Terminology

This page summarizes key terms used across the docs for consistent understanding.

Core Concepts

BYOK (Bring Your Own Key): A model where users use their own Provider Keys from official platforms while accessing them through XAI’s unified entry and governance layer.
Provider Key / Upstream Key (上游密钥): The original API Key obtained by users from official platforms like OpenAI, Claude, DeepSeek, etc., then added to XAI and kept in protected custody.
XAI API Key / Virtual Key (虚拟密钥): The exclusive key assigned by the XAI system to users (format: sk-Xvs...), used to call the XAI Base URL.
Zero Markup Pricing: API call charges are deducted directly from the user's official account, with XAI charging no markup or service fees.
End-to-End Encryption: Provider Keys are stored in protected form and used only within authorized request flows.

Owner (主账户): A first-level account created by self-signup on xaicontrol.com, with Admin configuration permissions to manage its own third-party AI API Keys and distribute resources to sub-accounts.
Sub-account (子账户): A child account created by the owner to operate within distributed capability and governance boundaries; it does not have Admin configuration permissions.
Descendants (后代用户): Any users in the owner's subtree; see "User Hierarchy".
DNA: Lineage path (e.g., .1.42.) used to filter user groups.
Inheritance: The mechanism by which upper-level governance boundaries continue down the account tree.

Level (等级): Abstraction for key pools and model routing. Users can assign different Provider Keys to different Levels.
Key Pool (密钥池): A collection of multiple Provider Keys under the same Level, automatically rotated by the system to distribute request pressure.
Model Mapper (模型映射): Aliasing models to targets (e.g., gpt-4=gpt-4-turbo), configurable at user-level or owner-level.
Sleep (休眠): After errors (e.g., 429, 5xx), the key is temporarily removed from rotation and rejoins after a waiting period.
Switch Over (故障切换): Move from one Level to another when the current Level is unavailable.

Access Control: Governance mechanisms used to constrain request origin, capability scope, and operation scope.
Allowlist: A control model where only explicitly permitted origins, capabilities, or operations are allowed.
Protected Security Material (安全保护材料): Internal security material used by the platform to protect sensitive credentials; ordinary users do not need to know its concrete form.