Skip to main content
xAI is a BYOK (bring-your-own-key) LLM provider in ModuleX. You connect your own xAI API key, then use Grok models in the LLM node, the Agent node, chat, and the Assistant. Because xAI is BYOK, xAI bills you directly for token usage and ModuleX adds no credit charge on top — see BYOK billing below. For the full list of provider types and how managed versus BYOK selection works, see LLM providers. If you would rather have ModuleX provision and meter the model for you in credits, use ModuleX-managed models instead.
🎬 MEDIA PLACEHOLDER · MX-MEDIA-4090 · [SCREENSHOT] [SCREENSHOT_DESCRIPTION]: The xAI connection card in the ModuleX integrations/credentials UI. [SCREENSHOT_DETAILS]: Capture the API Key Authentication form for xAI in the credential-management UI: the API Key field (masked, sample xai-…), the optional Base URL field defaulted to https://api.x.ai/v1, and the “Test connection” / “Save” controls. Light theme, 16:9, crop to the card.

What you need

1

An xAI API key

Create a key in the xAI Console under API Keys → Create new API key. xAI keys start with xai- (for example xai-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx). ModuleX validates the key against the pattern ^xai-[a-zA-Z0-9\-_]{20,}$ before saving it.
2

A ModuleX organization and an owner/admin role

Credentials are scoped to an organization. Connecting and managing integrations requires the owner or admin role — the member role is retired. See roles & permissions.
3

A ModuleX API key (for programmatic setup)

To connect xAI over the API or an SDK, you need a ModuleX API key (mx_live_…) and your organization id. See authentication.

Connect xAI

You connect xAI by storing your xAI API key as a credential for the xai integration. You can do this in the app or programmatically.

In the app

  1. Open the integrations catalog and select xAI, or open Settings → Credentials.
  2. Choose API Key Authentication and paste your xAI key.
  3. Optionally set a custom Base URL (defaults to https://api.x.ai/v1) — only needed for xAI-compatible gateways.
  4. Save. ModuleX validates the key with a minimal request before storing it (see Test a key before saving).
xAI exposes a single authentication scheme — api_key. Its fields are:
api_key
string
required
Your xAI API key. Stored encrypted and never returned in plaintext. Pattern ^xai-[a-zA-Z0-9\-_]{20,}$; sample format xai-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
base_url
string
default:"https://api.x.ai/v1"
Optional custom API base URL, only needed when pointing at an xAI-compatible API. Must match ^https?://.*.

Over the API or an SDK

Create the credential with POST /credentials. ModuleX detects the credential type from the body: an auth_data.api_key value is stored as an api_key credential. Set make_default: true to make this the default xAI credential for the organization. Every request authenticates with Authorization: Bearer mx_live_… plus the X-Organization-ID header (see authentication). 
curl -X POST https://api.modulex.dev/credentials \
  -H "Authorization: Bearer mx_live_xxxxxxxxxxxxxxxxxxxxxxxx" \
  -H "X-Organization-ID: 6f1c2d3e-4a5b-6c7d-8e9f-0a1b2c3d4e5f" \
  -H "Content-Type: application/json" \
  -d '{
        "integration_name": "xai",
        "display_name": "xAI production key",
        "make_default": true,
        "auth_data": { "api_key": "xai-..." }
      }'
id
string
The new credential’s identifier. A 201 response returns the credential metadata; the secret is never echoed back.
Creating, listing, and managing credentials and the integration catalog requires the owner or admin role in the organization. A caller without that role receives a 403. The integration-catalog read routes (for example GET /integrations/llm-providers/xai) are also owner/admin-gated.

Test a key before saving

Use POST /credentials/test-temporary to validate an xAI key without storing it. ModuleX runs the provider’s test call — a 10-token POST to https://api.x.ai/v1/chat/completions against grok-4-fast — and reports success when the response status is 200 and includes the fields id, choices, and model. 
curl -X POST https://api.modulex.dev/credentials/test-temporary \
  -H "Authorization: Bearer mx_live_xxxxxxxxxxxxxxxxxxxxxxxx" \
  -H "X-Organization-ID: 6f1c2d3e-4a5b-6c7d-8e9f-0a1b2c3d4e5f" \
  -H "Content-Type: application/json" \
  -d '{
        "integration_name": "xai",
        "auth_type": "api_key",
        "auth_data": { "api_key": "xai-..." }
      }'
is_valid
boolean
true when the test call succeeds.
status_code
integer
The HTTP status returned by xAI’s test endpoint (200 on success).
test_method
string
How the credential was validated. For xAI this is api_call.
cost_level
string
The cost class of the test call. For xAI this is minimal (a 10-token request).

