xAI offers Grok models via its API for text generation, reasoning, coding, tool use, document-centric workflows, and agentic research. The current docs focus primarily on Grok 4.20 as the new flagship, as well as on server-side tools such as Web Search, X Search, Code Execution, and Collections Search.
Additionally, xAI documents classic model-listing endpoints such as /v1/models and /v1/language-models.
xAI API – Grok
LLM “Build with Grok, the AI model designed to deliver truthful, insightful answers.”
Origin: USA ⓘ X.AI LLC, 1450 Page Mill Road, Palo Alto, CA 94304, USA
Server-side Tools Additional billing for tool invocations; costs may increase with the complexity of agentic requests.
Credits / API Key API usage takes place via an xAI account, API key, and purchased credits.
Enterprise / ZDR Enterprise customers can use Zero Data Retention so that API requests and responses are not stored.
Voice / Imagine / Batch / Tools Additional product areas for real-time conversations, TTS/STT, image/video generation, batch processing, web search, and structured outputs.
Target audience
The xAI Grok API is aimed primarily at developers, technical teams, start-ups, agencies, and companies that want to build their own LLM-powered applications. It is especially interesting for teams that want to combine research, coding, agent workflows, and tool orchestration, because xAI strongly emphasizes exactly these patterns in the docs. For pure end users without a build context, the API is far less obvious than Grok Web/App.
Outstanding features
The most striking differentiators are the server-side research and agent tools. xAI documents Web Search, X Search, Code Execution, and Collections Search as integrated tools for Grok. In addition, there is Grok 4.20 with a large context window, automatic reasoning, and strict prompt adherence, as well as Grok 4.20 Multi-agent for multi-agent research. For Enterprise, DPA, subprocessor transparency, retention rules, billing/usage controls, and Provisioned Throughput are also relevant.
Key application areas
Grok is particularly strong for up-to-date research, technical analysis, coding, agent workflows, RAG/document search, and interactive assistance systems. The docs repeatedly show exactly these usage patterns: current web/X search, coding in code editors, multi-stage research with Multi-agent, and document work via Collections/Search. As a result, xAI feels less like a pure standard text model and more like an API for tool-supported workflows.
Usage & notes
Operationally, you start with an xAI account, API key, and credits. The docs currently recommend examples mostly with grok-4.20-reasoning. Important here: Grok 4 is a reasoning model; according to the docs, there is no separate non-reasoning mode for it. In addition, Grok-4 reasoning models do not support certain older parameters such as stop, presencePenalty, and frequencyPenalty. For Multi-agent, reasoning.effort has a different meaning: it controls the number of agents, not the depth of thought. For Enterprise use, you should also clearly distinguish between the general Privacy Policy and the Enterprise Terms/DPA.
| Target audience | Assessment |
|---|---|
| Developers / product teams | Very suitable – for Grok-based chat, reasoning, tool, web/X search, voice, image, and video applications. |
| SaaS providers / startups | Suitable – if current information, Grok models, and multimodal API functions are relevant. |
| Creator and social-adjacent products | Suitable to very suitable – especially for applications with real-time/X relevance, content, research, and conversation. |
| SMEs with technical implementation | Suitable – for assistants, search, support, research, automation, and multimodal AI functions. |
| Enterprise / compliance teams | Conditionally to well suited – xAI offers a DPA, a no-training statement for API data, and ZDR for Enterprise, but EU data residency is not publicly documented as a standard. |
Calculate tokens and costs with the KIFOX Tokenizer
grok-4.20-reasoning
Best suited for:
Demanding default choice for current xAI apps: reasoning, tool-supported research, web/X search, coding, document analysis, structured responses.
grok-4.20-multi-agent
Best suited for:
Deep research, multi-perspective analyses, complex topics with multiple sources, agentic deep-research workflows.
grok-4 / grok-4-latest / grok-4-07079
Best suited for:
General high-end text and reasoning tasks with the Grok 4 family; useful for stable alias/version workflows.
grok-code-fast-1
Best suited for:
Coding-related workflows, editor integrations, developer assistance.
grok-3
Best suited for:
Solid older Grok generation for more general LLM workloads if you want to work with a documented older model.
grok-3-mini
Best suited for:
Lower-cost standard tasks, simple extraction/classification, low-cost workloads.
Hosting & Data
1) On-prem / local hosting
Meaning: The company operates the solution on its own hardware or within its own infrastructure. In the strictest sense, not only the application runs locally, but ideally the model as well.
2) Private cloud / data center
Meaning: The solution runs in a dedicated or more clearly separated cloud environment, often with a hosting provider or hyperscaler, but in a German data center or in a particularly controlled environment.
3) EU SaaS / managed
Meaning: The provider operates the solution itself as a service. The company uses the tool as a ready-made cloud service, ideally with EU data residency.
4) Hybrid
Meaning: One part of the processing remains internal / local / in a private cloud, while another part runs in an external cloud or EU SaaS.
