Skip to main content

Getting an API key

Customer Champion
Updated

This tutorial walks you through creating an API key in Templified and using it to authenticate your first request. By the end you'll have a working key and know how to rotate or revoke it when needed.

Who can manage API keys

API key management is available to the organization owner only. If you are a member or admin of an organization, ask the owner to create a key for you or to grant access.

Open the API Keys page

  1. Click your account menu in the top-right corner and choose Settings.
  2. In the Settings sidebar, under Organization, click API Keys.

The page lists all active keys for your organization, when each was last used, and a Revoked Keys section at the bottom for keys that have been disabled.

The API Keys page in Settings showing the active keys list and the Create API Key button

Create a key

  1. Click Create API Key (top-right of the API Keys page).
  2. In the Key Name field, type a descriptive name — for example, Production CI or Staging Worker. The name helps you identify the key later and has no effect on permissions.
  3. Click Create Key.

The key value is shown immediately after creation. Copy it now — it will not be displayed again. Use the copy button next to the key, or select the text and copy it manually.

A newly created API key with the full key value visible and a copy button

Use the key in requests

All API requests are authenticated with a Bearer token. Include the key in the Authorization header of every request:

Authorization: Bearer YOUR_API_KEY

Keep your key secret — anyone who has it can create images on behalf of your organization. Do not commit it to source control or share it in public channels.

Key scope

API keys are scoped to a single organization. A key grants access to all render and Studio API endpoints for the organization it was created in — and only that organization. There is no per-key permission restriction: one key has the same access as another within the same org.

If you belong to more than one organization, keys don't carry over between them. Switch to the organization you want (using the organization switcher in the top-right) before you create a key, and create a separate key in each organization you integrate. Likewise, create separate keys for separate systems (for example, one for Zapier and one for a custom integration) so you can revoke them independently without affecting other services.

Rotate a key

Templified does not have a one-click rotate button. To replace a compromised or expired key:

  1. Create a new key (Create API Key) and copy its value.
  2. Update your integration or CI system to use the new key.
  3. Return to the API Keys page and click Revoke next to the old key.

The old key stops working immediately when revoked. Update all systems that use it before revoking, or your service will stop rendering until you do.

Revoke a key

  1. On the API Keys page, find the key you want to disable.
  2. Click Revoke.
  3. Confirm in the dialog by clicking Revoke Key.

Revoked keys appear in the Revoked Keys section with the date they were disabled. Revocation is permanent — a revoked key cannot be re-activated.

Related articles

Comments

0 comments

Article is closed for comments.