Skip to main content

Using API Keys

The HTTP API and Python client use API keys for authentication in the following ways:
OptionHow To Use API Key
HTTP APISet API Key as Authorization bearer token in requests
Python clientSet API Key to KOLENA_API_KEY environment variable

Personal API Keys

Create or manage your personal API Keys by clicking “My API Keys” on your user profile in the top right of the web UI: From here you can create new Keys and revoke existing ones. All personal API Keys have the same roles and permissions as your user.

Service Users and API Keys

This is available on the Enterprise Plan. Contact Kolena if you’re not on an Enterprise plan but would like to try this feature.
Service users can be created with API Keys associated to them. This allows you to create Keys that are not tied to a specific user’s membership in your Organization or their roles and permissions. Organization admins can create service users and API Keys from the “API Keys” tab on your Organization page. Creating an API Key from this modal will also create a service user. This service user has a default Organization role which you can manage, and can be given permissions on individual agents like any other Organization user.

Managing API Keys Across Your Organization

Organization admins can manage and revoke API keys for their team members and service users through the “API Keys” tab on your Organization page.

API Key Expiration

This is available on the Enterprise Plan. Contact Kolena if you’re not on an Enterprise plan but would like to try this feature.
Organization administrators can configure organization-wide API key expiration policies from the “Data & Security” tab on your Organization page:
  • Organization-level policies: Admins can require all keys to have an expiration date and set maximum allowed expiration periods for compliance
  • Individual key expirations: When creating new API keys, users can set expiration dates that don’t exceed organization policies
  • Expiration notifications: Configure email alerts to be sent a specified number of days before key expiration to both administrators and the key owner