> ## Documentation Index
> Fetch the complete documentation index at: https://docs.a21e.com/llms.txt
> Use this file to discover all available pages before exploring further.

# API Keys

> Create and manage API keys for authenticating with the a21e API.

## Overview

API keys authenticate your requests to the a21e API. Each key is scoped to your user account and optionally bound to a specific workspace.

## Creating a key

1. Go to [Settings > API Keys](https://a21e.com/api-key) in the dashboard
2. Click **Create API key**
3. Optionally bind the key to a workspace (for automatic preference and repo context)
4. Copy the key — it's only shown once

Or via API:

```bash theme={null}
curl -X POST https://api.a21e.com/v1/api-keys \
  -H "Authorization: Bearer EXISTING_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"name": "Production"}'
```

## Key format

a21e API keys use the prefix `a21e_` followed by a random string:

```
a21e_sk_abc123def456...
```

## Authentication

Include your API key in the `Authorization` header:

```bash theme={null}
curl https://api.a21e.com/v1/credits/balance \
  -H "Authorization: Bearer a21e_sk_abc123def456"
```

## Workspace-bound keys

When you bind a key to a workspace, all requests with that key automatically inherit:

* Repository context (if a repo is connected)
* Workspace preferences (model tier, verbosity, etc.)
* Persona directives
* Org-level policies

This is useful for CI/CD integrations or team-shared keys where you want consistent behavior.

## Revoking a key

```bash theme={null}
curl -X DELETE https://api.a21e.com/v1/api-keys/{key_id} \
  -H "Authorization: Bearer YOUR_API_KEY"
```

Revoked keys immediately stop working. Active sessions using the key will fail on their next request.

## Security best practices

* Never commit API keys to source control
* Use workspace-bound keys for production services
* Rotate keys periodically
* Use separate keys for development and production
