Providers
Providers are the AI backends that power your agents. OpenPawz supports 10 providers and any OpenAI-compatible API.Mix local models (Ollama) with cloud providers. OpenPawz auto-falls back to the next provider if one goes down.
Supported providers
Ollama
Local inference — no API key needed
OpenAI
GPT-4o, o1, o3, o4-mini
Anthropic
Claude 4 Opus, Sonnet, Haiku
Gemini 2.5 Pro, Flash
OpenRouter
200+ models via unified API
DeepSeek
DeepSeek V3, R1, Coder
Grok
xAI’s Grok models
Mistral
Mistral Large, Codestral
Moonshot
Kimi and Moonshot models
Custom
Any OpenAI-compatible API
Adding a provider
- Go to Settings → Providers
- Click Add Provider
- Select the provider type
- Enter your API key
- Optionally set a default model and custom base URL
Model routing
OpenPawz can automatically route requests to different models based on the context:| Setting | Purpose |
|---|---|
| Boss model | Expensive, powerful — used for orchestrator bosses |
| Worker model | Cheap, fast — used for channel responses and workers |
| Specialty models | Per-specialty overrides (e.g., coder → gemini-2.5-pro) |
| Agent models | Per-agent overrides (highest priority) |
| Cheap model | Simple tasks auto-select this model |
| Auto-tier | Automatically pick cheap vs. expensive based on task complexity |
Smart prefix matching
When you type a model name, OpenPawz auto-routes to the right provider:| Pattern | Routes to |
|---|---|
claude* / anthropic* | Anthropic |
gemini* / google* | |
gpt* / o1* / o3* / o4* | OpenAI |
Contains / (e.g., meta-llama/llama-3.1) | OpenRouter |
Contains : (e.g., llama3.1:8b) | Ollama |
| Other | Default provider → first configured |
Provider fallback
If a provider returns a billing, authentication, or rate limit error, OpenPawz automatically tries other configured providers before failing. This ensures your agents stay responsive even if one provider has issues.Budget enforcement
Set a daily budget in Settings → Engine:| Threshold | Action |
|---|---|
| 50% | Warning notification |
| 75% | Warning notification |
| 90% | Warning notification |
| 100% | Requests blocked |
0 to disable budget limits.
Multiple providers
You can configure as many providers as you want. Benefits:- Use different models for different agents
- Automatic fallback if one provider is down
- Mix local (Ollama) and cloud providers
- Use cheap models for routine tasks, expensive for complex ones
Provider security
Every provider connection is protected by multiple security layers:| Layer | Protection |
|---|---|
| TLS pinning | Custom rustls config with Mozilla root CAs only — OS trust store excluded to prevent MITM from compromised CAs |
| Request signing | Every outbound request SHA-256 signed (provider ‖ model ‖ timestamp ‖ body) and logged to a 500-entry audit ring buffer |
| Key zeroing | API keys wrapped in Zeroizing<String> — automatically overwritten with zeros in RAM on provider drop |
| Credential vault | Keys encrypted with XOR (32-byte key in OS keychain) at rest, decrypted only at call time |
| Circuit breaker | 5 consecutive failures → 60-second cooldown window to prevent cascading failures |
| Retry with backoff | Exponential backoff with ±25% jitter (1s → 30s), respects Retry-After headers |