“Trust nothing. Verify everything.”
This is not a demo.
This is not a toy.
This is a precision tool built for developers, security researchers, and operators who want to know the truth about an API key — fast, clean, and without bullshit.
This tool verifies API keys using real provider endpoints.
No guessing.
No fake “scanner”.
No offline lies.
If a key is:
- ✅ Valid
- ❌ Revoked
⚠️ Quota / Billing restricted- ❓ Unknown / Cannot be verified
You will know — accurately.
Most “API key checker” tools are:
- fake
- misleading
- unsafe
- or outright scams
This project follows one rule:
If it cannot be verified correctly, it will NOT pretend.
That’s how real security tools behave.
✔ API keys are never stored
✔ API keys are never logged
✔ API keys are never printed
✔ No background processes
✔ No telemetry
✔ No tracking
✔ No nonsense
Keys live only in memory, only for the duration of the check.
- Real authentication check
- Real error classification
- Detects:
- Invalid / revoked keys
- Billing disabled
- Quota exceeded
- Honest behavior
- No false claims
- Clearly marked as CANNOT VERIFY
Because guessing is not hacking — it’s lying.
- Built with Streamlit
- Runs locally in your browser
- Clean UI
- Secure password-style input
- Instant results
MIT License © Shivam
pip install -r requirements.txt
streamlit run app.py