API keys authenticate SDK and REST ingest calls to your workspace.
Create a key
- Go to Settings → API keys
- Click Create key
- Name the key (e.g. “Production — Support Bot”)
- Optionally link to an agent profile
- Copy the key immediately — it is shown once
Keys look like: hst_live_...
Linking keys to profiles
Linking connects ingest traffic to the right profile dashboard and evaluation context. Recommended for every production key.
If you change linkage later, new decisions follow the new association.
Using keys
export HISTEERIA_API_KEY="hst_live_xxxx"
Or pass directly to the SDK:
h = Histeeria(api_key="hst_live_xxxx")
See Authentication.
Rotation
Create new key
Generate a replacement key linked to the same profile.
Deploy
Update env vars in your app / CI secrets.
Verify
Confirm decisions arrive under Monitoring.
Revoke old key
Delete or revoke the previous key in Settings.
Security
Never commit API keys to git or expose them in client-side browser code. Use server-side integration or secure secret stores.
- One key per environment (dev/staging/prod)
- Revoke immediately if leaked
- Platform admins can revoke keys via ops tools (enterprise)