> ## Documentation Index
> Fetch the complete documentation index at: https://docs.neuralfactory.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# API Keys

> Create and manage API keys for programmatic access.

# API Keys

API keys allow your applications to access Neural Factory programmatically via the REST API. Administrators can create, manage, and revoke API keys from the **API Keys** section.

## Creating an API key

<Steps>
  <Step title="Navigate to API Keys">
    Open **API Keys** from the sidebar (admin section).
  </Step>

  <Step title="Click Create API Key">
    Click the **Create API Key** button.
  </Step>

  <Step title="Configure the key">
    * **Name** — A descriptive name to identify this key (e.g., "Production Backend", "CI/CD Pipeline")
    * **Permissions** — Select what the key can access (varies by deployment)
  </Step>

  <Step title="Copy the key">
    The API key is displayed once after creation. **Copy it immediately** — you won't be able to see it again.

    <Warning>
      Store your API key securely. Do not commit it to version control, share it in chat, or include it in client-side code.
    </Warning>
  </Step>
</Steps>

## Managing API keys

The API Keys page shows all active keys:

* **Name** — The descriptive name you gave the key
* **Created** — When the key was created
* **Last used** — When the key was last used for an API call
* **Status** — Active or Revoked

### Revoking a key

To revoke an API key:

1. Find the key in the list
2. Click **Revoke**
3. Confirm the action

Revoked keys immediately stop working. Any application using the key will receive authentication errors.

## Using API keys

Include the API key in your API requests as a Bearer token in the Authorization header:

```bash theme={null}
curl -H "Authorization: Bearer your-api-key" \
  https://app.neuralfactory.ai/api/v1/chat
```

See the [API Reference](/api-reference/introduction) for full documentation on available endpoints.

## Best practices

* Create separate keys for each application or environment
* Rotate keys periodically — revoke old keys and create new ones
* Monitor the "Last used" column to identify unused keys
* Revoke keys immediately if they may have been compromised
