Back to dashboard Money course AI Advisor

Setting up your Anthropic API key

The AI advisor on your Tax Dashboard runs against your own Anthropic account, so your questions stay billed to you (not to the dashboard owner). This guide walks you through creating a key and pasting it in — takes about 5 minutes, start to finish.

1Why you need your own API key

The advisor answers questions and produces recommendations by calling Anthropic's Claude API. Every call costs a small amount (typically less than a penny — more on that below). Instead of routing all users through a single shared bill, the dashboard asks each authorised user to plug in their own key.

That means:

You pay only for what you use. No shared caps, no fair-use rules.
Your usage is private to your Anthropic account. The dashboard owner can see that you used it (in the Netlify function logs) but not what you asked.
You stay in control. You can set spending caps, rotate the key, or delete it at any time — from either the dashboard or the Anthropic Console.

2Create an Anthropic API key

You'll need an Anthropic account with a billing method attached. This is a separate account from Claude.ai (the chat app) — even if you already use Claude.ai, you'll likely need to sign in again to the developer console.

Open the Anthropic Console Go to console.anthropic.com. Sign in with your email (or Google). If it's your first time, you'll be prompted to create a workspace — pick whatever name you like, e.g. "Personal".
Add a billing method In the left sidebar, click Billing → Plans & Billing. Add a credit/debit card. You don't need a paid plan — the API bills as you use it. Add $5–$10 of prepaid credits to start.
Set a spending limit While you're there, go to Billing → Limits (or Usage limits) and set a monthly cap — e.g. $10/month. This is your safety net if something ever runs away.
Create the API key In the left sidebar click API Keys → Create Key. Give it a recognisable name like btc-dashboard so you can see its usage separately in analytics later.
Copy the key immediately The key starts with sk-ant-…. Anthropic only shows it once — if you close the dialog without copying, you'll have to create a new one. Paste it somewhere safe temporarily (a password manager is ideal).

Never paste your API key into a chat window, email, or public note. Anyone holding it can run up charges on your account. Treat it exactly like a credit card number.

3Add the key to your dashboard

Now you'll tell the dashboard to use your new key. This takes about 30 seconds.

Sign in to the dashboard Go to the Tax Dashboard. If you're not already signed in, you'll be prompted.
Open AI Settings Scroll down to the Recommendations panel (labelled with an orange "AI" chip). In the panel's title row, click the small gear icon ⚙️ on the right-hand side.
Paste your key A modal opens titled AI Advisor Settings. In the New API key field, paste the sk-ant-… value you copied earlier.
Click "Save key" The page encrypts the key and sends it to the server. After a second or two, the status pill should flip to Configured with a preview like sk-ant-…a1b2.

✓

Done. From now on, every question you ask the advisor (recommendations or chat) is billed to your Anthropic account.

4Verify it works

Quick sanity check so you know everything's plumbed up correctly:

Close the AI Settings modal.
In the Recommendations panel, click ✨ Analyse my portfolio.
Wait a few seconds — you should see 3–5 personalised recommendations.
Click the floating chat bubble in the bottom-right corner and ask any question, e.g. "Am I over-concentrated in Bitcoin?". You should get a grounded answer referencing your actual numbers.

If you go to the Anthropic Console → Usage, you'll see a token count appear within a minute or two — confirming the call was billed to your account.

5How much it will cost

Realistic usage costs on the default Claude Sonnet 4.6 model:

Action	Typical cost	Example monthly
Loading recommendations (one analysis)	~$0.01 (≈ 0.8p)	$0.30 (30 loads)
Single chat message	~$0.012 (≈ 1p)	$0.60 (50 messages)
Heavy use (multiple sessions a day)	—	$2–$4

The dashboard also enforces a soft cap of 60 advisor calls per user per 24 hours, so you can't accidentally burn $20 in a minute. Combined with the monthly spending limit you set in the Anthropic Console, your worst case is capped.

You can also switch to the cheaper Haiku 4.5 model for ~5× lower costs — ask the dashboard owner to update the ADVISOR_MODEL env var.

