Skip to content

Point the Grok Build CLI at your own API

Let your AI do the setup for you

Pick your API endpoint and we generate a prompt. Paste it into the Claude Code or Codex session you already have open, and it will configure and verify Grok Build end to end. No fields to memorize, nothing to debug by hand. Your key stays out of it — there is no key field on this page.

  • No key required
  • Generated in-browser, nothing uploaded
  • Prompt in EN or 中文

Generate your setup prompt

One field, and no key required. The generated prompt makes the AI fetch the model list with your key and read the real model IDs off the wire before it writes a single line of config — instead of guessing a model name from memory.

Leave it blank to use xAI's official endpoint. For a third-party gateway, paste its base URL, usually ending in /v1. Not sure whether to include /v1? The prompt tells the AI how to work that out

Your key does not go here

There is no key field on this site, and you should not hand your key to a web page anyway. After copying the prompt, swap this placeholder for your real key in your own editor or chat window, then send it to the AI.

<PASTE-YOUR-API-KEY-HERE>

Who to hand it to

Any AI coding tool that can read files and run terminal commands. The prompt is plain natural language with no tool-specific syntax — paste the very same text into whichever one you already use.

  • Claude Code
  • Codex
  • OpenCode
  • Gemini CLI
  • Cursor
  • or whichever you prefer
Prompt preview4,909 characters
I want to connect xAI's Grok Build CLI (the `grok` command) to the API endpoint below. Please complete the setup and verify it works.

My gateway:
- API endpoint: https://api.x.ai/v1
- API key: <PASTE-YOUR-API-KEY-HERE>

> Note: the API key above is a placeholder. Remind me to replace it with the real one first; if I already have, just carry on. Never invent a key.

Follow every step below in order. Each one exists because it is a real failure mode. Do not skip any step, especially step 3 and the verification in step 7.

## Step 1 — Confirm the CLI is installed

Run `grok --version`. If it is not installed, tell me first; do not install it yourself.

## Step 2 — Log out of the official account first (critical)

A Grok Build login session takes precedence over an API key. If a valid session still exists locally, the API key config will silently not take effect, and the error message will be misleading.

Run `grok logout`, then confirm `~/.grok/auth.json` is gone (an `auth.json.lock` left behind is fine).

## Step 3 — Fetch the model list with my key to get the real model IDs

This step is the foundation of everything else. **Do not assume from memory that the model is called grok-4, grok-4.5, or anything else.** What this endpoint actually serves, and under what ID, is determined solely by what the API returns.

Run:

```bash
curl -s https://api.x.ai/v1/models -H "Authorization: Bearer <PASTE-YOUR-API-KEY-HERE>"
```

Read the model IDs from `data[].id` in the JSON response. Those are the only names that are valid in the config.

Troubleshooting:
- 401 → the key is invalid or mistyped
- 404 → wrong endpoint path; try adding or removing the trailing `/v1`
- 503 → the upstream is temporarily down; wait and retry rather than changing the config

## Step 4 — Pick one model and confirm it actually generates tokens

A model listing is not proof that inference works. Substitute one model ID from step 3 and test it:

```bash
curl -s https://api.x.ai/v1/chat/completions \
  -H "Authorization: Bearer <PASTE-YOUR-API-KEY-HERE>" \
  -H "Content-Type: application/json" \
  -d '{"model":"<MODEL_ID_FROM_STEP_3>","messages":[{"role":"user","content":"hi"}],"max_tokens":20}'
```

Confirm a 200 response with actual content in `choices[0].message.content` before continuing.

## Step 5 — Write ~/.grok/config.toml

Back up first: `cp ~/.grok/config.toml ~/.grok/config.toml.bak` (skip if the file does not exist).

Then write the following, replacing every `<MODEL_ID>` with a real model ID from step 3:

```toml
[endpoints]
models_base_url = "https://api.x.ai/v1"

[model."<MODEL_ID>"]
api_key = "<PASTE-YOUR-API-KEY-HERE>"

[models]
default = "<MODEL_ID>"
```

### ⚠️ A TOML trap you must avoid

If the model ID contains a dot (e.g. `grok-4.5`), the table name **must** be quoted:

```toml
[model."grok-4.5"]        # ✅ correct
[model.grok-4.5]          # ❌ wrong
```

Without quotes, TOML treats the dot as a key separator and parses it as "key `5` inside table `grok-4`" — the config effectively does not exist. The symptom is `grok models` reporting `You are not authenticated` and falling back to listing built-in defaults like `grok-4`. This failure is easy to miss, so check it explicitly.

