Admin: Create Key

Create and manage API Keys for authentication and access control

API Keys are credentials for calling the AI Gateway API. Keep them secure.

Prerequisites before creating an API Key:

  1. Complete Token supplier configuration first.Token Supplier Configuration
  2. Configure and enable at least one domain in Domain Management.Domain Management

Key Management List

1

Enter Key Management Page

Go to "Gateway Management" → "Key Management".

Statistics Overview

Statistics cards showing Key status overview:

Active Keys

Active Keys

Normal Keys

Normal Keys

Quota Warning Keys

Quota Warning Keys

Disabled Keys

Disabled Keys

Key Management List

Figure 3: Key management list

Figure 3: Key management list

List Field Description

FieldDescription
Key NameCustom Key name with masked prefix and last 4 characters
SupplierToken supplier(s) bound to this Key
Bind Type"Personal" or "App"
Key SuffixLast 4 characters for identification
UsageToday's usage / daily quota with percentage bar
StatusGreen "Active", Gray "Disabled", Red "Expired"
ActionsCopy Key, Edit, Reset Key, Delete, Enable/Disable

Search & Filter

  • Name search: enter Key name keyword
  • Status filter: "Active" or "Disabled"
  • Bind type filter: "User" or "App"
  • Click "Reset" to clear all filters

Create API Key

1

Open Create Form

Click the "Create Key" button.

2

Fill Key Basic Info

The form includes the following fields:

FieldRequiredDescription
Key NameYesCustom name to distinguish different Keys
ValidityYesSet the expiration date for the Key
Supplier BindingYesSelect one or more Token suppliers that this Key can access
Bind TypeYes"Personal" or "App". Personal Keys are bound to users, App Keys to applications
3

Personal Mode — Bind User Info

Each user can only have one Personal Key.

FieldRequiredDescription
NameYesUser's real name
EmailYesEmail address to receive the plaintext Key
3

App Mode — Advanced Configuration

Richer access control configurations are available.

  • Statistics by User: Track usage per end user independently. Requires JWT user info in requests
  • Allowed Domains: Set email domain allowlist for this Key. Only matching domains can access
  • Daily Token Quota: Daily Token usage limit per end user
  • Monthly Token Quota: Monthly Token usage limit per end user
4

Configure Rate Control

Both modes require rate control parameters.

FieldRequiredDescription
RPMYesMax API requests per minute for this Key
TPMYesMax Token consumption per minute for this Key, in M (millions)

Quota & Rate Control

5

Confirm Creation

After filling in all fields, click "Submit".

Open Create Form

Figure 4: Create Key form (Personal mode)

Figure 4: Create Key form (Personal mode)

Key Management Operations

Perform the following operations on each API Key:

Copy Key

Copy the plaintext Key to the clipboard.

Edit

Modify the Key's name, validity, supplier, RPM, TPM, etc.

Reset Key

Generate a new Key when the current one may be compromised.

Enable / Disable

Disable or enable a Key at any time.

Delete

Permanently delete the Key. This action cannot be undone.