API Keys
API keys are the primary credentials for authenticating requests to Skytells APIs, SDKs, and model inference. Create, manage, and rotate them from Settings in the Skytells Console.
API keys are the principal credentials for talking to Skytells programmatically. Every request to the Skytells API, every SDK call, every model inference, and every integration that communicates with the platform authenticates using an API key. This is different from Account Access Tokens, which authorize services or the CLI to act on your account — API keys authenticate API and inference traffic.
For the full credential model — what API keys are, their format, and how authentication works at the platform level — see Authentication: API Keys.
API keys vs. Account Access Tokens
| API Keys | Account Access Tokens | |
|---|---|---|
| Purpose | Authenticate API, SDK, and inference requests | Authorize account-level access (CLI, apps, integrations) |
| Used by | Your services, SDKs, inference calls | CLI, OAuth apps, automation pipelines |
| Scope | Tied to your account's plan and permissions | Scoped per token |
| Expiration | No built-in expiration | Configurable expiration |
Use an API key when your code, service, or SDK needs to call the Skytells API or run model predictions. Use an Access Token when an application or the CLI needs to act on your account.
How to get here
- Open the Skytells Console and navigate to Settings in the left sidebar.
- Select API Keys in the Settings left rail.
Creating an API key
- On the API Keys page, click Generate New API Key.
- Enter a descriptive name that identifies what uses this key:
production,staging-workers,sdk-integration. - Confirm creation.
- Copy the key immediately — the full secret is displayed once. After you leave or refresh the page, only a masked version remains.
- Store it in a secrets manager or inject it as an environment variable in your service.
Name keys by their consumer, not their purpose. data-pipeline-prod is more useful than write-key when you need to revoke it six months from now.
Managing existing keys
The API Keys page lists all active keys. For each key you can:
| Action | When to use it |
|---|---|
| Copy | Retrieve the masked display value to confirm which key is which. |
| Reveal | View the full secret (if available after creation). |
| Delete / Revoke | Permanently disable the key. Any service or SDK using it stops working immediately. |
Rotating a key
Rotate keys on a regular schedule or immediately when a key is exposed:
- Create a new key with a clear replacement name.
- Update every service, environment variable, and SDK configuration that uses the old key.
- Verify the replacement is working.
- Delete the old key immediately — do not leave it active.
Security
For secure handling practices — environment variable injection, secrets managers, key rotation schedules, and what never to do with API keys — see Authentication: API Keys and Account Security.
Related
- Authentication: API Keys — platform-level explanation of the key format, model, and security practices.
- Account Access Tokens — for CLI, apps, and services that need account-level access.
- Security — account protection controls.
- Settings Overview — all account settings sections.
How is this guide?
Overview
Settings is the account administration hub in the Skytells Console — covering your profile, security posture, API credentials, third-party provider connections, billing, and rewards, all from one place.
Access Tokens
Account-level access tokens authorize Skytells apps, the CLI, and third-party integrations to act on your account. Create, scope, and revoke them from Settings in the Skytells Console.