API Keys
The API Keys page lets you create, view, and manage the keys your applications use to call the FourA API.
Viewing Your Keys
The page shows all keys you have access to:
- Personal keys you created directly.
- Organization keys if you're an org owner or admin.
- Team keys shared with you through team membership.
Each row in the table shows:
| Column | What it shows |
|---|---|
| Name | Display name and (optional) description |
| Owner | ME for personal keys, TEAM for org or team-shared keys |
| Prefix | First 12 characters of the key (for identification only) |
| IP Allowlist | Restricted IPs if set, or "All IPs" if unrestricted |
| Expires | Expiry date if set, or "Never" |
| Status | Active or Inactive |
| Created | When the key was created |
| Last Used | When the key last made a request |
Use the search box to filter by name or description, and the status filter to show only active or inactive keys.
Creating a Key
Click Create Key and fill in:
| Field | Required | Description |
|---|---|---|
| Name | Yes | A descriptive label (e.g., "production-scraper" or "staging-test") |
| Description | No | Notes about what this key is used for |
If you belong to an organization, you can also assign the key to that org instead of your personal account.
The full API key is displayed only once after creation. Copy it immediately. Keys use the pk_live_ prefix and look like: pk_live_a1b2c3d4e5f6...
You'll receive an email confirmation when a new key is created.
Editing a Key
Click Edit on any row to update the key's display name and description.
Activating and Deactivating
Use the Disable / Enable button on the row to toggle a key's status. Deactivating a key blocks all API requests that use it. You can reactivate it at any time. The change takes effect within seconds.
Regenerating a Key
If you suspect a key has been compromised, open the actions menu (the three-dot button) and choose Regenerate. This creates a new secret for the same key ID. The old secret stops working immediately. All other settings (name, org assignment) stay the same.
The new key is shown only once. Copy it before closing the dialog.
Deleting a Key
Open the actions menu and choose Delete. By default, deletion deactivates the key (soft delete). You can permanently remove it from the confirmation dialog.
You'll receive an email notification when a key is deleted.
Organization Keys
Keys created under an organization are shared with org members based on their role:
- Owners and admins see and edit all org keys.
- Members see only keys assigned to teams they belong to.
Org keys are automatically added to the organization's default team on creation.
Key Permissions Through Teams
Teams control who can access which keys. Each team-key assignment has a permission level:
| Permission | View key | Edit key settings |
|---|---|---|
| read | Yes | No |
| write | Yes | Yes |
| admin | Yes | Yes |
Related
- Authentication: How API keys work with the API
- Organizations and Teams: Setting up shared access
- Dashboard Overview: All dashboard sections