What is aiproxy.com?

AIProxy provides a secure and efficient solution for developers integrating Artificial Intelligence capabilities into their iOS applications. It acts as a fully managed proxy service, designed to protect sensitive API keys from various AI providers like OpenAI, Anthropic, Replicate, and others. This eliminates the need for developers to build complex cloud functions or dedicated backends solely for API key management and security, significantly simplifying the development process.

The platform employs robust security measures, including split key encryption, Apple's DeviceCheck, and certificate pinning, to prevent API key theft and endpoint abuse. AIProxy also offers features like configurable rate limiting to control usage, a monitoring dashboard for real-time observability into API calls, and the ability to override AI models directly from the dashboard without requiring an app update. Integration is streamlined through the AIProxySwift client library, allowing setup within minutes.

Features

Split Key Encryption: Enhances API key security by not storing the full key.
DeviceCheck & Certificate Pinning: Ensures requests originate from legitimate app instances on Apple hardware.
Rate Limiting: Allows developers to set thresholds to prevent endpoint abuse.
Monitoring Dashboard: Provides real-time observability of API usage and user interactions.
Model Overrides: Enables changing AI models via the dashboard without updating the app.
Live Console: Facilitates testing and debugging API calls from the app.
Suspicious Activity Notifications: Alerts developers to potential security issues.
Bring Your Own Key (BYOK) Support: Allows end-users to utilize their personal AI provider keys.
AIProxySwift Client Library: Simplifies integration into iOS projects with support for multiple AI providers.
Scalability: Built on AWS Lambda for automatic horizontal scaling.

Use Cases

Securely integrating AI features into iOS applications.
Protecting AI provider API keys (e.g., OpenAI, Anthropic) from theft in mobile apps.
Monitoring and controlling AI API usage within iOS apps.
Simplifying backend infrastructure for iOS apps using AI.
Allowing iOS app users to optionally use their own AI API keys.
Experimenting with different AI models without deploying app updates.

FAQs

Does AIProxy store API keys?

No, AIProxy does not store complete customer API keys. It encrypts your key and stores only one part of the encrypted result. The other part is sent with requests from your app. The key is derived only when both parts are combined during a request.
What if someone steals my AIProxy key?

The partial key provided by AIProxy is useless on its own and can be included in your client code. Security relies on combining this partial key with the other encrypted half stored securely by AIProxy during requests.
How is endpoint abuse prevented?

AIProxy uses multiple mechanisms: configurable proxy rules to allow only necessary endpoints, Apple's DeviceCheck to verify request origin, and prevention of DeviceCheck token replay attacks.
How does AIProxy handle scaling?

The service is deployed on AWS Lambda, enabling effortless horizontal scaling behind a load balancer to meet demand.
How is AIProxy integrated using Swift?

Integration is done using the AIProxySwift client library. You receive initialization code from the developer dashboard to add to your project.