Are LLM API keys free?

The keys themselves are free to create; usage is billed per token, and the amounts for learning are tiny. Google Gemini has a usable free tier, and OpenAI and Anthropic often give new accounts starting credit. Always set a billing limit so a mistake can't run up a large charge.

How do I keep my API key safe in code?

Never hardcode it in your script. Put it in a .env file, load it with python-dotenv, and add .env to .gitignore so it never reaches GitHub. Bots scrape public repos for keys within minutes, so a committed key is a compromised key.

Which provider's key should I start with?

Whichever is fastest for you to get. Google Gemini's free tier is the lowest-friction starting point and works well for learning; OpenAI and Anthropic are equally fine if you already have an account. Most tutorials work with any of the three by swapping one model string.

LLM API Keys: Set Up OpenAI, Anthropic & Gemini (2026)

Q: What is an LLM API key?

An LLM API key is a secret token that identifies and bills your account when your code calls a provider like OpenAI, Anthropic, or Google Gemini. You pass it with each request, and the provider uses it to check you're allowed and to meter usage. Treat it like a password.

Every agent tutorial assumes you already have a key and a safe place to keep it — then moves on. So the first real call fails with an auth error, or worse, a hardcoded key ends up on GitHub and runs up a bill. This LLM API key primer covers the part the tutorials skip: where to get a key, how to load it safely, and how to never leak one.

It takes about five minutes once and saves you from the two problems that derail more beginners than any agent bug — a call that won’t authenticate, and a key scraped from a public repo. Let’s set it up properly the first time.

🟢 Beginner⏱️ 10 min readStack: Python 3.10+, an LLM provider account

✅ Before you start

Python 3.10+ and a terminal — new to the basics? The Python for AI agents primer covers them
A working virtual environment to install the loader into (optional but recommended)

🎯 Key takeaways

An LLM API key is a secret billing token you pass with every request — treat it like a password.
Get one in minutes: OpenAI, Anthropic, or Google Gemini (Gemini has a usable free tier).
Load it from a .env file with python-dotenv — never hardcode it in the script.
Add .env to .gitignore and set a billing limit — a committed key is a compromised key.

What an LLM API key is

An LLM API key is a secret string that identifies your account when your code calls a model provider. You send it with each request; the provider checks you’re authorised and meters what you use for billing. It’s effectively a password with a credit card attached — anyone who has it can spend on your account (OpenAI docs).

That framing drives every habit in this primer. You want the key reachable by your code but invisible to everyone else — not in the source, not in screenshots, and definitely not in a public repo.

Where to get a key (and the free option)

You only need one provider to start, and most tutorials work with any of the three by changing a single model string.

Google Gemini — the lowest-friction start. Create a key in Google AI Studio; the free tier is enough to learn and prototype.
OpenAI — create a key in the platform dashboard; new accounts often get starting credit.
Anthropic (Claude) — create a key in the Console; strong tool-use reliability, which matters for agents.

Whichever you pick, do one thing immediately: set a billing/usage limit in the dashboard. For learning, costs are a fraction of a cent per call, but a limit is your safety net against a runaway loop or a leaked key.

💡 Start with Gemini's free tierIf you just want to follow a tutorial today, a Google Gemini key is the quickest no-cost path. You can switch providers later by swapping the model string — the rest of the agent code rarely changes.

Load it safely with a .env file

Here’s the pattern every well-written tutorial uses. Put the key in a .env file, keep that file out of git, and read it at runtime with python-dotenv.

bash

pip install python-dotenv

bash

# .env  (this file never gets committed)
OPENAI_API_KEY=sk-your-key-here

python

import os
from dotenv import load_dotenv

load_dotenv()                       # reads .env into the environment
api_key = os.getenv("OPENAI_API_KEY")

load_dotenv() pulls the file’s values into environment variables, and os.getenv reads one back. The key now lives in a file you control, not in the code you share (python-dotenv). Most SDKs even read the standard variable name automatically, so you often don’t pass the key explicitly at all.

⚠️ Add .env to .gitignore before your first commitThis is the step that matters most. A single line — `.env` in your `.gitignore` — keeps the key off GitHub. Bots scrape public repos for keys within minutes and can run up a real bill, so a committed key is a compromised key. If you ever do commit one, rotate it immediately in the provider dashboard.

The errors this prevents

Two failures account for most “it won’t run” messages, and both trace back to this setup.

AuthenticationError / 401. The SDK didn’t find a valid key. Usually the .env isn’t in the folder you ran the script from, or load_dotenv() was called after the SDK was imported. Load the env first, and confirm the variable name matches exactly.

A surprise bill. Almost always a key that leaked into a public repo, or a loop with no cap calling the model forever. The billing limit plus .gitignore are the two guards that make this a non-event instead of a horror story.

Quick recap

The whole primer, in five lines:

An LLM API key is a secret billing token sent with every request.
Get one from OpenAI, Anthropic, or Gemini (Gemini’s free tier is the easy start).
Set a billing limit in the dashboard right away.
Load it from .env with python-dotenv, never hardcoded.
Add .env to .gitignore — and rotate any key that ever leaks.

Frequently Asked Questions

What is an LLM API key? A secret token that authenticates and bills your account when your code calls a model provider. Treat it like a password.

Are keys free? Creating them is free; usage is billed per token and tiny for learning. Gemini has a free tier; set a billing limit regardless.

How do I keep it safe? Put it in .env, load with python-dotenv, and add .env to .gitignore. Never hardcode it.

Which provider first? Whichever is fastest — Gemini’s free tier is the lowest-friction start; tutorials work with any by swapping the model string.

Conclusion

An LLM API key is just a password with a bill attached, and handling it well is three habits: get a key, load it from a .gitignore‘d .env, and set a spending limit. Do that once and the auth errors and leaked-key horror stories that trip up beginners simply don’t happen — leaving you free to focus on the agent instead of the plumbing.

Which provider did you start with — Gemini’s free tier, OpenAI, or Claude? Tell me in the comments.

🧭 Where to go from here

Need a clean place to install the loader? Set up a virtual environment first.
Ready to make a call? Call an LLM in Python uses exactly this key setup.
Building a full app? The agentic AI app series carries the key into a real agent.

LLM API Keys: Set Up OpenAI, Anthropic & Gemini (2026)

What an LLM API key is

Where to get a key (and the free option)

Load it safely with a .env file

The errors this prevents

Quick recap

Frequently Asked Questions

Conclusion

Frequently asked questions

References

Tags

Share

One email when something good ships