Skip to main content
Project API keys (also called “API Keys” in the interface) are provisioned per project via POST /api/v1/projects/{project_id}/api-keys, exactly as documented in the Cloud API reference.

Key Format

API Keys use the following format: Prefix: ak_ (API Key) Full format: ak_ + 32 alphanumeric characters (a-zA-Z0-9) Example: ak_abc123XYZ789def456ghi012jkl345mn Total length: 35 characters (3 character prefix + 32 character key)

Key Properties

  • Hashing: Keys are hashed with SHA-256 before storage for security
  • Prefix storage: Only the first 8 characters (e.g., ak_abc12) are stored in key_prefix for identification
  • One-time display: The full key is shown once during generation; only the hash is persisted
  • Project scoping: Each key is bound to a specific project via project_id
  • Multi-tenant: Backend projectors enforce scoping to prevent cross-project access

Environment Variable

In your Starter Kit deployment, set the generated key as: 
DEVKIT4AI_PROJECT_KEY=ak_abc123XYZ789def456ghi012jkl345mn
The environment variable is named DEVKIT4AI_PROJECT_KEY for clarity about scope, but the keys themselves use the ak_ prefix (not pk_).

Generation Flow

  1. Cloud Admin UI calls the API endpoint with optional name parameter
  2. Backend generates key with ak_ prefix and 32 random alphanumeric characters
  3. Full key is hashed with SHA-256
  4. Hash and prefix (first 8 chars) are stored in the database
  5. Full key is returned in response and displayed once
  6. Key becomes valid immediately for API requests

Security

  • Store the full key securely - it cannot be retrieved again
  • Never commit keys to version control
  • Rotate keys regularly (every 90 days recommended)
  • Revoke compromised keys immediately