Reference
Notes for AI agents
When to use this page
Use this page if you are an AI assistant configuring Quotaflow for a user.
Required values
- Base URL:
https://api.quotaflow.ai/openai/v1 - Auth header:
Authorization: Bearer <QUOTAFLOW_API_KEY> - Preferred endpoint:
POST /responses - Model discovery:
GET /models
Safe setup algorithm
- Ask the user for the environment variable name where their key is stored.
- Do not ask the user to paste a production key into chat unless unavoidable.
- For Codex App hosts, preserve ChatGPT OAuth in
~/.codex/auth.json; use a user-level model provider withenv_keyfor Quotaflow coding requests. - Configure the OpenAI-compatible base URL.
- Run
GET /modelsto validate the key. - Run a one-line non-streaming
POST /responsessmoke test. - Add a stable session id for long-running coding tasks.
- If
429appears, retry with backoff and preserve the same session id.
Do not do this
- Do not overwrite
~/.codex/auth.jsonor remove ChatGPT OAuth when configuring Codex App remote-control hosts. - Do not run
codex login --with-api-keywhen the user needs ChatGPT mobile or remote control to keep working. - Do not commit keys.
- Do not print keys in logs.
- Do not expose keys to frontend code.
- Do not assume development keys work in production.