Back to AlphaLensGuideAPI Reference

API Key Management

This page covers everything you need to know about API keys, including how to create them, manage them securely, for you and your team members.

Frontend Management: API keys are fully managed through the AlphaLens web interface. Visit your API Keys settings to create and manage keys

Prerequisites

  • AlphaLens account

  • Admin permissions for company-wide key management

Creating an API Key

Using the Web Interface

  1. Navigate to Settings > Advanced > API-keys

  2. Click "Generate New API-key"

  3. Enter a descriptive name for your key

  4. Set an expiration date (optional but recommended)

  5. Click Create - the key value is shown only once

  6. Copy and store the key securely immediately

Important: The raw API key value is only shown once during creation. Make sure to copy and store it securely before closing the dialog.

API Management: Programmatic API key management is also available. Get in touch if you need to manage keys via API endpoints.

Managing Existing Keys

View Your Keys

In the API Keys interface, you can see:

  • Status - active/inactive color indicator

  • Key name - the descriptive name you assigned

  • Created - when the key was generated

  • Last used - most recent API request timestamp

Usage Tracking: Monitor the "Last used" column to identify unused keys that should be revoked for security.

Revoking Keys

To revoke a key through the web interface:

  1. Find the key in your API Keys list

  2. Click the "Revoke key" button

  3. Confirm the revocation

Using API Keys

To use an API key for authentication, include it in the request header:

API-Key: your_api_key_here

Ready to Start: Once you have your API key, you can begin making requests to any AlphaLens API endpoint.

Best Practices

  1. Store API keys securely and never expose them in client-side code

  2. Use descriptive names to easily identify different keys

  3. Regularly rotate keys for security

  4. Set expiration dates for temporary access

  5. Revoke unused or compromised keys immediately

  6. Keep track of which keys are used for what purpose

Naming Convention: Use descriptive names like "Production Server", "Development Testing", or "Data Pipeline" to easily identify key purposes.

Security Notes

  • API keys are sensitive credentials - treat them like passwords

  • The full key value is only shown once when created

  • Keys can't be recovered if lost - create a new one instead

  • All key usage is logged for security monitoring

  • Keys automatically expire if an expiration date is set

Lost Keys: If you lose an API key, you cannot recover it. You'll need to create a new key and update your applications.

Need help with API key management? Contact our support team for assistance.

This documentation was created by Deckmatch. For help, questions or feedback, please don't hesitate to email our support team.

© 2025 Deckmatch