How to Get Your OpenAI API Key

You need an OpenAI API

key to build AI workflows, automate document review, or integrate GPT models into your firm's systems. This guide walks you through account creation, key generation, and security setup in under 10 minutes.

A valid email address. You'll verify it during signup.

A phone number. OpenAI requires SMS verification for new accounts.

A credit card (for paid usage). Free tier gives you $5 in credits for testing. After that, you pay per token. Expect $0.50-$5 per day for moderate usage (client intake forms, document summaries, email drafts).

Decision on account type. Personal accounts work for solo practitioners. Firms with 3+ users should create an Organization account for centralized billing and usage tracking.

1. Go to platform.openai.com (not chat.openai.com - that's the consumer product).
2. Click Sign Up in the top right.
3. Enter your work email. Use your firm domain, not Gmail or Yahoo.
4. Check your inbox. Click the verification link. It expires in 24 hours.
5. Create a password. Minimum 8 characters. Use a password manager.
6. Enter your phone number. You'll receive a 6-digit code via SMS.
7. Enter the verification code.

You're now on the OpenAI Platform dashboard.

OpenAI requires a payment method before you can generate API

keys.

1. Click Settings in the left sidebar.
2. Select Billing > Payment methods.
3. Click Add payment method.
4. Enter your credit card details.
5. Set a monthly spending limit. Start with $20 for testing. Increase after you understand your usage patterns.

Why this matters: Without a payment method, you cannot create API

keys. The free trial credits ($5) expire after 3 months.

1. Click API

   API

   Click to read the full definition in our AI & Automation Glossary.

   keys in the left sidebar.
2. Click Create new secret key.
3. Name your key. Use a descriptive name: Production-ClientIntake or Test-DocumentReview.
4. Set permissions:

   • All gives full access (default).
   • Restricted limits access to specific models or endpoints. Use this for keys shared with contractors.
5. Click Create secret key.

A popup displays your key: sk-proj-abc123...xyz789

Copy it immediately. You cannot view it again. If you lose it, delete the key and create a new one.

Store it in a password manager or secrets vault. Never paste it into Slack, email, or shared documents.

Open a terminal or command prompt. Run this command (replace YOUR_API_KEY with your actual key):

curl https://api.openai.com/v1/chat/completions \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d '{
    "model": "gpt-4o-mini",
    "messages": [{"role": "user", "content": "Say hello"}],
    "max_tokens": 10
  }'

Expected response:

{
  "id": "chatcmpl-abc123",
  "object": "chat.completion",
  "created": 1677652288,
  "model": "gpt-4o-mini",
  "choices": [{
    "message": {
      "role": "assistant",
      "content": "Hello! How can I assist you today?"
    }
  }]
}

If you see an error like "error": {"message": "Incorrect API key"}, double-check you copied the full key including the sk-proj- prefix.

Never hardcode keys in your scripts. This is the most common security mistake.

Bad:

import openai
openai.api_key = "sk-proj-abc123xyz789"  # DO NOT DO THIS

Good:

import os
import openai
openai.api_key = os.environ.get("OPENAI_API_KEY")

Store Keys as Environment Variables

On Mac/Linux: Add this line to ~/.zshrc or ~/.bashrc:

export OPENAI_API_KEY="sk-proj-abc123xyz789"

Run source ~/.zshrc to reload.

On Windows:

1. Search for "Environment Variables" in Start menu.
2. Click Environment Variables button.
3. Under User variables, click New.
4. Variable name: OPENAI_API_KEY
5. Variable value: sk-proj-abc123xyz789

For production systems: Use AWS Secrets Manager, Azure Key Vault, or Google Secret Manager. These services encrypt keys at rest and provide audit logs.

Set Usage Limits

Prevent surprise bills from runaway scripts or compromised keys.

1. Go to Settings > Billing > Usage limits.
2. Set a Hard limit (API

   API

   Click to read the full definition in our AI & Automation Glossary.

   stops working when reached): $50/month for testing, $200-500/month for production.
3. Set a Soft limit (email notification): 80% of your hard limit.
4. Enable Email notifications for daily usage reports.

Do not use one key for everything. Create separate keys for:

• Development/testing (low rate limits, easy to rotate)
• Production applications (higher limits, monitored closely)
• Third-party integrations (restricted permissions)
• Individual team members (for usage tracking)

To create additional keys, repeat Step 3. Name each key clearly: Dev-JohnSmith, Prod-ClientPortal, Integration-Zapier.

Check your usage daily for the first week. After that, weekly reviews are sufficient.

1. Go to Usage in the left sidebar.
2. View costs by:

   • Model (GPT-4 costs 10-30x more than GPT-4o-mini)
   • API

     API

     Click to read the full definition in our AI & Automation Glossary.

     key (identify which application is driving costs)
   • Date range (spot unusual spikes)

Typical costs for a 10-person firm:

• Client intake automation: $20-40/month
• Document summarization (50 docs/week): $30-60/month
• Email drafting assistance: $15-30/month

If you see unexpected charges above $100/day, immediately:

1. Disable the API

   API

   Click to read the full definition in our AI & Automation Glossary.

   key in API

   API

   Click to read the full definition in our AI & Automation Glossary.

   keys section.
2. Check your application logs for infinite loops or retry logic errors.
3. Review recent code deployments.

Set a calendar reminder to rotate keys quarterly.

1. Generate a new key (Step 3).
2. Update your environment variables or secrets manager with the new key.
3. Test your applications with the new key.
4. Delete the old key in API

   API

   Click to read the full definition in our AI & Automation Glossary.

   keys section.

For production systems, use a blue-green deployment:

1. Deploy new key to 10% of traffic.
2. Monitor for errors for 24 hours.
3. Roll out to 100% of traffic.
4. Delete old key after 7 days.

"Invalid API

key" error: You copied the key incorrectly. Regenerate a new one.

"Rate limit exceeded" error: You're sending too many requests per minute. Free tier allows 3 requests/minute. Paid tier starts at 3,500 requests/minute for GPT-4o-mini.

"Insufficient quota" error: You've hit your monthly spending limit. Increase it in Settings > Billing > Usage limits.

Key not working after 90 days: OpenAI doesn't expire keys automatically, but your firm's security policy might. Check with your IT team.

You now have a working OpenAI API

key. Use it to:

• Build a client intake chatbot (see "Building Your First AI Workflow")
• Automate contract review (see "Document Analysis with GPT-4")
• Generate case summaries (see "Prompt Library for Legal Professionals")

Start with GPT-4o-mini ($0.15 per million input tokens) for testing. Upgrade to GPT-4o ($2.50 per million input tokens) only when you need higher accuracy for client-facing work.