Governance

API keys

API keys authenticate telemetry ingestion for agent runs, logs, metrics, and traces.

Audience: Admins, platform engineers, developers

Key lifecycle

Create keys from the API keys page.
Copy the raw key immediately; it is shown once.
Store the key in your application's secret manager or environment configuration.
Revoke keys that are no longer used or may be exposed.
Review last-used timestamps to identify inactive keys.

Security behavior

Raw keys are not stored after creation.
Stored keys use SHA-256 hashes.
Revoked keys are rejected by ingestion authentication.
Key creation and revocation require owner or admin access.
Key creation and revocation are audit logged.

Common uses

Send AI-agent run telemetry from the SDK.
Send OTLP JSON logs, metrics, and traces.
Separate keys by environment, service, or deployment when you need clearer ownership.

Related documentation

Telemetry

Ingest OTLP JSON logs, metrics, traces, and inspect trace detail inside AImonitoring.

AI agent monitoring

Monitor AI-agent quality, latency, tool spans, token usage, cost, and failure rate.

Audit log

Review access, configuration, API key, incident, review, and team-management events.