> ## Documentation Index
> Fetch the complete documentation index at: https://docs.wazzapi.com/llms.txt
> Use this file to discover all available pages before exploring further.

# API Keys

> Create, rotate, and revoke API credentials from the dashboard

# Managing API Keys

API keys are the standard way to authenticate backend integrations with the WazzAPI API.

## Creating a Key

1. Log in to the WazzAPI dashboard.
2. Open **Developers**.
3. Click **Create New Key**.
4. Give your key a descriptive name such as `Production API` or `CRM sync`.
5. Choose the scopes your integration needs.
6. Copy the key immediately. You will not be able to see it again.

<Warning>
  Store your API keys securely. Do not commit them to version control.
</Warning>

## Rolling Keys

If you suspect a key has been compromised:

1. Create a new key.
2. Update your applications to use the new key.
3. Delete the old key from the dashboard.

## What keys are scoped to

* organization ownership
* permission scopes
* optional expiry windows
* plan and usage enforcement at request time

## Revocation and rotation

You can revoke a key immediately or rotate it when you want to replace an existing credential without leaving old secrets active for longer than necessary.
