API Key Management¶
Learn how to securely create, manage, and use API keys for platform authentication
API keys are essential for authenticating your requests to the elluminate platform. This guide covers best practices for managing your API keys securely.
Note: only project admins have access to the "API Keys" dashboard.
Creating API Keys¶
- Navigate to your project's "API Keys" dashboard
- Click "Create new secret key"
- Enter a descriptive name for your key
- Set an expiration date (recommended) or choose "never" for no expiration
- Save your key securely - it will only be shown once
Security Best Practices¶
Store Securely¶
- Use environment variables to store API keys
- Never commit API keys to version control
- Don't expose keys in client-side code or browser
- Keep keys out of logs and error messages
Regular Rotation¶
- Rotate keys on a regular schedule
- Create new keys before old ones expire
- Remove unused or expired keys
- Use expiration dates when possible
Access Control & Key Management¶
- Find all your active keys
- See when keys were last used
- Check expiration dates
- Edit key names
- Delete/revoke keys
Using API Keys¶
You can use your API key by exporting it as an environment variable:
Or you can set the API key as a parameter in the client:
For more details on using the SDK, see our Quick Start Guide.
Troubleshooting¶
If you encounter issues with your API key:
- Verify the key hasn't expired
- Check if the key has been revoked
- Ensure you're using the correct project ID
- Confirm the key is being sent correctly in requests