Authentication

Create keys, send bearer tokens, and keep user keys protected.

Security

API keys identify a user/project and debit cauris for billable direct API requests.

Create a key

Open the dashboard API page, create a key, copy it once, and store it in your backend, local IDE secret store, or deployment secret manager.

  1. 1

    Open dashboard API.

  2. 2

    Create a named key.

  3. 3

    Copy it once.

  4. 4

    Store it as IMOLE_API_KEY.

  5. 5

    Delete it if it leaks.

Bearer token

Every request should include Authorization: Bearer <key>. Do not put live keys in frontend bundles or public Git repositories.

HTTP header
Authorization: Bearer imole_live_...

Rotation and deletion

Create separate keys for separate apps or environments. Delete keys you no longer use. If a key appears in logs, screenshots, or public code, rotate it immediately.

Next

Related docs