Skip to main content

Overview

user_path is a normalized hierarchy for the caller, for example /team/alpha or /team/alpha/service. GoModel uses it to keep model access, workflows, usage, and audit data scoped to the right team, tenant, service, or customer.

API keys

You can bind a user path to a managed API key in the admin dashboard: API Keys -> Create API Key -> User Path When a request uses that key, GoModel treats the key’s user_path as the effective user path for the request.

HTTP header

Clients can also send a user path directly: 
X-GoModel-User-Path: /team/alpha
If the API key has its own user_path, the key wins. GoModel overwrites the header value with the key-bound path before workflow matching, audit logging, usage tracking, and model access checks run.

Model access

Model access overrides are enabled by default. They can use user_paths to limit a selector to a subtree. Selectors can target:
  • / for all providers and models
  • {provider_name}/ for one configured provider
  • {provider_name}/{model} for one model on one provider
  • a model ID without a provider name
For example:
  • selector: openai/gpt-5
  • user_paths: ["/team/alpha"]
This allows /team/alpha and its descendants, such as /team/alpha/service. Use Models -> Access override in the dashboard to manage these rules.

Exposed models

GET /v1/models uses the effective user_path too. That means two API keys can see different model lists if their user paths have different model access rules.

Workflows

Workflows can also include scope_user_path, so different teams or services can use different cache, audit, usage, guardrail, and fallback settings. You can combine user path with provider and model scope, for example:
  • /team/alpha
  • openai_primary + /team/alpha
  • openai_primary + gpt-5 + /team/alpha
See Workflows for the full matching order.