API Key Management

Learn how to securely generate, configure, and manage your API access credentials.

Create Your Key

On the "Tokens" page in the console, you can generate new API keys (Tokens) at any time. For security reasons, the full key is only displayed once at creation. If lost, you must generate a new one.

Advanced Configuration Options

Quota Cap

Set the maximum quota a single key can consume to prevent account balance depletion due to code defects or accidental leaks.

Expiration Time

Create keys with an explicit validity period for temporary testing or external collaboration, which automatically expire.

IP Whitelist

Restrict requests strictly to specific server IP addresses or CIDR segments to greatly enhance production environment security.

Group Binding

Determine which model group pricing tier applies to this key, facilitating cost management across different business lines.

Security Best Practices

Environment Variable Storage

Always store your sk- keys in environment variables (e.g., export MODELSTREAM_API_KEY="sk-..."). Never hardcode them or commit them to Git repositories.

Environment Isolation

Use separate keys for production, testing, and personal projects so they can be revoked individually if a leak occurs.

Backend Security Proxy

Never expose keys directly in frontend or browser code. All API requests should be proxied and authenticated through your own backend servers.