> ## Documentation Index
> Fetch the complete documentation index at: https://docs.orq.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# API Keys | AI Studio

> Create and manage AI Gateway API keys with optional cost, token, and rate limits for production, staging, and development environments.

## What are API Keys

API Keys are secure tokens **required to authenticate and make requests to the AI Gateway**. Multiple keys can be provisioned for different environments (production, staging, development), purposes, or team members, providing granular control and auditing of access.

API Keys support:

* Authenticating requests to the **AI Gateway**
* Controlling access by environment or team
* Setting optional budget limits to prevent unexpected costs
* Tracking usage and consumption per key

<Info>
  The Project scoped granular keys will be available for **AI Gateway** use cases from release 4.11.
</Info>

## Creating an API Key

To create an API key:

1. Navigate to the **API Keys** page in the **AI Gateway**
2. Choose <kbd className="key">Create API Key</kbd>, the following modal opens:

<div style={{ width: "70%", margin: "0 auto" }}>
  <Frame caption="Configure a name, optional spending limits, and expiration when creating an API key.">
    <img src="https://mintcdn.com/orqai/lqVyDy-llJ4XuTsl/images/create-api-key-ai-gateway.png?fit=max&auto=format&n=lqVyDy-llJ4XuTsl&q=85&s=f66e9f120a54366447819f451ba545b0" alt="API key creation modal with fields for name, expiration date, cost limit, token limit, requests per minute, and reset period." width="687" height="797" data-path="images/create-api-key-ai-gateway.png" />
  </Frame>
</div>

The following fields are configurable:

* **Name**: a unique label for the key
* **Cost Limit** (in USD): caps the total spend for requests made with this key. Optional toggle.
* **Token Limit**: caps the total number of tokens consumed. Optional toggle.
* **Requests/Min**: caps the number of requests within a rolling 60-second window. Optional toggle.
* **Reset limit period**: defines when the Cost and Token counters reset, allowing recurring budget allocations. Does not apply to Requests/Min, which always uses a 60-second window.
* **Expiration**: set a date after which the key becomes inactive. Defaults to no expiration.

<Warning>
  When any configured limit is reached, further requests using this key are rejected with a `429 Too Many Requests` error.
</Warning>

## Managing API Keys

API Keys can be created, viewed, and managed from the dedicated **AI Gateway** page to ensure secure access.

<Frame caption="API keys list showing key name, status toggle, and action menu.">
  <img src="https://mintcdn.com/orqai/RMShxg2YIJEAuUrP/images/view-api-key-ai-gateway.png?fit=max&auto=format&n=RMShxg2YIJEAuUrP&q=85&s=c89bfeaedae32109baa5049459f14292" alt="API Keys list view showing key name, status toggle, and action menu button." width="751" height="171" data-path="images/view-api-key-ai-gateway.png" />
</Frame>

* To disable an API Key, use the **Toggle**, it can be re-enabled at any time.
* To delete an API Key, use the <kbd><Icon icon="ellipsis" /></kbd> button and choose **Delete**.
* To view consumption details, use the <kbd><Icon icon="ellipsis" /></kbd> button and choose **Overview** to see current usage and limits.

<Warning>
  Deleting an API key is permanent and cannot be undone. Make sure the key is not in use before deleting it.
</Warning>

## Legacy API Keys

Workspaces created before **AI Gateway** API keys were introduced may have legacy keys. Legacy keys continue to work but do not support the cost, token, and rate limits available on new keys.

<Frame caption="Legacy API key shown in the AI Gateway API Keys list.">
  <img src="https://mintcdn.com/orqai/Nz1r0yhXySKXTs2i/images/project-api-key.png?fit=max&auto=format&n=Nz1r0yhXySKXTs2i&q=85&s=b40f48ec2f65dfd75f697efd6df37663" alt="AI Gateway API Keys list with a legacy key entry highlighted, showing no limit configuration options." width="980" height="230" data-path="images/project-api-key.png" />
</Frame>

To get granular access controls, create a new API key and replace the legacy one:

1. Go to **API Keys** in the **AI Gateway** sidebar.
2. Click **Create API Key** and configure the required limits.
3. Update any integrations or environment variables to use the new key.
4. Disable or delete the legacy key once all consumers have switched.