Overview
API keys are used to authenticate requests to the ModelStack API. Each key starts with sk_ and can be given a descriptive name for easy identification.
Creating an API Key
- Navigate to Dashboard → API Keys
- Click Create API Key
- Enter a descriptive name (e.g., “Production Server”, “Development”, “CI/CD Pipeline”)
- Click Create
- Copy the key immediately — it won’t be shown again
API keys are only displayed once at creation time. Store them securely. If you lose a key, you’ll need to create a new one.
Managing API Keys
Your API keys dashboard shows:
- Key name — The descriptive name you assigned
- Key prefix — First few characters of the key (e.g.,
abc...)
- Created date — When the key was created
- Last used — Timestamp of the most recent API call with this key
Revoking an API Key
To revoke (delete) an API key:
- Navigate to Dashboard → API Keys
- Find the key you want to revoke
- Click the delete button
- Confirm the revocation
Revoking a key is immediate and irreversible. Any application using that key will immediately receive 401 Unauthorized errors.
Key Limits by Plan
| Plan | Maximum API Keys |
|---|
| Starter | 5 |
| Pro | 20 |
| Max | Unlimited |
Best Practices
- Use descriptive names — Name keys after their use case (e.g., “Backend Production”, “Testing”)
- One key per environment — Use separate keys for development, staging, and production
- Rotate regularly — Periodically create new keys and revoke old ones
- Revoke compromised keys immediately — If a key is exposed, revoke it from your dashboard right away
