Creating API Keys

This guide covers how to create LangMart API keys for your applications.

Creating a Permanent API Key

Using the Web Interface

1. Log in to langmart.ai
2. Navigate to Settings > API Keys (or click your profile icon)
3. Click Create API Key
4. Fill in the details:

5. Click Create
6. Copy the key immediately - it won't be shown again!

Using the API

curl -X POST https://api.langmart.ai/api/keys \
  -H "Authorization: Bearer YOUR_EXISTING_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Production Backend",
    "permissions": ["read", "write"]
  }'

Response:

{
  "id": "key-abc123",
  "key": "sk-test-a1b2c3d4e5f6789...",
  "key_prefix": "sk-test-a1b2",
  "name": "Production Backend",
  "permissions": ["read", "write"],
  "expires_at": null,
  "created_at": "2025-01-08T10:30:00Z",
  "message": "Please save this API key. It will not be shown again."
}

Important: The full key value is only returned once at creation time. Store it securely!

Creating a Key with Expiration

Set an expiration date for keys that should auto-expire:

curl -X POST https://api.langmart.ai/api/keys \
  -H "Authorization: Bearer YOUR_EXISTING_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Temporary Access",
    "permissions": ["read"],
    "expires_in_days": 30
  }'

This key will automatically become invalid after 30 days.

Creating a Temporary API Key

Temporary keys are useful for:

• Short-term testing
• Demo environments
• Contractor access
• Time-limited integrations

Using the API

curl -X POST https://api.langmart.ai/api/keys/temporary \
  -H "Authorization: Bearer YOUR_EXISTING_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Demo Key",
    "expires_in_hours": 24,
    "permissions": ["read"]
  }'

Response:

{
  "id": "key-temp-xyz789",
  "key": "sk-temp-xyz789abc...",
  "key_prefix": "sk-temp-xyz7",
  "name": "Demo Key",
  "permissions": ["read"],
  "expires_at": "2025-01-09T10:30:00Z",
  "is_temporary": true,
  "created_at": "2025-01-08T10:30:00Z"
}

Permission Levels Explained

Read Permission

Allows:

• Listing available models
• Viewing analytics and usage data
• Reading connection information (not API keys)
• Checking account status

Does not allow:

• Making inference requests
• Creating or modifying resources
• Administrative actions

Use case: Dashboard viewers, read-only integrations

Write Permission

Includes everything in read, plus:

• Making chat completions and other inference requests
• Creating and updating connections
• Managing favorites and preferences
• Basic account modifications

Does not allow:

• Creating new API keys
• Organization-level management
• Administrative actions

Use case: Standard application integration, backend services

Admin Permission

Includes everything in write, plus:

• Creating and revoking API keys
• Managing organization members
• Access to admin endpoints
• Full account control

Use case: Administrative tools, organization management

Naming Best Practices

Choose clear, descriptive names for your keys:

Good names:

• Production Backend - User Service
• Staging Environment
• Analytics Dashboard - Read Only
• CI/CD Pipeline
• Mobile App v2.1

Poor names:

• test
• key1
• asdf
• my key

Good names help you:

• Identify which key is used where
• Know which key to revoke if compromised
• Audit usage patterns

Organization Keys

Organization admins can create keys for the entire organization:

1. These keys are associated with the organization, not individual users
2. Usage is billed to the organization
3. Good for shared services and team tools

curl -X POST https://api.langmart.ai/api/keys \
  -H "Authorization: Bearer ADMIN_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Shared Backend Service",
    "permissions": ["read", "write"],
    "scope": "organization"
  }'

Viewing Your Keys

List All Keys

curl https://api.langmart.ai/api/keys \
  -H "Authorization: Bearer YOUR_KEY"

Response:

{
  "keys": [
    {
      "id": "key-abc123",
      "key_prefix": "sk-test-a1b2",
      "name": "Production Backend",
      "permissions": ["read", "write"],
      "last_used_at": "2025-01-08T09:15:00Z",
      "usage_count": 1523,
      "created_at": "2024-12-01T00:00:00Z",
      "expires_at": null,
      "status": "active",
      "is_expired": false
    }
  ],
  "total": 1,
  "active": 1,
  "max_allowed": 10
}

Note: The full key value is never shown after creation - only the prefix.

Key Information Available

Storing Keys Securely

After creating a key, store it securely:

Environment Variables (Recommended)

# .env file (never commit this!)
LANGMART_API_KEY=sk-test-a1b2c3d4e5f6...

# Python
import os
api_key = os.environ.get("LANGMART_API_KEY")

// Node.js
const apiKey = process.env.LANGMART_API_KEY;

Secret Managers

For production, use a secret manager:

• AWS Secrets Manager
• Google Secret Manager
• Azure Key Vault
• HashiCorp Vault
• 1Password (for teams)

What NOT to Do

# NEVER do this!
api_key = "sk-test-a1b2c3d4e5f6..."  # Hardcoded key

# NEVER commit keys to git
# NEVER share keys in chat/email
# NEVER store keys in frontend code

Key Limits and Quotas

If you need more keys, consider:

• Revoking unused keys
• Using organization-level keys for shared services
• Contacting support for enterprise limits

Troubleshooting

"Maximum number of API keys reached"

You've hit the 10-key limit. Solutions:

1. Revoke unused or old keys
2. Consolidate applications to share keys where appropriate
3. Use organization keys for team services

"Invalid permissions"

Only these permission values are valid: read, write, admin. Check for typos.

Key Not Working After Creation

1. Verify you copied the entire key (no truncation)
2. Check the key hasn't expired
3. Ensure you're using the right base URL
4. Verify the key has necessary permissions

Next Steps

• Using API Keys - Integrate keys into your applications
• API Key Security - Best practices for key management
• Connections Overview - Set up provider connections