Skip to main content

API Key Management

API Key Management is where you view, copy, and monitor the API keys connected to your account.

Open it here:

Open API Keys

What This Page Is For

Use API Key Management to:

  • See all API keys linked to your account.
  • Copy an API key for use in an application.
  • Reveal a key temporarily.
  • Check whether a key is active.
  • Monitor token and request usage.
  • Review the plan attached to each key.

This page does not explain how API authentication works at the protocol level. For that, see API Reference: Authentication.

API Key Cards

Each API key appears as a card.

The card may show:

  • Plan name.
  • Creation date.
  • Renewal or expiration date.
  • Hidden API key value.
  • Token usage.
  • Request usage.
  • Key capacity.

Keys are hidden by default. When you reveal a key, it is visible only briefly before it is hidden again.

Copy an API Key

To copy an API key:

  1. Open API Keys.
  2. Find the key you want to use.
  3. Click the copy button.
  4. Store it in a secure place, such as an environment variable or secret manager.

Do not paste API keys into public repositories, screenshots, support tickets, or client-side code.

API Key Format

Custodian Labs API keys use a recognizable prefix so they are easier to identify.

Example format:

custodian_labs_********************************

The full value is a secret. Treat it like a password.

Usage and Limits

Each key is tied to account and plan limits.

The dashboard may show:

  • Tokens used.
  • Token limit.
  • Requests used.
  • Request limit.
  • Percentage of quota used.

Usage normally belongs to the current billing or plan cycle. When a plan renews, available credits and request limits may refresh according to the plan.

When No API Key Appears

If the page says there are no API keys yet, activate a plan first.

The usual path is:

  1. Go to Managing Subscriptions.
  2. Choose the Free plan and click Get Started Free, or choose another available plan.
  3. Return to API Keys.
  4. Copy the generated key.

Safe Handling

Keep API keys secure:

  • Use environment variables for local development.
  • Use a secret manager in production.
  • Avoid sharing keys in chat or screenshots.
  • Rotate or replace keys if you suspect exposure.
  • Monitor usage for unexpected spikes.

For more guidance, see Use API Keys Securely.