> For the complete documentation index, see [llms.txt](https://layerlens.gitbook.io/stratix-python-sdk/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://layerlens.gitbook.io/stratix-python-sdk/security-best-practices/security/api-key-management.md).

# API Key Management

This guide covers best practices for securely managing your Stratix API keys throughout the development lifecycle.

## API Key Security Fundamentals

### What Makes API Keys Sensitive

API keys are sensitive credentials that provide access to your Stratix organization and projects. They should be treated with the same level of security as passwords or other authentication tokens.

**Risks of compromised API keys**:

* Unauthorized access to your evaluations and data
* Unintended usage charges on your account
* Potential data breaches or intellectual property theft
* Abuse of your API quotas and rate limits

### API Key Best Practices

1. **Never hardcode API keys in source code**
2. **Use environment variables or secure credential stores**
3. **Rotate keys regularly**
4. **Use different keys for different environments**
5. **Monitor key usage and access patterns**
6. **Revoke unused or compromised keys immediately**

## Secure API Key Storage

### Environment Variables (Recommended)

**✅ Good - Using environment variables**:

```python
import os
from layerlens import Stratix

# Secure: Load from environment variables
client = Stratix(
    api_key=os.getenv('LAYERLENS_STRATIX_API_KEY'),
)
```

### Setting Environment Variables Securely

**Linux/macOS**:

```bash
# Add to your shell profile (.bashrc, .zshrc, etc.)
export LAYERLENS_STRATIX_API_KEY="sk-your-key-here"

# Reload your shell configuration
source ~/.bashrc  # or ~/.zshrc
```

**Windows**:

```cmd
# Command Prompt (persistent)
setx LAYERLENS_STRATIX_API_KEY "sk-your-key-here"

# PowerShell (session-only)
$env:LAYERLENS_STRATIX_API_KEY="sk-your-key-here"
```

### Using .env Files

**Create a .env file** (never commit this to version control):

```bash
# .env
LAYERLENS_STRATIX_API_KEY=sk-your-key-here
```

**Load .env file in Python**:

```python
from dotenv import load_dotenv
import os

# Load environment variables from .env file
load_dotenv()

from layerlens import Stratix

# Now environment variables are available
client = Stratix()
```

**Important**: Add `.env` to your `.gitignore` file:

```bash
# .gitignore
.env
.env.local
.env.*.local
*.env
```


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://layerlens.gitbook.io/stratix-python-sdk/security-best-practices/security/api-key-management.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
