Beginner4 min

API Key Management

API keys provide simple authentication for many services. Store and manage them securely.

Adding API Keys

For Built-in Plugins

  1. Go to Plugins
  2. Find the service
  3. Click Connect
  4. Enter your API key
  5. Save

For Custom APIs

  1. Import or create the API
  2. Go to Authentication
  3. Select API Key
  4. Configure:
    • Key name
    • Key value
    • Location (header/query)

API Key Configuration

Location Options

| Location | How it's sent | |----------|---------------| | Header | X-API-Key: your-key | | Query | ?api_key=your-key | | Bearer | Authorization: Bearer your-key |

Header Name

Common header names:

  • X-API-Key
  • Authorization
  • Api-Key
  • Service-specific (e.g., X-Stripe-Key)

Managing Keys

View All Keys

  1. Go to Settings > Credentials
  2. See all stored API keys
  3. Filter by service

Update a Key

When rotating keys:

  1. Find the credential
  2. Click Edit
  3. Enter new key
  4. Save

Workflows continue without changes.

Delete a Key

  1. Find the credential
  2. Click Delete
  3. Confirm

Warning: Workflows using this key will fail.

Security Best Practices

1. Use Dedicated Keys

Create API keys specifically for this platform:

  • Easier to rotate
  • Better audit trail
  • Limit blast radius

2. Minimize Permissions

If the service supports it:

  • Read-only when possible
  • Specific resources only
  • Limited rate limits

3. Rotate Regularly

Schedule key rotation:

  • Update key in source
  • Update in our platform
  • Verify workflows work

4. Monitor Usage

Watch for anomalies:

  • Unexpected API calls
  • Failed authentications
  • Rate limit hits

Team Access

Personal Keys

Default - only you can use:

  • Your workflows only
  • Not visible to team

Shared Keys

Share with organization:

  1. Edit the credential
  2. Enable Share with team
  3. Select who can access

Team members use without seeing the key value.

Getting API Keys

Common Services

Stripe

  1. Go to Stripe Dashboard
  2. Developers > API Keys
  3. Copy Secret Key

OpenAI

  1. Go to platform.openai.com
  2. API Keys section
  3. Create new key

SendGrid

  1. Go to SendGrid Settings
  2. API Keys
  3. Create API Key

Best Practices

  • Store keys securely (password manager)
  • Never commit to code repositories
  • Use environment-specific keys

Troubleshooting

Invalid API Key

  • Verify key is correct (copy again)
  • Check key hasn't expired
  • Ensure key has required permissions

Rate Limited

  • Check your plan limits
  • Add delays in workflows
  • Contact service for higher limits

Next Steps

Tags

integrationsapi-keyssecurity