API Keys Management

API keys authenticate your requests to the RegPilot AI Gateway. Each key is associated with a project and can be configured with specific permissions and rate limits.

Creating API Keys

Navigate to AI Gateway

Go to your project and select AI Gateway → Overview

Click Manage Keys

Open the API keys management panel

Create New Key

const key = await regpilot.gateway.keys.create({
  name: "Production API Key",
  environment: "production",
  rate_limit: 1000, // requests per minute
  governor_enabled: true
});

// Save this immediately - shown only once!
console.log(key.secret); // sk_...

Save your API key immediately! It’s only shown once at creation. If you lose it, you’ll need to generate a new one.

Key Types

Gateway Keys (sk_)

AI Gateway API requests
Chat completions, embeddings
Governor validation
Usage tracking

Project Keys (pk_)

Compliance management APIs
Violations, models, policies
Read-only dashboard access

Key Permissions

Configure what each key can access:

await regpilot.gateway.keys.update(key.id, {
  permissions: {
    chat: true,
    embeddings: true,
    governor: true,
    models: ["gpt-4", "gpt-3.5-turbo"],
    max_tokens: 4000
  }
});

Key Status

Active

Key is valid and can be used
All features enabled

Inactive

Key temporarily disabled
Returns 401 errors
Can be reactivated

Revoked

Permanently disabled
Cannot be reactivated
Create new key instead

Security Best Practices

Environment Variables

Store keys in env vars, never in code

Rotate Regularly

Change keys every 90 days

Least Privilege

Only grant needed permissions

Monitor Usage

Watch for unusual patterns

Rate Limits

Keys have rate limits based on your plan:

Plan	Requests/Min	Tokens/Day
Free	10	100,000
Pro	100	1,000,000
Enterprise	Custom	Custom

Getting Started

Core Features

AI Gateway

EU AI Act Compliance

API Keys Management