5) AVV / DPA
Meaning: This is the data processing agreement or Data Processing Addendum. It governs that the provider processes personal data on behalf of the customer and is bound by the customer's instructions.
6) No training
Meaning: The provider does not use your prompts, uploads, attachments, chat histories, or outputs for training or improving the general model — ideally excluded by contract.
7) Open-source / transparency path
Meaning: There is a path toward greater technical transparency and sovereignty, for example through:
- open models
- documented components
- self-hostable parts
- traceable architecture
- export / switching options
| On-prem / local hosting | ⚠️ |
| Private cloud / data center | ✅ |
| EU SaaS / Managed | ✅ |
| Hybrid | ⚠️ |
| DPA / AVV | ✅ |
| No training on customer data | ✅ |
| Open source / transparency path | ⚠️ |
Overall assessment of hosting & data:
The xAI API is a managed cloud API service for Grok models with text, reasoning, function calling, web search, X search, structured output, batch API, files/collections, voice, image, and video. On-premises hosting of the Grok models is not publicly documented as a standard option. Positives include API access, OpenAI-compatible usage, server-side tools, multimodal APIs, 30-day standard deletion of API requests/responses, no training without permission, and Enterprise ZDR. Critical issues remain the standard 30-day retention without ZDR, international data transfers, the lack of publicly documented EU-only data residency, and possible additional costs/complexity due to autonomous tool calls.
Conclusion:
xAI/Grok is strong for developers who want to build current, tool-capable, multimodal, and social-/web-adjacent AI applications; for EU-regulated data, Enterprise ZDR, DPA, subprocessor review, and data classification should be clarified before productive use.
| On-prem / local hosting | ⚠️ |
| Private cloud / data center | ✅ |
| EU SaaS / Managed | ✅ |
| Hybrid | ⚠️ |
| DPA / AVV | ✅ |
| No training on customer data | ✅ |
| Open source / transparency path | ⚠️ |
Overall assessment of hosting & data:
The xAI API is a managed cloud API service for Grok models with text, reasoning, function calling, web search, X search, structured output, batch API, files/collections, voice, image, and video. On-premises hosting of the Grok models is not publicly documented as a standard option. Positives include API access, OpenAI-compatible usage, server-side tools, multimodal APIs, 30-day standard deletion of API requests/responses, no training without permission, and Enterprise ZDR. Critical issues remain the standard 30-day retention without ZDR, international data transfers, the lack of publicly documented EU-only data residency, and possible additional costs/complexity due to autonomous tool calls.
Conclusion:
xAI/Grok is strong for developers who want to build current, tool-capable, multimodal, and social-/web-adjacent AI applications; for EU-regulated data, Enterprise ZDR, DPA, subprocessor review, and data classification should be clarified before productive use.
Strengths & Weaknesses at a Glance
| Strengths | Weaknesses |
|---|---|
| - Very strong in real-time research because Grok integrates web search and X search as official tools. | - The documentation is currently inconsistent between new model names like grok-4.20-reasoning and older/dated IDs like grok-4-0709; as a result, the model landscape is less clear than with some competitors. |
| - Well positioned for coding, agentic tool workflows, and document-based analysis. | - Exact token prices for some new models are referenced on the official pricing page, but in the officially parseable sources here they are not cleanly extractable for every model. |
| - xAI explicitly positions Grok 4.20 as a fast, precise model with strict prompt adherence. | - xAI itself points out that outputs may hallucinate or be inaccurate and must be reviewed by the customer. |
| - For enterprise/API data, there is a DPA, a subprocessor list, and according to the Enterprise Terms, a 30-day deletion of User Content unless an exception applies. | - For enterprise customers, operating competing services with the xAI API is prohibited according to the Terms. |
Reviews
0 reviews in total
There are no confirmed reviews for this tool yet.
Submit review
Deine Bewertung wird erst nach der Bestätigung per E-Mail sichtbar. Damit schützen wir das Portal vor Missbrauch.
Report review
Please select the reason why this review should be checked.
GDPR-compliant use possible?
GDPR assessment: From a GDPR perspective, the xAI API is conditionally to well suited if it is used in an xAI Business/Enterprise context with a DPA and appropriate data controls.
Positive is that xAI provides a Data Processing Addendum that addresses GDPR/UK GDPR/Swiss FADP, roles as Processor, SCCs, UK Addendum, subprocessors, and deletion after the end of the contract. xAI also states that it never uses API inputs and outputs for training without explicit permission; API requests and responses are stored by default for 30 days for abuse/misuse audits and then deleted. For Enterprise, there is Zero Data Retention, under which prompts, completions, and metadata are not persisted.
Negative is that xAI allows international transfers outside Europe, including to the USA, and there is no publicly confirmed EU-only data residency as the standard for the API.
Server location: No confirmed EU-only region as standard; the DPA mentions transfers/processing outside Europe, including the USA, insofar as necessary for service provision. Further link: xAI DPA, xAI API Security FAQ, and xAI Enterprise FAQ.