> ## Documentation Index
> Fetch the complete documentation index at: https://docs.rootkey.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# API Keys

> Generate and manage ROOTKey API keys for sandbox and production environments. Step-by-step guide for authenticating API requests.

## How to Create an API Key

<Steps>
  <Step title="Log in and open the Dashboard">
    Go to [app.rootkey.ai](https://app.rootkey.ai/sign-in?utm_source=api_docs\&utm_medium=api_keys_page\&utm_content=login) and sign in. You will land on the main Dashboard.

    <img style={{ borderRadius: "0.5rem" }} src="https://media.rootkey.ai/docs/dev-api-step-1.png" />
  </Step>

  <Step title="Navigate to Developer Tools">
    In the left sidebar, scroll down to the **Platform** section and click **Developer Tools**. The Overview tab shows your active integrations, total request volume, and overall success rate.

    <img style={{ borderRadius: "0.5rem" }} src="https://media.rootkey.ai/docs/dev-api-step-2.png" />
  </Step>

  <Step title="Open the API Keys tab">
    Click the **API Keys** tab at the top of the Developer Tools panel.

    <img style={{ borderRadius: "0.5rem" }} src="https://media.rootkey.ai/docs/dev-api-step-3.png" />
  </Step>

  <Step title="Start creating a new key">
    If no keys exist yet, you will see the empty state. Click **+ Create API Key** in the top right corner to open the creation form.

    <img style={{ borderRadius: "0.5rem" }} src="https://media.rootkey.ai/docs/dev-api-step-4.png" />
  </Step>

  <Step title="Fill in the key details">
    Enter a **Key Name**, an optional description, and choose an icon to help identify this key. Click **Generate Key** when ready.

    <img style={{ borderRadius: "0.5rem" }} src="https://media.rootkey.ai/docs/dev-api-step-5.png" />
  </Step>

  <Step title="Copy and store your key">
    Your new API key is displayed once. Copy it now and store it in a secure location - it will not be shown again after you close this modal.

    <img style={{ borderRadius: "0.5rem" }} src="https://media.rootkey.ai/docs/dev-api-step-6.png" />
  </Step>

  <Step title="Confirm the key is active">
    After closing the modal, the key appears in the API Keys list with an **Active** status and a request counter. You are ready to authenticate API calls.

    <img style={{ borderRadius: "0.5rem" }} src="https://media.rootkey.ai/docs/dev-api-step-7.png" />
  </Step>
</Steps>

***

## Using Your API Key

Pass the key in the `x-api-key` header on every request:

```http theme={null}
x-api-key: YOUR_API_KEY
```

→ See [Authentication](/api-reference/auth) for the full reference and error handling.

***

## Best Practices

<AccordionGroup>
  <Accordion title="Never expose your key in client-side code" icon="file-shield">
    API keys grant full access to your workspace. Keep them server-side and use environment variables - never commit them to source control or include them in frontend bundles.
  </Accordion>

  <Accordion title="Use one key per integration" icon="key">
    Create a separate key for each application or environment. This makes it easy to rotate or revoke a single integration without affecting others.
  </Accordion>

  <Accordion title="Rotate keys periodically" icon="arrows-spin">
    Regenerate keys on a regular schedule and immediately on any suspected exposure. Old keys can be revoked from the Developer Tools panel without downtime if a replacement is in place.
  </Accordion>

  <Accordion title="Monitor usage" icon="magnifying-glass">
    The Developer Tools Overview tab shows request volume and error rates per key. Unusual spikes may indicate misuse or an integration issue.
  </Accordion>
</AccordionGroup>