API keys

Create and manage workspace API keys for each project and environment. Use separate keys for dev, staging, and production — never share one key everywhere.

Read API docs

Keys are scoped to your workspace, but associated with a project & environment for clarity. Rotate keys regularly and keep them out of your frontend code.

4 keys · sample data

Project:

Env:

Status:

Keys

All workspace keys, grouped by project and environment.

Name

Project

Env

Last used

Status

Actions

backend-prod

my-saas-prod · prod

my-saas-prod

prod

12 minutes ago

• Active

backend-staging

my-saas-prod · staging

my-saas-prod

staging

1 hour ago

• Active

tools-service-dev

tools-service · dev

tools-service

dev

3 days ago

• Active

old-sandbox-key

playground · dev

playground

dev

45 days ago

• Disabled

Key values are only shown once at creation time. Rotate keys safely instead of editing them in-place.

Best practices

Use one key per environment (dev/staging/prod) instead of sharing a single global key.
Store keys in your secret manager or environment variables, not in your git repo.
Rotate keys periodically and whenever a team member leaves.
Never expose API keys in frontend code or mobile apps — they're meant for your backend only.

How rotation works

Rotating a key should be done calmly:

Create a new key for the same project / environment.
Deploy the new key to your backend.
Verify traffic using the new key.
Disable the old key once everything looks good.

This page is where you'll create, disable, and eventually delete keys once they're no longer needed.

API references

Every request carries your API key via an Authorization: Bearer <key> header.

For concrete examples and language snippets, see the API docs and tools reference.