini
MI
Mistral
CO
Cohere
XAI
xAI / Grok
DS
DeepSeek
TO
Together AI
FW
Fireworks
PP
Perplexity
HF
Hugging Face
🔍 Search & Research
TV
Tavily
BR
Brave Search
EX
Exa
SP
Serper
🔊 Audio · 🎨 Image · 🧠 Embeddings · 🕸 Scraping
EL
ElevenLabs
CA
Cartesia
DG
Deepgram
ASM
AssemblyAI
FL
fal.ai
RP
Replicate
ST
Stability AI
JN
Jina AI
VY
Voyage AI
FC
Firecrawl

Need one that's not listed? Add a custom entry with any name and environment variable — GitHub tokens, Notion integrations, anything. Stored and routed the same way. Or contribute it to the open source registry.

The ledger

See what's being used.
No surprises.

Saferkeys tracks every request made through it — which provider, which app, how many calls today and this month. All local, never sent anywhere.

Coming from a subscription tool where you had no visibility into usage? This is the clarity you've been missing. You'll know immediately if something is burning through calls — and which app is doing it.

Calls today and this month, per provider
Per-app breakdown — see exactly which tool is using what
Set monthly call limits — automatic routing when you hit them
Key health status — know if a provider is down before your app tells you
Usage this month
AN
Anthropic
my-agent.py · writing-tool
2,341
GQ
Groq
quick-scripts · my-agent.py
1,102
GM
Gemini
writing-tool
489
TV
Tavily
my-agent.py
284
OAI
OpenAI
writing-tool
⚠ 180
⚠ OpenAI approaching monthly limit (180 / 200) — will route to Groq next
For developers

Integrate in
a few lines

Saferkeys exposes a simple local HTTP API. Your scripts and tools request keys by capability — Saferkeys handles routing, fallback, and the user approves access once.

No SDK. No config files. No hardcoded keys in your code. Any language that can make an HTTP request can use Saferkeys. The key never touches your codebase.

Request by capability — llm, search, tts — Saferkeys picks the right provider
Or request a specific provider's key directly
User approves your app once — revocable from the Apps tab
Fully local — localhost:5753, no internet required
View API docs on GitHub →
Register once 
# Register your script — user sees an approval prompt
curl -X POST http://localhost:5753/register \
  -H "Content-Type: application/json" \
  -d '{"app_name":"my-script","capabilities":["llm"]}'

# Returns your Bearer token
{ "client_id": "sk_live_..." }
Request by capability 
# Get the best available LLM key
curl http://localhost:5753/resolve/llm \
  -H "Authorization: Bearer sk_live_..."

# Saferkeys picks the first healthy provider
{ "provider": "anthropic", "key": "sk-ant-..." }
Python 
# No hardcoded keys — ever
import anthropic, requests

r = requests.get(
  "http://localhost:5753/resolve/llm",
  headers={"Authorization": f"Bearer {TOKEN}"}
)
client = anthropic.Anthropic(api_key=r.json()["key"])
🔑
macOS Keychain
Keys stored the same way Safari stores your passwords. Never written to disk as plain text. (com.saferkeys)
👆
Touch ID only
The app shows nothing until you touch the sensor. No bypass, no password fallback. (LocalAuthentication)
🏠
Stays on your Mac
Service binds to 127.0.0.1 only. No account, no cloud, no company holding a copy. Source code is open.
💾

Getting a new Mac? Two minutes.

Export an encrypted backup from the Backup tab. Copy the file. Import on your new machine. Every key lands in your new Keychain — no re-pasting, no memory test. Encrypted with your password, no recovery option by design.

AES-256-GCM .skeys format Merge mode

Add your first key.
Everything after that just works.

Five minutes to set up. Your wallet, router, and ledger — ready the moment you paste in a key.

FREE · OPEN SOURCE · NO ACCOUNT · NO CLOUD

Download Saferkeys — it's free

macOS 13 Ventura or later · Apple Silicon & Intel · Always free

Built by Shrinath V  ·  Open source on GitHub