Skip to main content
API keys authenticate programmatic requests and third-party clients. Treat them like access to your account quota.
1

Open API keys

Sign in and go to the API keys page.
2

Create a key

Set a name, optional quota limit, expiration time, model scope, and IP restrictions.
3

Copy the key

Store the sk- value securely. The full key may only be displayed once.

Security practices

  • Use separate keys for development, production, and external clients.
  • Set quota limits for temporary or third-party keys.
  • Store keys in environment variables or a secret manager.
  • Delete and recreate a key immediately if exposure is suspected.
Never place API keys in browser frontend code or public repositories.

Next steps