Use your own API keys. Break the proxy. No middleman credits.
ComfyUI's built-in API nodes don't call vendor APIs directly. They route every request through
api.comfy.org — a proxy that replaces vendor pricing with its own opaque credit system.
You pay Comfy.org, Comfy.org pays the vendor. This is API laundering.
This extension removes the middleman entirely. Your calls go direct. Your keys, your rates, your data.
API laundering is the practice of wrapping third-party APIs behind a proxy service that substitutes the original vendor's pricing and authentication with its own credit system. The user never interacts with the actual provider — they buy proprietary credits from the middleman, who then makes the real API call on their behalf, pocketing the margin.
The anatomy of an API laundry:
┌──────────┐ credits ┌──────────────┐ real API key ┌──────────┐
│ User │ ──────────────> │ Middleman │ ──────────────────> │ Vendor │
│ │ <─── response── │ (proxy) │ <──── response ──── │ (API) │
└──────────┘ └──────────────┘ └──────────┘
pays markup keeps margin receives less
loses transparency obscures real cost ToS may prohibit
This matters because:
- Price opacity. You can't compare what you're paying to what the vendor charges. The middleman sets credit prices arbitrarily with no obligation to track vendor rate changes.
- Vendor ToS violations. Many API providers explicitly prohibit reselling or proxying their services without authorization. The middleman may be operating in a legal grey area — or outright violating terms they agreed to.
- Data routing. Your prompts, images, and generated content pass through a third party that has no business seeing them. The vendor's privacy policy covered a two-party relationship; the middleman inserted a third.
- Artificial dependency. The software works without the proxy. The proxy exists to create a billing chokepoint, not to provide functionality. If the middleman goes down, raises prices, or changes terms, you lose access to APIs you could have called directly.
- Regulatory exposure. As API resale and data brokerage come under increasing regulatory scrutiny, intermediaries that repackage API access without clear licensing face growing legal risk — risk that propagates to their users.
API laundering is not "providing a service." Providing a service means adding value. A proxy that strips your ability to use your own API key and replaces it with a credit meter is extracting value. The distinction matters.
- Direct API routing — Calls go straight to vendor APIs, not through any proxy
- No account needed — Works without a ComfyUI/Comfy.org account
- Local asset storage — Images/videos stored locally instead of uploaded to intermediary servers
- 30+ providers supported — text, image, video, 3D, SVG, audio, and enhancement APIs
- Simple UI — Configure local keys or
passentry paths through ComfyUI's interface - Coverage inspector — Review unmapped proxy endpoints and copy the full list from the UI
- Graceful fallback — If no key is set, falls back to default ComfyUI behavior
cd ComfyUI/custom_nodes
git clone https://github.com/holo-q/comfy-api-liberation.gitRestart ComfyUI after installation.
1. Click API Keys in the toolbar
2. Enter keys for each provider
Get Key links directly to each provider's API key page Status shows "Configured" (green) or "Not set" The
key/passtoggle lets each row store either a local secret or apasspath Coverage now includes a Copy Full List button for unmapped endpoints
pass insert ai/openai
pass insert ai/google
pass insert ai/elevenlabsIn the UI, switch a provider row from key to pass and enter the corresponding path, for example:
ai/openaiai/googleai/elevenlabs
Liberation stores only the path in its config. The secret remains in your password store and is
resolved at request time with pass show <path>.
Create api_keys.json in the extension directory:
{
"google": { "source": "local", "value": "your-google-key" },
"openai": { "source": "pass", "value": "ai/openai" },
"stability": { "source": "local", "value": "your-stability-key" }
}Older plain-string entries are still accepted and are treated as local keys.
Tencent Hunyuan 3D uses Tencent Cloud's signed TC3 request flow rather than a single bearer token.
For the tencent provider, enter one of these formats:
secretId:secretKey
secretId:secretKey:region
{"secret_id":"...","secret_key":"...","region":"na-ashburn"}
If the region is omitted, liberation currently defaults to na-ashburn.
|
|
|
ComfyUI's API nodes send requests to /proxy/* endpoints on api.comfy.org — the laundry.
This extension intercepts that flow and routes it where it should have gone in the first place:
- Intercepts outgoing API requests before they leave ComfyUI
- Rewrites
/proxy/vendor/...URLs to direct vendor API endpoints - Injects your API key as the appropriate auth header
- Virtualizes the file upload system so assets stay on your machine
All of this happens transparently — existing workflows work without modification. No nodes to replace, no workflows to rebuild. The proxy is simply removed from the equation.
- Direct API routing — bypass the proxy, call vendors directly
- API Key Manager UI with per-provider status
- Per-provider
passstorage mode for CLI-managed secrets - Local asset virtualization — no uploads to intermediary servers
- Coverage inspector with copy-to-clipboard for unmapped endpoints
- Config file support
- Graceful fallback to default ComfyUI behavior when no key is set
- 30+ provider mappings (Google, OpenAI, Stability, ElevenLabs, Meshy, Kling, Tencent, etc.)
- Real pricing hints — replace ComfyUI's opaque credit cost per node with actual vendor $/request pricing
LIBERATION_DEBUG=1 python main.py- API keys are stored locally in
api_keys.json(gitignored) passmode stores only the entry path inapi_keys.json, not the secret itself- Keys are never sent to ComfyUI/Comfy.org servers
- Each provider only receives its own API key
- Your data travels directly between you and the vendor — no third-party pass-through
MIT License · Issues and PRs welcome