How to protect the proxy server (so that only my backend can call it/has access to it)?

[SwiftedMind]

Hey, I've been trying to figure out how to use LiteLLM with my backend and there is one thing I don't quite understand.

In the config.yaml I define all of the supported models and their api keys (injected through the environment). So now anyone with the url to my proxy server can use that model.

How to I prevent that? How can I make sure that only my own backend can call the proxy? I assume there is some way to set up an auth key or something? So that my backend has to send a key with each request.

But I cannot find anything about that in the documentation. On the "All settings" page, there is a mention of "AUTH_STRATEGY", but it is not explained where or how to set and use it.

I'd appreciate any help!

[krrishdholakia]

Set a master key - https://docs.litellm.ai/docs/proxy/virtual_keys#setup

Set a master key, this is your Proxy Admin key - you can use this to create other keys (🚨 must start with sk-).

• Set on config.yaml set your master key under general_settings:master_key, example below
• Set env variable set LITELLM_MASTER_KEY

[SwiftedMind]

Ah 💡 I thought this was just for the database that's needed for logging and the UI and stuff.
Thanks!