Skip to main content

API Keys

API keys authenticate your requests to the Runcrate Models API. Each key is scoped to a project.

Creating an API Key

1

Navigate to Keys

Go to Dashboard → Keys and select the API Keys tab.
2

Click Create Key

Click Create API Key.
3

Name Your Key

Give the key a descriptive name (e.g., production, dev-testing).
4

Copy the Key

Your full API key is displayed. Copy it immediately — it will not be shown again.
The full API key is shown only once at creation. If you lose it, you will need to create a new key.

Key Format

API keys follow the format: 
rc_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
The rc_live_ prefix identifies it as a Runcrate API key. The prefix is always visible in the dashboard for identification purposes.

Managing Keys

Activate / Deactivate

Toggle a key between active and inactive states. Deactivated keys will reject all API requests until reactivated.

Delete

Permanently delete a key. Any applications using the deleted key will immediately lose API access.

Last Used

The dashboard shows when each key was last used, helping you identify unused or stale keys.

Default Key

When you create a project, a default API key is auto-provisioned for use with the Playground. You can use this key for testing or create additional keys for your applications.

Security Best Practices

Never Commit Keys

Do not hardcode API keys in source code or commit them to version control. Use environment variables instead.

Rotate Regularly

Create new keys periodically and deactivate old ones to limit exposure.

One Key Per Application

Use separate keys for different applications or environments (dev, staging, production).

Deactivate Unused Keys

Deactivate keys that are no longer in use rather than leaving them active.
API keys are scoped to the project they were created in. They cannot access resources in other projects.