Authentication
API Authentication
To send requests to your model endpoints, your application needs an API key. This key serves as both your identity and your authorization to use NeevCloud resources.
Why API Keys Matter
Authentication
The API key proves that requests are coming from your account, not an unauthorized third party. Every request you send includes this key in the Authorization header, and NeevCloud validates it before processing the request.
Usage Attribution
NeevCloud tracks which API key is making each request. This allows:
Accurate billing based on your actual token consumption
Usage analytics showing which applications or environments are consuming the most tokens
Rate limiting to prevent accidental or intentional abuse
Granular Access Control
You can create multiple API keys for different purposes:
One key for development environments
Another for staging environments
A third for production applications
Separate keys for different teams or projects
If one key is compromised, you can revoke it without affecting other keys or interrupting other systems.
Security Isolation
If you suspect a key has been exposed (committed to a public repository, shared accidentally, etc.), you can revoke it immediately. Only requests using that specific key will stop working. Your other keys continue functioning normally.
Creating an API Key
Step-by-Step Process
Navigate to API Key Management In your NeevCloud dashboard, go to AI Inference → Security → API Keys. This page shows all your existing keys and their usage.
Create New Key Click Create New API Key. You'll be prompted to provide a name for the key.
Name Your Key Descriptively Use names that clearly indicate the key's purpose:
"Production Web App"
"Development Environment"
"Data Pipeline"
"Mobile App v2"
Good naming makes it easy to identify which key to revoke if there's a security issue.
Copy and Store Securely Critical: The API key is displayed only once. After you close this window, you cannot view it again. Copy the key immediately and store it in a secure location:
Password manager
Secrets management system (AWS Secrets Manager, HashiCorp Vault, etc.)
Environment variables in your deployment system
Never store API keys in:
Source code repositories
Public documentation
Client-side code (JavaScript in browsers)
Shared documents or wikis
API Key Best Practices
Treat Keys Like Passwords
Your API key grants access to your NeevCloud resources and will result in charges to your account. Protect it with the same care you'd use for a password or credit card number.
Use Environment Variables
In your application code, load the API key from an environment variable rather than hardcoding it:
This prevents accidentally committing the key to version control.
Rotate Keys Regularly
For high-security applications, create new API keys periodically (monthly or quarterly) and deprecate old ones. This limits the exposure window if a key is compromised.
Revoke Compromised Keys Immediately
If a key is exposed:
Revoke it in the dashboard immediately
Generate a new key
Update your applications with the new key
Review recent usage for suspicious activity
Last updated