API Keys¶
Manage your API keys from the Settings → API Keys page in the dashboard.
Creating a key¶
- Navigate to Settings → API Keys
- Click Create API Key
- Optionally give the key a name (e.g. "Production", "Development")
- Click Create
Copy your key immediately
The full API key is only shown once, immediately after creation. It cannot be retrieved later. If you lose it, you'll need to create a new one.
Your key will look like: sk_test_a1b2c3d4e5f6g7h8...
Key limits¶
You can have up to 3 active API keys at any time. This allows you to:
- Use separate keys for different environments (development, staging, production)
- Rotate keys without downtime by creating a new key before revoking the old one
Viewing your keys¶
The API Keys page shows all your active keys with:
| Column | Description |
|---|---|
| Name | The optional label you gave the key |
| Key prefix | The first 16 characters of the key (e.g. sk_test_a1b2c3d4) |
| Created | When the key was created |
| Last used | The last time the key was used to make an API request |
For security, only the key prefix is displayed. The full key is never stored in readable form.
Revoking a key¶
To revoke a key:
- Find the key in the list
- Click Revoke
- Confirm the revocation
Warning
Revoking a key is permanent and takes effect immediately. Any applications using that key will start receiving 401 Unauthorized errors.
Best practices¶
- Name your keys to track which application uses which key
- Rotate keys periodically — create a new key, update your application, then revoke the old one
- Monitor "Last used" to detect unused or potentially compromised keys
- Never share keys or commit them to version control — use environment variables instead
For details on using API keys in requests, see Authentication.