API keys
An API key authenticates requests to the Speech to Text and Text to Speech APIs. Each key is scoped to a single project: it can access only the transcripts produced within that project. For how keys are used in requests, see Authentication.
API keys differ from management tokens. API keys authenticate transcription and synthesis requests and are scoped to a project. Management tokens authenticate workspace administration and are scoped to the workspace.
Create an API key
API keys are created within your active project. To create a key in a different project, switch projects first. See Projects.
- Go to API keys in the sidebar under Projects.
- Click Create new key.
- Enter a descriptive name for the key.
- Click Generate new key.
- Copy the key value from the dialog.
You cannot access the key value again after closing this dialog. Store it in a secure location immediately.
Revoke an API key
Revoking a key disables it immediately. Requests made with the key are rejected, which may break any application that depends on it.
- Go to API keys in the sidebar under Projects.
- Click the delete button next to the key.
- Confirm the removal.
Manage API keys with the API
You can manage API keys programmatically with the Management API, authenticated with a management token. Available operations include:
API key best practices
- Use descriptive names. Name keys after the application or environment that uses them, so you can audit and revoke the right key later.
- Scope keys to projects. Create keys in the project that matches their purpose to keep transcripts and usage isolated.
- Rotate keys periodically. Create a replacement key, update your application, then revoke the old one.
- Revoke unused keys. Remove any key that is no longer in use.
Next steps
- Authentication: how to use API keys in requests.
- Projects: scope keys by creating them in the right project.
- Management tokens: automate key management programmatically.