Skip to content

API Key Management

API keys are essential for authenticating your requests to the Elluminate platform. This guide covers best practices for managing your API keys securely. Note: only project admins have access to the "API Keys" dashboard.

Creating API Keys

  • Navigate to your project's "API Keys" dashboard

API Keys Dashboard

  • Click "Create new secret key"
  • Enter a descriptive name for your key
  • Set an expiration date (recommended) or choose "never" for no expiration

Create API Key

  • Save your key securely - it will only be shown once

Created API Key

Security Best Practices

Store Securely

  • Use environment variables to store API keys
  • Never commit API keys to version control
  • Don't expose keys in client-side code or browser
  • Keep keys out of logs and error messages

Regular Rotation

  • Rotate keys on a regular schedule
  • Create new keys before old ones expire
  • Remove unused or expired keys
  • Use expiration dates when possible

Access Control

  • Use descriptive names to track key usage
  • Revoke compromised keys immediately
  • Monitor key usage through the dashboard

Managing Existing Keys

From the Keys dashboard, you can:

  • View all active API keys
  • See when keys were last used
  • Check expiration dates
  • Edit key names
  • Delete/revoke keys

Using API Keys

You can use your API key by exporting it as an environment variable:

export ELLUMINATE_API_KEY=<your_api_key>

Or you can set the API key as a parameter in the client:

from elluminate import Client

client = Client(api_key="<your_api_key>")

For more details on using the SDK, see our Quick Start Guide.

Troubleshooting

If you encounter issues with your API key:

  • Verify the key hasn't expired
  • Check if the key has been revoked
  • Ensure you're using the correct project ID
  • Confirm the key is being sent correctly in requests