# Platform API Keys

API Keys authenticate your applications and services when communicating with the InteractiveAI platform. The platform uses two distinct key types for different purposes: **Project API Keys** for SDK operations and **Router API Keys** for LLM access.

### Key Types

{% tabs %}
{% tab title="Project API Keys" %}
Project API Keys authenticate SDK requests for tracing, prompt management, and evaluation operations. When you create a project API key, the platform generates two credentials:

| Credential | Format   | Purpose                                 |
| ---------- | -------- | --------------------------------------- |
| Public Key | `pk-...` | Identifies your project in API requests |
| Secret Key | `sk-...` | Authenticates requests                  |

Both credentials are required to initialize the InteractiveAI SDK. Set them as environment variables:

```bash
INTERACTIVEAI_PUBLIC_KEY="pk-..."
INTERACTIVEAI_SECRET_KEY="sk-..."
INTERACTIVEAI_HOST="https://app.interactive.ai"
```

Then initialize the client:

```python
from interactiveai import Interactive

interactiveai = Interactive()
```

{% endtab %}

{% tab title="Router API Keys" %}
Router API Keys allow your application to route LLM requests through InteractiveAI's unified API. Unlike Project API Keys, Router API Keys generate a single credential called the **Authentication Key** (`sk-...`).

The Router authenticates requests via Bearer tokens in the Authorization header, enabling direct usage with curl or compatibility with the OpenAI SDK:

```python
from interactiveai.openai import OpenAI
import os

client = OpenAI(
    base_url="https://app.interactive.ai/api/v1",
    api_key=os.environ["LLMROUTER_API_KEY"]
)
```

Or when calling the Router API directly:

```bash
curl https://app.interactive.ai/api/v1/chat/completions \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $LLMROUTER_API_KEY" \
  -d '{
    "model": "openai/gpt-4o",
    "messages": [
      {"role": "user", "content": "Hello, world!"}
    ]
  }'
```

{% endtab %}
{% endtabs %}

***

### Creating API Keys

#### Creating a Project API Key

1. Navigate to **Settings → API Keys**
2. Locate yourself onto the **Project API Keys tab**
3. Click **+ Add New**
4. Select **Project API Key**
5. Copy both the Public Key and Secret Key immediately

<div data-with-frame="true"><figure><img src="/files/chSeuPxEk1LzKAceFU1p" alt=""><figcaption></figcaption></figure></div>

#### Creating a Router API Key

1. Navigate to **Settings → API Keys**
2. Locate yourself onto the **Router API Keys tab**
3. Click **+ Add New**
4. Select **Router API Key**
5. Assign a descriptive name for the key
6. Copy the Authentication Key immediately

<div data-with-frame="true"><figure><img src="/files/oGxlr8xgXOP4Cpx7HUB0" alt=""><figcaption></figcaption></figure></div>

You cannot retrieve these keys after creation. Store them securely before closing the dialog.

***

### Security Best Practices

* **Store keys in environment variables.** Never hardcode API keys in your application code. Use environment variables and exclude them from version control by adding your `.env` file to `.gitignore`.
* **Never expose keys in client-side code.** API keys should only be used in server-side applications. Exposing them in frontend code, public repositories, or browser-accessible JavaScript compromises your account security.
* **Use descriptive names for Router keys.** Naming keys by application or environment (e.g., "production-backend", "staging-api") makes it easier to identify and rotate specific keys without affecting other services.
* **Rotate keys periodically.** Generate new keys and update your applications before revoking old ones to avoid service interruption.

#### Compromised Keys

InteractiveAI participates in GitHub's secret scanning program and employs additional detection methods for exposed credentials. If a compromise is detected, you will receive an email notification.

Upon notification, or if you suspect exposure:

1. Navigate to **Settings → API Keys**
2. Revoke the compromised key immediately
3. Generate a replacement key
4. Update your application's environment variables


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.interactive.ai/settings/platform-api-keys.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.