### What these settings do

- Once `[endpoints] models_base_url` is set, Grok switches from session auth to `Authorization: Bearer` API key auth, so `grok login` is no longer required
- Every `[model.*]` inherits that base_url, so you do not need to repeat `base_url` per model
- Credential resolution order is `api_key` → `env_key` → the global `XAI_API_KEY` env var
- Grok fetches the model list automatically from `{models_base_url}/models`

## Step 6 — Tighten file permissions

The config holds the key in plaintext:

```bash
chmod 600 ~/.grok/config.toml
```

## Step 7 — Verify (do not skip)

List the models:

```bash
grok models
```

You should see `Model '<MODEL_ID>' is using its own API key.` along with the models from step 3.

If you see `You are not authenticated`, or the listing shows built-in models you never configured, the config did not take effect. Check in this order: the quotes around the model name (step 5) → whether the logout actually happened (step 2) → whether the base_url needs the `/v1` suffix.

Then run real inference:

```bash
grok -p "Introduce yourself in one sentence"
```

## Step 8 — Clean up stale references to old model names

Check `~/.grok/config.toml` for any other field pointing at a model that does not exist on this endpoint, such as `[ui] fork_secondary_model` or `[models] web_search`. Repoint them at a real model ID from step 3, otherwise those features will fail at use time.

## When you're done, report back

1. The model IDs you actually got in step 3
2. The final `config.toml` (mask the key as `sk-***`)
3. The output of `grok models` and `grok -p`

If any step fails, paste the raw error rather than guessing or skipping ahead.

Once copied, replace the key placeholder with your own key — the AI needs it to run the verification steps

We couldn't take your key if we tried

The best privacy guarantee is not a promise — it's not having to trust us at all. So there is no API key field on this page. You cannot hand us your key, even if you wanted to.

  • There is no key input on the site. The key in the prompt is a placeholder you replace yourself, after copying
  • This is a static site with no backend and no database, and no network code runs on the page
  • The endpoint is concatenated in browser memory only — nothing touches localStorage or cookies, and a refresh wipes it
  • All we do is turn configuration knowledge into plain English for you to copy. The execution happens on your machine, by an AI you chose

One parting note: before you paste a key into any AI, make sure you trust it. That advice holds for every site and every agent, not just this one.

How it works

Three steps. There is no fourth.

  1. 01

    Pick your endpoint

    Leave it alone for xAI's official API, or paste a third-party gateway's base URL. The prompt updates live as you type, so you can read exactly what it says. No black box.

  2. 02

    Copy it, add your key, paste it into your AI

    Drop the whole thing into Claude Code, Codex, OpenCode — whichever terminal-capable AI tool you already use — and swap the key placeholder for your real key. The prompt spells out each step, how to verify it, and what to check when something fails.

  3. 03

    Let it run, read the verification

    The AI fetches the real model IDs, smoke-tests inference, writes config.toml, then runs grok models to confirm it took effect. It reports the final config and the results back to you.

Why bother with the extra step

Can't you just copy a config? You can — but a few things reliably go wrong

Model names cannot be guessed

Only the API response decides which models a gateway serves and what they are called. The same host can front Grok today and something else tomorrow. The prompt forces the AI to curl /models first and use what actually comes back.

TOML has a silent trap

When a model name contains a dot, leaving the table name unquoted makes TOML read the dot as a key separator, and the config silently does nothing. The error message then misleads you by claiming you are not authenticated. Written into the prompt, the AI simply avoids it.

A login session overrides your key

As long as a grok login session exists locally, the API key you configured is ignored. People burn a lot of time here when the fix is a single grok logout.

'No error' is not verification

Writing the file proves nothing. The prompt requires the AI to run grok models until it sees 'using its own API key', then run real inference. Both must pass.

The three usual suspects

If you plan to configure it by hand, read these first

01

Model names with a dot must be quoted

The sneakiest one. TOML treats a dot inside a key as a separator, so [model.grok-4.5] parses as 'key 5 inside table grok-4' and your api_key never attaches to the model. The symptom is grok models reporting You are not authenticated while listing built-in defaults you never configured.

toml
[model."grok-4.5"]        # ✅ correct — the quotes are mandatory
api_key = "sk-..."

[model.grok-4.5]          # ❌ wrong — parses as grok-4 → 5
api_key = "sk-..."
02

Sessions take precedence over API keys

If a grok login session is still on disk, the api_key in config.toml is never used. Log out first and confirm ~/.grok/auth.json is gone.

bash
grok logout
ls ~/.grok/auth.json   # should report: No such file
03

Stale fields pointing at models that don't exist

Besides default, your config may reference other models through fork_secondary_model or web_search. If those models are not on your gateway, nothing complains until you use the feature — and then it fails. Repoint them.

toml
[ui]
fork_secondary_model = "grok-build"   # ← not on the gateway; will fail
Read the full manual setup guide

FAQ