Manage API keys

API keys are how your application authenticates to the Public API for fetching translations. They live in LangSync → API keys (one set per organization).

Create a key

1. Open API keys and click New key.
2. Give it a name describing where it'll be used (production-web-app, ci-pipeline, dev-laptop). The name doesn't affect what the key can do – it's purely for your records.
3. Click Create.
4. Copy the key value now. It's the only time the full value is shown; afterwards you'll only see a short preview.

Store the key somewhere your app can read it – environment variable, secret manager (AWS Secrets Manager, GCP Secret Manager, Vault). Never commit keys to a repo.

Use a key

Include it in the Authorization header on every request:

Authorization: Apikey <your-api-key>

LangSync also accepts the Bearer prefix with the same value, for tools that hard-code it.

Revoke a key

1. Find the key in the list and open its ⋯ menu → Delete.
2. Confirm.

Revocation is immediate. Any in-flight request using the key fails with 401 Unauthorized. There's no grace period.

Rotation

LangSync doesn't enforce key rotation, but rotating is good practice. The safe sequence:

1. Create a new key and deploy it.
2. Watch the Last used timestamp on the old key for a while to confirm nothing is still hitting it.
3. Delete the old key.

Scope

API keys are organization-scoped: they can read translations from any namespace in the org. There are no finer-grained scopes (per-namespace, read-only-for-some-products) today. Create separate organizations if you need strict isolation between projects.