API Key
Security
Secret credential used to authenticate API requests.
An API key identifies your app to a service and grants access to features. Keep keys private, do not commit them to repos, and store them with a secrets manager. Give each key the smallest scope it needs, and rotate keys on a schedule so a leak does less harm.
Frequently asked questions
How do I store keys safely?
Keep them out of client code and repos. Use server env vars or a secrets manager. Rotate keys and limit their scope.What should I do if a key leaks?
Revoke it right away, create a new key, and review logs for abuse. If needed, contact the provider’s support.Why does my key get rate limited?
APIs enforce fair usage. Batch requests, use caching, and follow provider guidelines to stay within limits.