Read-Only API Keys

Read-only keys provide a safe way to grant access to your Parasail account for monitoring, reporting, and integration use cases.

What read-only keys can do

A read-only key can call the following Parasail management API endpoints. Full-access keys can call all of these too—read-only keys are restricted to just this list, with GET only.

Model catalog

View available models, supported hardware, and capability/performance information.

Method

Endpoint

Description

GET

/api/v1/openrouter/models

List models available via OpenRouter

GET

/api/v1/dedicated/devices

List supported hardware (GPU types, etc.)

GET

/api/v1/dedicated/support

Check whether a model is supported on dedicated hardware

GET

/api/v1/dedicated/performance

Get performance estimates for a model/hardware combination

Deployment status

Read information about your dedicated deployments.

Method

Endpoint

Description

GET

/api/v1/dedicated/deployments

List your deployments

GET

/api/v1/dedicated/deployments/{id}

Fetch a specific deployment

GET

/api/v1/dedicated/deployments/{id}/models

List models on a specific deployment

Billing

Read invoices for your account.

Method

Endpoint

Description

GET

/api/v1/billing/invoices

List invoices

GET

/api/v1/billing/invoices/current

Fetch the current (in-progress) invoice

GET

/api/v1/billing/invoices/{invoiceId}

Fetch a specific invoice

What read-only keys cannot do

Read-only keys are blocked from:

Inference—any call to /openai/* or other inference endpoints. Use a full-access key for inference traffic.
Mutating any resource—creating, updating, or deleting deployments; rotating keys; changing account settings; etc.
Any management endpoint not in the list above.

Creating a read-only key

Open the API Keys page in the Parasail web portal.
Click Create API Key.
Under Access Level, select Read-only.
Give the key a name and click Create.
Copy the key value—it's shown only once.

Read-only keys appear in the API Keys list with a Read-only badge, so you can tell them apart from full-access keys at a glance.

Example

A read-only key can list your dedicated deployments:

curl -H "Authorization: Bearer psk-<accessKey>-<secretKey>" \
  https://api.parasail.io/api/v1/dedicated/deployments

The same key cannot create one. A POST to the same endpoint returns 403 Forbidden:

curl -X POST \
  -H "Authorization: Bearer psk-<accessKey>-<secretKey>" \
  -H "Content-Type: application/json" \
  https://api.parasail.io/api/v1/dedicated/deployments

Response:

{
  "type": "about:blank",
  "title": "Forbidden",
  "status": 403,
  "detail": "This API key is read-only",
  "instance": "/api/v1/dedicated/deployments"
}

PreviousAccount Management NextCompliance

Last updated 13 days ago

hashtagWhat read-only keys can do

hashtagModel catalog

hashtagDeployment status

hashtagBilling

hashtagWhat read-only keys cannot do

hashtagCreating a read-only key

hashtagExample

What read-only keys can do

Model catalog

Deployment status

Billing

What read-only keys cannot do

Creating a read-only key

Example