API Keys
API keys authenticate your requests to the SandBase API. Each key belongs to an organization and can have an optional spending limit.
Key Format
SandBase API keys use the prefix sk-sb-:
sk-sb-abc123def456...Create a Key
- Go to Console → API Keys
- Click Create API Key
- Name your key (e.g., "Production", "Development")
- Optionally set a spending limit
- Copy the key — it won't be shown again
Key Properties
| Property | Description |
|---|---|
| Name | Human-readable label |
| Spending Limit | Maximum USD this key can spend (optional, capped by org balance) |
INFO
A key grants access to all models available to the organization. There is no per-model or per-endpoint restriction on individual keys — scope and access are managed at the organization level. The only per-key control is an optional spending limit.
Security Best Practices
- Never commit keys to version control
- Use environment variables:
SANDBASE_API_KEY - Create separate keys for development and production
- Set spending limits on development keys
- Revoke keys immediately if compromised
Revoke a Key
Revoking a key is permanent and cannot be undone. All requests using the revoked key will immediately return 401.
- Go to Console → API Keys
- Click the delete icon next to the key
- Confirm revocation
API
- Create Key —
POST /default/v1/keys - List Keys —
GET /default/v1/keys - Revoke Key —
DELETE /default/v1/keys/:id