> ## Documentation Index
> Fetch the complete documentation index at: https://learn.getodin.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# API Keys

> Generate and manage API keys to connect to your project programmatically.

The **API Keys** tab is where you can generate and label API keys to connect to the platform's features programmatically. Use these keys to establish and maintain connections with other services. We recommend regularly reviewing your API keys and deleting any that are no longer needed to protect your project from unauthorized access.

<Note>
  API keys are project-specific and provide access to project resources. Keep them secure and rotate them regularly.
</Note>

## API Keys List

The API keys list displays all keys created for this project. Use the **Search by name or key** field to find a specific key. Each entry shows the following columns:

| Column      | Description                                                                                        |
| ----------- | -------------------------------------------------------------------------------------------------- |
| **Name**    | The name assigned to the API key, with a badge indicating its type (**Privileged** or **System**). |
| **API Key** | A truncated preview of the key value. Use the copy icon to copy the full key to your clipboard.    |
| **Created** | The date and time the key was created.                                                             |
| **Actions** | A **Delete** link for user-created keys. System keys show **Protected** and cannot be deleted.     |

## Key Types

When creating a new API key, you must select one of the following key types:

| Type                       | Description                                                                                                                                                                                                                 |
| -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Privileged Key**         | Full project access. Can send chats and edit or delete project resources, agents, workflows, and settings. Use this for trusted integrations and server-to-server automation.                                               |
| **Locked-Down Viewer Key** | Read-only project access plus chat runtime (bot interaction). Cannot edit or delete project resources, agents, workflows, or settings. Intended for limited-scope distribution such as Teams or channel bot authentication. |

## Create a New API Key

<Steps>
  <Step title="Open the Create API Key form">
    In the **Settings → API Keys** tab, select the **Create API Key** button.
  </Step>

  <Step title="Select a Key Type">
    Choose either **Privileged Key** or **Locked-Down Viewer Key** depending on the level of access required.
  </Step>

  <Step title="Name the key">
    Enter a descriptive name in the **Key Name** field that clearly identifies the key's purpose.
  </Step>

  <Step title="Generate the key">
    Select the **Generate** button. The key will be created and appear in the API keys list.
  </Step>
</Steps>

<Warning>
  Copy and securely store your API key immediately after generation. The full key value may not be shown again.
</Warning>

## Delete an API Key

The **Automator Key** is a system key created automatically for every project and cannot be deleted. All other API keys you create can be deleted as needed.

1. In the **Settings → API Keys** tab, select the **Delete** link for the key you want to remove.
2. Confirm the deletion in the popup.

A success message will confirm the deletion and the key will no longer appear in the list.

## Best Practices

1. **Use the right key type**: Use Privileged Keys only for trusted, server-side integrations. Use Locked-Down Viewer Keys for public-facing or channel bot deployments.
2. **Clear naming**: Use descriptive names that clearly indicate a key's purpose and the integration it belongs to.
3. **Rotate regularly**: Delete and regenerate keys periodically to reduce the risk of unauthorized access.
