Skip to main content
For the complete documentation index for agents and LLMs, see llms.txt.

Generate API Keys

API keys let you connect external applications to Haystack Enterprise Platform. You need them to use API endpoints or when working in an SDK. You can create API keys at the workspace or organization level with different roles and permissions.

About This Task

API keys authenticate your applications when making requests to the Haystack Enterprise Platform API. Each key has:

  • Scope: workspace or organization. Keys generated for a workspace grant access only to this specific workspace. Keys generated for an organization grant access to all workspaces in the organization.
  • Type: personal or service. Personal keys are tied to your user account. Service keys are for automated systems. They're not linked to a specific user. Instead of a username, the search history will show the key name as the actor. Use this type for production applications or systems that connect to Haystack Enterprise Platform.
  • Role: Determines what actions the key can perform.
  • Expiration: Optional expiration date for security.
info

API keys can't be used to create, modify, or delete other API tokens. This prevents unauthorized expansion of access.

Security and Best Practices

  • Use service keys for automated systems and production environments
  • Set expiration dates for keys used in temporary or testing scenarios
  • Regularly review and remove unused API keys
  • Store API keys securely and never commit them to version control
  • Use workspace-scoped keys when possible to limit access

Prerequisites

Learn about available roles and their permissions to choose the right one for your key. Check User Roles and Permissions.

Generate an API Key

For a Workspace

  1. Click your profile icon in the top right corner and choose Settings.
  2. Go to Workspace>API Keys.
  3. Click Create API Key:
    1. Choose if it's a personal or a service key.
      Tip: Choose the Service type for production use cases and systems that connect to Haystack Platform.
    2. Give your key a name. This is optional, if you don't type any name, the key ID is used.
    3. Set the expiration date.
    4. Choose the role to determine the key's permissions.
  4. Click Create API Key.
  5. Important: Copy and save your key. After you add it to Haystack Enterprise Platform, it remains masked.

For an Organization

  1. Click your profile icon in the top right corner and choose Settings.
  2. Go to Organization>API Keys.
  3. Click Create API Key:
    1. Choose if it's a personal or a service key.
      Tip: Choose the Service type for production use cases and systems that connect to Haystack Platform.
    2. Give your key a name. This is optional, if you don't type any name, the key ID is used.
    3. Set the expiration date.
    4. Choose the workspaces this key can access.
    5. Choose the role to determine the key's permissions.
  4. Click Create API Key.
  5. Important: Copy and save your key. After you add it to Haystack Enterprise Platform, it remains masked.