6Managing & rotating your key

The AI Settings modal shows the current state of your key. Here's what each pill means:

Configured Admin-managed Owner fallback Not configured

Configured — your self-saved key is being used. You can replace it or remove it.
Admin-managed — the dashboard owner pre-set a key for you. Contact them to change it.
Owner fallback — the dashboard owner's own key is being used for your calls. Only applies if you are the owner.
Not configured — no key is set. The advisor will return an error until you paste one.

Replacing your key (rotation)

Best practice is to rotate keys every few months, or immediately if you think one's been exposed.

In the Anthropic Console, create a fresh API key (same steps as section 2).
Open AI Settings on the dashboard.
Paste the new key in and click Replace key.
Go back to the Anthropic Console and revoke the old key. This is the step most people forget — without it, the old key still works.

Removing your key

Click Remove key in the modal. This deletes the encrypted row from the database. The advisor will stop working for you until you save a new key.

7Security notes — where your key lives

The technical details, for peace of mind:

When you click Save key, the raw key travels over HTTPS to a serverless function (/.netlify/functions/user-key).
The function encrypts it with AES-256-GCM using a server-side secret the browser never sees.
The encrypted ciphertext is stored in Supabase, indexed by your user ID.
The Supabase row is behind row-level security with zero policies, so it's unreadable by any client — even with a valid session. Only the Netlify function can touch it.
The key preview in the UI (sk-ant-…a1b2) only shows the last 4 characters. The full key is never sent back to the browser once saved.

If you suspect your key has leaked: revoke it in the Anthropic Console first (that invalidates it immediately), then update it in AI Settings. Revoking in Anthropic always wins — even if someone has a copy of your old key, it won't work.

8Troubleshooting

"That doesn't look like a valid Anthropic API key"

The key must start with sk-ant- and be at least 27 characters long. Make sure you copied the whole value — it's usually a lot longer than a normal password (100+ characters). Re-copy from the Anthropic Console and try again.

"No Anthropic API key is configured for your account" (403)

The dashboard couldn't find a key for you. Either save one via AI Settings, or if the dashboard owner is supposed to be managing your key, ask them to check that you're listed in their ADVISOR_USER_KEYS env var.

"Daily advisor limit reached" (429)

You've hit 60 calls in a 24-hour window. This is a soft cap to protect you from runaway usage. Wait until the window resets, or ask the dashboard owner to raise ADVISOR_DAILY_LIMIT.

Anthropic returns "insufficient credits" or "invalid key"

Two likely causes:

No billing method — add a card or prepaid credits in the Anthropic Console → Billing.
Key was revoked — if you rotated the key on Anthropic's side but didn't update the dashboard, the advisor is still sending the old (now invalid) one. Paste the new key into AI Settings.

The chat bubble and Recommendations panel don't appear at all

Your account isn't on the dashboard's allowlist. Ask the dashboard owner to add your email to their ADVISOR_ALLOWED_USERS env var. The advisor UI only renders for authorised users.

Modal says "Not Configured" even after I've saved a key

Try a hard refresh of the page (Cmd+Shift+R on Mac, Ctrl+Shift+R on Windows). If that doesn't help, the most common cause is a connection issue when saving — the key may not actually have been written. Open AI Settings again and re-paste the key.

Can I use the same key on another device?

Yes — the encrypted key lives in the database, not in your browser. Sign in on any device and the advisor will find and use your key automatically. You only need to paste it in once.

What happens to my key if I'm removed from the allowlist?

The encrypted row stays in the database but you can no longer reach the advisor UI to use or remove it. Without the server-side encryption secret it's unreadable to anyone, so there's no exposure. If you want the row deleted, ask the dashboard owner.

Is my conversation history visible to the dashboard owner?

No — chat messages aren't stored anywhere after the response is returned. Each conversation lives in your browser's memory only, and is lost when you reload. The dashboard owner can see in Netlify logs that you made a request (timestamp, user id, whether it succeeded), but not the content of your questions or the answers.

Still stuck? The dashboard owner can check the Netlify function logs for the exact error, which usually pinpoints the problem fast.