Admin SDK

API Keys

Provision and rotate organization- and project-scoped API keys.

Overview

API keys authenticate requests to Confident AI, and come in two scopes:

  • Organization API keys authenticate at the organization level. They’re used for account-wide administration — including every management method in this SDK.
  • Project API keys are scoped to a single project. They’re the keys your application uses to send traces and run evaluations against that project.

Use the Admin SDK to list, create, enable, disable, and delete keys at either scope.

The full secret value of an API key is only returned when it is created. Subsequent reads return a masked value, so store the secret securely at creation time.

All methods on this page require an Organization API Key. See the Quickstart to create a client.

List API Keys

You can list every API key at the organization or project level, with secret values masked.

1from confidentai import ConfidentAI
2
3client = ConfidentAI()
4
5org = client.organization()
6project = client.project("clq9z3x1k0001la08f7t3g5p2")
7
8api_keys = org.api_keys.list()
9project_api_keys = project.api_keys.list()

Get an API Key

You can retrieve a single API key by its api_key_id, with its secret value masked.

1org = client.organization()
2project = client.project("clq9z3x1k0001la08f7t3g5p2")
3
4api_key = org.api_keys.get(7)
5project_api_key = project.api_keys.get(7)

Create an API Key

You can create a new key at the organization or project level. The returned object’s value is the full secret, so store it securely when the key is created.

1org = client.organization()
2project = client.project("clq9z3x1k0001la08f7t3g5p2")
3
4api_key = org.api_keys.create("ci-pipeline")
5print(api_key.value)  # e.g. "confident_us_org_...", shown only once
6
7project_api_key = project.api_keys.create("ci-pipeline")
8print(project_api_key.value)  # e.g. "confident_us_proj_..."

Enable or Disable an API Key

You can set valid to false to revoke a key without deleting it, or back to true to re-enable it.

1org = client.organization()
2project = client.project("clq9z3x1k0001la08f7t3g5p2")
3
4api_key = org.api_keys.update(7, valid=False)
5project_api_key = project.api_keys.update(7, valid=False)

Delete an API Key

You can permanently delete an API key by its api_key_id, which immediately revokes it.

1org = client.organization()
2project = client.project("clq9z3x1k0001la08f7t3g5p2")
3
4org.api_keys.delete(7)
5project.api_keys.delete(7)

Next Steps

Use your keys to authenticate the rest of the platform and SDKs:

Authentication

Learn how organization- and project-level auth works.

Projects

Manage the projects your keys are scoped to.