API Key Management

Securely manage access to GRID services and third-party AI providers.

Service & Role Keys

Service Role

Server-side keys with broad permissions. Never expose these on the client side.

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Anon/Public

Client-side keys safe for public use. Limited permissions based on RLS policies.

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Key Rotation

It is best practice to rotate your keys periodically or immediately if you suspect a leak.

Warning

Rotating keys will invalidate all existing sessions and API connections managed by that key. Ensure you update your `.env` files and deployment secrets immediately after rotation.