Available models

ModuleX serves Grok models from the catalog at GET /integrations/llm-providers/xai. The catalog is read-only metadata used by the credential UI and the builder — it is not the execution path. The models below are the ones ModuleX currently advertises for xAI.
Model idDisplay nameMax input tokensMax output tokensVisionInput $/1MOutput $/1M
grok-4-0709Grok 4256,000256,000Yes$3.00$15.00
grok-code-fast-1Grok Code Fast256,00010,000No$0.20$1.50
grok-4-fastGrok 4 Fast2,000,00030,000Yes$0.20$0.50
Prices in the table are xAI’s per-token rates as recorded in the ModuleX catalog, in USD per 1,000,000 tokens. Because xAI is BYOK, these are the rates xAI charges you directly — they are not ModuleX credits. See BYOK billing.
Each model id is the catalog id you select in the app and in node configuration. ModuleX maps the catalog id to the underlying xAI wire model and request settings:
The model list is served from the ModuleX catalog and may change as xAI releases or deprecates models. Always read GET /integrations/llm-providers/xai for the current set rather than hard-coding ids. Catalog reads are cached for up to 10 minutes.

Read the model catalog

curl https://api.modulex.dev/integrations/llm-providers/xai \
  -H "Authorization: Bearer mx_live_xxxxxxxxxxxxxxxxxxxxxxxx" \
  -H "X-Organization-ID: 6f1c2d3e-4a5b-6c7d-8e9f-0a1b2c3d4e5f"
The response is an integration-detail object whose models array contains the entries shown above, plus an auth_schemas array describing the api_key scheme. A truncated example:
Catalog detail (truncated)
{
  "name": "xai",
  "display_name": "xAI",
  "description": "xAI's Grok models for advanced reasoning, coding, and real-time information access",
  "integration_type": "llm_provider",
  "version": "1.0.0",
  "categories": ["AI & LLM Providers", "ai", "chat", "reasoning", "coding"],
  "auth_schemas": [
    {
      "auth_type": "api_key",
      "display_name": "API Key Authentication",
      "description": "Connect using xAI API Key"
    }
  ],
  "models": [
    {
      "id": "grok-4-0709",
      "display_name": "Grok 4",
      "max_input_tokens": 256000,
      "max_output_tokens": 256000,
      "supports_vision": true,
      "input_usd_per_1m_tokens": 3.0,
      "output_usd_per_1m_tokens": 15.0
    }
  ]
}

Use Grok in ModuleX

Once xAI is connected, select a Grok model id wherever a model can be chosen:

LLM node

Call Grok with prompts, variables, and structured output inside a workflow.

Agent node

Run an autonomous step where Grok can call tools and loop.

Chat

Pick Grok as the model for a chat conversation.

Assistant

Configure the Assistant to reason and act with a Grok model.
If your organization holds more than one xAI credential, ModuleX uses the credential marked default for the xai integration. Set a different default with POST /credentials/{credential_id}/set-default. See managing credentials.

BYOK billing

xAI is bring-your-own-key, which changes how usage is billed compared with ModuleX-managed models.

BYOK (xAI)

Token usage is billed by xAI against your own API key. ModuleX adds no credit charge and no markup for the model call itself. BYOK usage is recorded for analytics only — it does not consume ModuleX credits.

Managed (modulexai)

ModuleX provisions the model and bills it in credits through the usage gate, applying a system margin. Use this when you do not want to manage a provider account.
What this means in practice:
  • No ModuleX credit cost for tokens. A Grok call made with your xAI key is not metered in credits. xAI invoices you directly at its own rates (the per-million-token prices in the model table).
  • Other ModuleX usage still applies. Running a workflow or a turn through the Assistant can still consume the flat per-run credit and may pass through the billing gate even when the model itself is BYOK. See credits & metering and usage gating & limits.
  • Rate limits and quotas are xAI’s. Token-rate limits, monthly spend caps, and model availability for a BYOK key are governed by your xAI account, not by ModuleX.
BYOK is available on all plans — there is no separate ModuleX entitlement that gates connecting your own xAI key. The pricing matrix on the marketing site lists BYOK for every tier; the only ModuleX-side billing that applies to a BYOK call is the non-model usage described above. TBD: confirm with the billing owner that no per-call ModuleX surcharge applies to BYOK model calls before treating “no markup” as a guarantee.

Errors

Catalog and credential operations return ModuleX’s standard error shapes. See errors & status codes for the full taxonomy.
StatusWhen it happensShape
400Invalid auth_data/auth_type on credential create, or asking a typed endpoint for the wrong integration type (for example xai is not a tool).{detail: string}
401Missing or invalid Authorization / missing X-Organization-ID.{detail: string}
403Caller is not an owner/admin in the organization.{detail: string}
404Unknown provider, for example GET /integrations/llm-providers/<unknown> returns LLM provider not found.{detail: string}
422Query/parameter validation error.{detail: [ ... ]}
500Unhandled server error.{detail: string}
A bad xAI key does not surface as a ModuleX 401. Connection validation happens against xAI: POST /credentials/test-temporary (or saving with validation) returns is_valid: false with the status xAI returned (for example 401 from api.x.ai). The ModuleX request itself still succeeds.

LLM providers

All providers, and how managed vs BYOK selection works.

ModuleX-managed models

The credit-billed managed alternative to BYOK.

Authentication & credentials

How integrations authenticate and the auth schema variants.

Managing credentials

Create, default, rotate, and scope credentials.