Configuration
Bring your own key (BYOK)
Use your own AI provider key so your code never touches our servers.
Codexa supports two ways to use your own AI keys:
Option 1 — self-host with your keys
The most private option. Run the entire backend on your own infrastructure, set GEMINI_API_KEY and/or GROQ_API_KEY in your environment, and your PR diffs only ever touch your servers + the AI provider you chose. See self-hosting.
Option 2 — BYOK on the hosted version
Coming soon. The dashboard will accept your own Gemini or Groq keys, encrypted at rest with a per-user envelope key. When you submit a PR, your key is used for that review — bypassing our shared rate limit.
Get your keys
Both providers offer generous free tiers, no credit card required:
- Google Gemini — aistudio.google.com/app/apikey. 1,500 requests/day free on
gemini-2.0-flash. - Groq — console.groq.com/keys. Free tier with
llama-3.3-70b-versatile. ~500 tokens/sec — fastest inference around.
How Codexa picks a provider
At review time, Codexa tries providers in this order: Gemini → Groq. If the first is rate-limited or errors, the next steps in seamlessly. You only need one key to run the bot — both is recommended for resilience.
example# Single provider (Gemini only) GEMINI_API_KEY=AIza... # GROQ_API_KEY left blank # Both — Gemini primary, Groq fallback GEMINI_API_KEY=AIza... GROQ_API_KEY=gsk_...