> ## Documentation Index
> Fetch the complete documentation index at: https://docs.jelou.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# API Keys

> Create and manage API keys to access your Databases data from external applications

**API Keys** let you authenticate against the Databases API from external applications, scripts, or integrations. Each key can have granular permissions and a configurable expiration date.

<Frame caption="API Keys list with name, permissions, masked key, and actions">
  <img src="https://mintcdn.com/jelouai/daUUvITM1J6ByU2U/assets/images/datum/api-keys.png?fit=max&auto=format&n=daUUvITM1J6ByU2U&q=85&s=4f21dec8a2aeae6bc4830a6e2e78e794" alt="API Keys table showing created keys with Name, Permissions, Key, Created, Expires columns and Regenerate and Delete buttons" width="3024" height="1730" data-path="assets/images/datum/api-keys.png" />
</Frame>

## Creating an API Key

<Steps>
  <Step title="Go to settings">
    Navigate to **Settings > API Keys** from the left sidebar.
  </Step>

  <Step title="Click + Create API key">
    The button is located in the upper-right corner.
  </Step>

  <Step title="Configure the key">
    Fill in the following fields:

    * **Name** — A descriptive name to identify the key (e.g. "CI Bot", "Backend Production")
    * **Permissions** — Select the permissions the key needs
    * **Expiration** — How long the key should remain valid
  </Step>

  <Step title="Click Create">
    The key is generated and displayed only once. Copy it and store it in a safe place.
  </Step>
</Steps>

<Warning>
  The full key is only shown once at the moment of creation. If you lose it, you will need to regenerate the key or create a new one.
</Warning>

## Available permissions

Permissions are divided into two categories:

**Records**

| Permission              | Description                                            |
| ----------------------- | ------------------------------------------------------ |
| Read records            | Allows reading and searching records in collections    |
| Create & update records | Allows creating new records and updating existing ones |
| Delete records          | Allows deleting records                                |

**Files**

| Permission   | Description                         |
| ------------ | ----------------------------------- |
| Read files   | Allows downloading file attachments |
| Upload files | Allows uploading files to records   |

<Tip>
  Apply the principle of least privilege: grant only the permissions the application actually needs. For example, a read-only dashboard only requires **Read records**.
</Tip>

## Expiration options

| Option        | Description                          |
| ------------- | ------------------------------------ |
| 7 days        | The key expires in 7 days            |
| 30 days       | The key expires in 30 days (default) |
| 60 days       | The key expires in 60 days           |
| 90 days       | The key expires in 90 days           |
| 180 days      | The key expires in 180 days          |
| No expiration | The key never expires                |

<Warning>
  Keys with no expiration are not automatically revoked. Use them only when strictly necessary and combine them with minimum permissions.
</Warning>

## Managing API Keys

The API Keys table shows all created keys with the following information:

* **Name** — Key name
* **Permissions** — Assigned permissions
* **Key** — The last characters of the key (masked)
* **Created** — Creation date
* **Expires** — Expiration date

### Available actions

* **Regenerate** — Generates a new key while keeping the same name and permissions. The previous key stops working immediately.
* **Delete** — Permanently deletes the key. Any application using it will lose access immediately.

## Using the API Key

Include the key in the `X-Api-Key` header of your HTTP requests:

<CodeGroup>
  ```bash cURL theme={null}
  curl -s -X GET 'https://your-instance.jelou.cloud/api/collections/your_collection/records' \
    -H 'X-Api-Key: YOUR_API_KEY' \
    -H 'Accept: application/json'
  ```

  ```javascript JavaScript theme={null}
  const response = await fetch('https://your-instance.jelou.cloud/api/collections/your_collection/records', {
    headers: {
      'X-Api-Key': 'YOUR_API_KEY',
      'Accept': 'application/json'
    }
  });

  const data = await response.json();
  ```

  ```python Python theme={null}
  import requests

  response = requests.get(
      'https://your-instance.jelou.cloud/api/collections/your_collection/records',
      headers={
          'X-Api-Key': 'YOUR_API_KEY',
          'Accept': 'application/json'
      }
  )

  data = response.json()
  ```
</CodeGroup>
