Create and Manage API Keys
An API Key is your only credential for accessing the Real200 gateway. Each Key is linked to a user account and can have quotas, expiration times, and access permissions configured.
Create an API Keyโ
- Log in to the Real200 Console
- Click API Keys in the left navigation (or visit
/console/token) - Click Create New Key
- Fill in a Key name (optional, for distinguishing different use cases)
- Click Confirm Creation
:::important Security Reminder
The API Key is displayed only once at creation. Please copy and save it immediately. For security reasons, the system will never show the complete Key value again.
:::
API Key Formatโ
sk-real200-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Manage API Keysโ
View Key Listโ
In the API Keys page of the console, you can view all created Keys including:
| Field | Description |
|---|---|
| Key Name | Custom identifier |
| Key Value | First 8 and last 4 characters shown, middle replaced with ยทยทยท |
| Status | active or disabled |
| Usage | Token count and cost consumed by this Key |
| Created | Key creation date |
Disable/Enable Keyโ
- Click Disable on the Key row to temporarily stop it
- Disabled Keys produce no API calls
- Click Enable again to resume
Delete Keyโ
:::danger Irreversible Action
Deleting a Key is irreversible. Once deleted, the Key is immediately invalid and all requests using it will return 401 Unauthorized.
:::
Best Practicesโ
Rotation Strategyโ
- Create a new Key
- Replace with the new Key in your code
- After confirming the new Key works, disable the old one
- Observe for 24 hours, then delete the old Key
Separate Keys by Use Caseโ
| Scenario | Recommendation |
|---|---|
| Production | Dedicated Key with high quota |
| Test/Dev | Dedicated Key with low quota for cost tracking |
| Third-party | Dedicated Key, can be disabled without affecting main business |
Common Questionsโ
What if my API Key is leaked?
- Immediately disable the Key (Console โ API Keys โ Disable)
- Check Call Logs for any anomalous calls
- Create a new Key and replace it in your code
- After confirming the new Key works, delete the leaked old Key
How many API Keys can one account create?
No default limit. Create keys as needed by use case to avoid management complexity.