Using Own API keys in Various IDEs

AI hype is so high these days, every one want best AI models for least cost. Though they don't cost much individually, when you add up cost for each subscription, it is coming to a substantial amount if you very active in AI world.

There fore, I was wondering what kind of support each main AI agent integrated IDE's provide for bringing in you own key (BYOK) - that is your own AI model API key.

Cursor IDE

Cursor allows to bring your own key as of now (Aug/2025). However there are some limitations. As per their website, "Custom API keys only work with standard chat models. Features requiring specialized models (like Tab Completion) will continue using Cursor’s built-in models."

They do support all major model providers (e.g. OpenAI, Google, Claude, Azure, Amazon)

Github Copilot

Github Copilot only support API keys for their organisational clients. You need to buy organisational membership to enable usage of your own API keys.

Here is the link.

Windsurf

Windsurf support BYOK, however, it only support claude models under BYOK settings.

Here is the link.

How to See Which Certificate Was Used in an Existing Backup

Recently I have encountered a interesting scenario relate to SQL server backups.

In our environment there are few SQL servers are running. They are backed up and databases are also backed up. So everything was running smoothly. Until it's not. One of our servers has crashed.

Well, no one was worried, because we had backups and there were not much of data loss.

So after we rebuild the server (we built it from scratch rather than from backups, because we need to refresh the OS anyway), and after installing SQL server, we tried restoring databases.

Then only everyone realized that, backups were encrypted. I know it is our bad, we should have tested restoring periodically, but in small business like us, that never get happen.

So how do we restore the backups. We needed the DEK (Database Encryption Key) which those backups were encrypted.

Luckily we found, set of certificate backups which were use to encrypt database backups.

Every one was happy.

However, how do we know which certificate to use on this particular server. Name didn't really give us a clue.

So we had to Google/Chat with AI a bit.

That's when we came up following approach.

First you need to restore the backup with just header only.

RESTORE HEADERONLY FROM DISK = 'D:\Backups\MyEncryptedBackup.bak';

This will show, result set similar to below:

This result set have following columns (56 of them):

BackupName

BackupDescription

BackupType

ExpirationDate

Compressed

Position

DeviceType

UserName

ServerName

DatabaseName

DatabaseVersion

DatabaseCreationDate

BackupSize

FirstLSN

LastLSN

CheckpointLSN

DatabaseBackupLSN

BackupStartDate

BackupFinishDate

SortOrder

CodePage

UnicodeLocaleId

UnicodeComparisonStyle

CompatibilityLevel

SoftwareVendorId

SoftwareVersionMajor

SoftwareVersionMinor

SoftwareVersionBuild

MachineName

Flags

BindingID

RecoveryForkID

Collation

FamilyGUID

HasBulkLoggedData

IsSnapshot

IsReadOnly

IsSingleUser

HasBackupChecksums

IsDamaged

BeginsLogChain

HasIncompleteMetaData

IsForceOffline

IsCopyOnly

FirstRecoveryForkID

ForkPointLSN

RecoveryModel

DifferentialBaseLSN

DifferentialBaseGUID

BackupTypeDescription

BackupSetGUID

CompressedBackupSize

Containment

KeyAlgorithm

EncryptorThumbprint

EncryptorType

Last two columns, EncryptorThumbprint and EncryptorType will tell you which certificate has been used.

Something I didn't know before.