Production Checklist
A practical launch checklist for teams using OneAI in a real SaaS or commercial API product.
Before sending customer traffic
Use this checklist to make sure OneAI is configured as production infrastructure, not a local experiment.
Call OneAI from your backend. Do not expose customer API keys or upstream provider keys in browser code, mobile apps, or public repos.
For operations that may be retried, send a stable Idempotency-Key so the same customer action does not create duplicated work.
Attach maxCostUsd to production requests to prevent accidental expensive model usage.
Use cheap for high-volume simple tasks and balanced for business workflows. Reserve premium and explicit model selection for paid plans.
Store requestId with your customer event so support teams can trace provider, model, usage, latency, and error state.
Review request count, token usage, estimated cost, errors, and expensive model usage before raising limits.
Use different API keys for development, staging, and production. Revoke leaked or unused keys quickly.
OneAI should produce intelligence and plans. Execution should remain with OneClaw, bots, your backend, or human review.
Recommended production request
This pattern gives you route control, cost control, and retry safety.
curl -s https://oneai-saas-api-production.up.railway.app/v1/generate \
-H "Content-Type: application/json" \
-H "x-api-key: YOUR_ONEAI_API_KEY" \
-H "Idempotency-Key: customer-action-123" \
-d '{
"type": "business_strategy",
"input": {
"goal": "Launch a paid AI feature in 30 days",
"audience": "SaaS builders",
"constraints": ["Keep it practical", "Prioritize validation"]
},
"options": {
"llm": {
"mode": "balanced",
"maxCostUsd": 0.03
}
}
}'Launch verification
Run these checks after each deployment or environment-variable change.
| Area | Expected result |
|---|---|
| Health | GET /health returns ok |
| Tasks | GET /v1/tasks shows only public commercial tasks |
| Models | GET /v1/models or /v1/generate/models returns configured providers |
| Task call | POST /v1/generate succeeds with a Free task |
| Gateway call | POST /v1/chat/completions succeeds with a chosen model |
| Usage | Usage page shows requests, tokens, and estimated cost after traffic |
| Cost | OpenRouter and DeepSeek calls return estimatedCostUSD > 0 when pricing exists |
| Auth | Unauthenticated web users cannot create keys or view usage |
Start new customers on Free or a manually activated Pro plan, watch real usage for a few days, then raise limits. For high-value customers, design a dedicated Task Intelligence workflow instead of selling only raw model calls.