Should I paste an API key into client-side code?

No. API keys are secrets. Store them in a secure desktop setting, environment variable, or OS credential store, and never expose them in browser or client-side code.

Can MultiAgentOS use local models and OpenAI together?

Yes. You can keep a local Ollama model loaded for private tasks and route specific requests to OpenAI when you need a hosted model. Routing is per-conversation or per-tool.

Which OpenAI model should I pick for a desktop agent?

For most agent workflows, start with a current GPT-4 class model for planning and tool use, and a smaller GPT-4 mini-class model for low-cost background work. Check the official OpenAI models page for current pricing and capabilities.

How do I limit OpenAI spend in a desktop agent?

Set a monthly usage limit in the OpenAI dashboard, use a project-scoped key, and route bulk work to local models. In MultiAgentOS, use supervised subagents with bounded turn budgets to cap runaway loops.

Guide · 15 min · Updated May 25 2026

Add an OpenAI API key to a desktop AI agent safely.

Create a project-scoped OpenAI API key, store it securely in MultiAgentOS, test it with a small request, and route between hosted OpenAI models and local models on demand. Five steps, under fifteen minutes, plus a checklist for safe key handling.

OpenAI quickstart Or set up Ollama instead

Connection modes

Route each task through the right model or tool surface.

MultiAgentOS supports API keys, local servers, CLI pipes, OAuth, terminal templates, and local AI/GGUF workflows.

1 Choose provider
2 Store secret
3 Test model
4 Enable tools

Full-frame MultiAgentOS settings sidecar showing connection cards inside the complete app shell. — Full-frame screenshot from the current MultiAgentOS app.

Connection tabs screenshot in MultiAgentOS. — **Connection tabs** Switch between API Key, Local Server, CLI Pipe, OAuth, Terminal, and Local AI routing.

Settings sidecar screenshot in MultiAgentOS. — **Settings sidecar** Configure provider and local server details without leaving the app frame.

Terminal route screenshot in MultiAgentOS. — **Terminal route** Use terminal-backed workflows alongside the main prompt and model selector.

Why use an OpenAI API key with MultiAgentOS?

Local models are excellent for private work, repetitive tasks, and offline use. But for the hardest reasoning, the freshest multimodal capabilities, or specific OpenAI workflows, a hosted model is still the right tool. MultiAgentOS lets you keep an OpenAI key beside your local model so you can route each task to the right brain.

1. Create a project API key

Sign in to platform.openai.com and create the key in the project you want MultiAgentOS to use. Give it a descriptive name like multiagentos-desktop so you can recognise it in the keys list later.

Project keys scope your spend, your model access, and your usage limits. They are also easier to rotate without breaking other integrations.

2. Store the key as a secret

Treat the key like a password. Three safe places to put it:

MultiAgentOS secure settings. Open Settings, choose the API Key connection, paste the key. It is stored in your OS credential store.
An environment variable. OPENAI_API_KEY is the standard. MultiAgentOS will pick it up automatically if no key is set in settings.
A password manager or secret manager. Useful for teams or for syncing across machines.

Never:

Paste the key into client-side JavaScript or any code that ships to a browser.
Commit the key to a public or shared repository.
Include the key in a screenshot, support ticket, bug report, or Loom video.
Send the key in plain chat to anyone, including ChatGPT.

3. Test a small request

Before pointing the agent at production work, send a short, low-risk prompt. A single sentence asking for a single sentence back is enough to confirm:

The key is accepted.
The model name you chose is available on this account.
Billing and usage limits are healthy.
The agent renders the response cleanly in MultiAgentOS.

If you see a 401 error, the key is wrong or revoked. A 429 error means rate limits or billing — check the dashboard.

4. Route intentionally between OpenAI and local models

The most common mistake is sending every prompt to OpenAI by default. That bills you for tasks a local model could handle, and sends private data to a third party unnecessarily.

A useful default split:

Local model (Ollama, LM Studio, GGUF). Daily chat, code review, file Q&A on private data, repetitive transforms, background subagent work.
OpenAI hosted model. Hard planning steps, multimodal reasoning over images, complex tool-use chains, anything that has stalled a local model.

MultiAgentOS lets you switch the active connection per conversation, and supervised subagents can be configured with their own model so you do not pay frontier-model rates for janitorial work.

5. Rotate keys when needed

If a key is ever exposed — in a screenshot, a shared log, a leaked file — rotate immediately:

Revoke the exposed key in the OpenAI dashboard.
Create a fresh key with the same name suffixed with a date.
Update MultiAgentOS settings or the OPENAI_API_KEY environment variable.
Audit the project usage logs for unauthorised activity.

Do not try to "fix" an exposed key by deleting local history. The key is already public; only revocation actually closes the hole.

Safe-handling checklist

One project key per machine, named for that machine.
Monthly usage limit set in the dashboard.
Key stored in OS credential store or env var — never in code.
Rotation date in your calendar (90 days is a reasonable default).
Subagent turn budgets set so a loop cannot blow your budget overnight.

Related guides

Set up Ollama for local AI agents — pair OpenAI with a local model for routing.
Connect MCP tools to desktop AI agents — least-privilege tool wiring.
Local LLMs vs cloud APIs — the 5-year cost reality — when each makes economic sense.
Desktop AI agent use case — what an agent on Mac/Windows actually does.

FAQ

Does MultiAgentOS store my OpenAI key in the cloud?

No. Keys are stored locally in your OS credential store, exactly like any other native desktop app. MultiAgentOS does not have a sync service.

Can I use Azure OpenAI instead?

Yes. Use the OAuth connection type in MultiAgentOS settings to connect Azure OpenAI, Google Vertex AI, HuggingFace, or other custom providers.

What is the cheapest way to run a desktop agent?

Local models for everything you can, OpenAI for the few requests that need it. Most users land at a small monthly OpenAI bill plus zero variable cost for the rest.