API keys identify a user/project and debit cauris for billable direct API requests.
Create a key
Open the dashboard API page, create a key, copy it once, and store it in your backend, local IDE secret store, or deployment secret manager.
- 1
Open dashboard API.
- 2
Create a named key.
- 3
Copy it once.
- 4
Store it as IMOLE_API_KEY.
- 5
Delete it if it leaks.
Bearer token
Every request should include Authorization: Bearer <key>. Do not put live keys in frontend bundles or public Git repositories.
Authorization: Bearer imole_live_...Rotation and deletion
Create separate keys for separate apps or environments. Delete keys you no longer use. If a key appears in logs, screenshots, or public code, rotate it immediately.