# API Keys
[View original](https://ittybit.com/docs/keys)
***
title: API Keys
icon: keys/yellow
-----------------
## Introduction
API keys are used to authenticate requests to the API. They are a way to identify the user and project making the request.
```ts
import { Ittybit } from '@ittybit/sdk'
const ittybit = new Ittybit({
apiKey: 'ITTYBIT_API_KEY'
})
const files = await ittybit.files.list()
```
```python
import ittybit
files = ittybit.files.list()
```
```ruby
require 'ittybit'
files = Ittybit::Files.list()
```
```php
use Ittybit\IttybitClient;
$client = new IttybitClient(
token: "ITTYBIT_API_KEY"
);
$files = $client->files->list();
```
```go
package main
import (
"context"
"github.com/ittybit/sdk-go/client"
"github.com/ittybit/sdk-go/option"
)
func main() {
c := client.NewClient(
option.WithToken("ITTYBIT_API_KEY"),
)
files, err := c.Files.List(
context.Background(),
&client.FileListParams{},
)
if err != nil {
// Handle error
return
}
// Use the files
_ = files
}
```
```js
const response = await fetch('https://api.ittybit.com/files', {
headers: { 'Authorization': 'Bearer ITTYBIT_API_KEY' }
})
const { data: files, error } = await response.json()
```
```bash
curl https://api.ittybit.com/files \
-H "Authorization: Bearer ITTYBIT_API_KEY"
```
Keys give access to all the resources for the project so you should not share them with anyone.
You should store your API keys in a secure environment, such as a secret manager or environment variable, and never include them in source controlled files.
## Create an API Key
When you first create a project, you will be asked to create an API key.
Click 'Generate Key'.
Then you will be able to copy the key to your clipboard.
## View your API keys
### Project Dashboard
Whenever you need to grab your API key, you can do so from the 'Quick Start' section of the project dashboard.
### Project Settings
You can also view and manage your keys from your project settings page.
1. Settings is accessible from the sidebar menu.
2. Clicking the 'Manage' button above your key on the project dashboard will also bring you to the project settings page.
Scroll down to the 'API Keys' section.
## Pause API Key
You can pause an API key to stop it from being used, but retain the option to re-enable it.
This is useful if you need to test changes in your system without causing side effects, or to prevent runaway costs during an unexpected busy period.
You can also re-enable a paused key.
## Delete API Key
You can delete an API key to remove it from the project. This will immediately stop all requests using the key.
Deleting a key is irreversible so you will be shown a confirmation dialog before the key is permanently deleted.
## Roll API Keys
If you need to rotate (aka roll) a project's API key, you can do so without downtime by:
1. Clicking the '+ Create Key' button in project settings.
2. Updating your code to use the new key.
3. Deleting the old key.