API Keys

Overview

Layer API keys authenticate your application’s requests to the Layer AI platform. Every request to Layer requires a valid API key in the Authorization header.

Key Format

Layer API keys follow this format:

layer_9e1417ca5c9b793875f12b6cf3185b9d...

All keys start with the layer_ prefix followed by 64 hex characters.

Creating a Key

From the Dashboard

Go to Dashboard → API Keys
Click Create New Key
Enter a name for the key (e.g., “Production”, “Development”, “CI/CD”)
Click Create

The full key is shown only once after creation. Copy it immediately and store it securely. You won’t be able to see the full key again.

After creation, only a masked prefix is displayed in the dashboard (e.g., layer_9e14...).

Using a Key

Include your API key in the Authorization header of every request:

Layer SDK
cURL
OpenAI SDK

import { Layer } from '@layer-ai/sdk';

const layer = new Layer({
  apiKey: process.env.LAYER_API_KEY
});

curl -X POST https://api.uselayer.ai/v3/chat \
  -H "Authorization: Bearer layer_your_key" \
  -H "Content-Type: application/json" \
  -d '{ ... }'

import OpenAI from 'openai';

const openai = new OpenAI({
  baseURL: 'https://api.uselayer.ai/v1',
  apiKey: process.env.LAYER_API_KEY,
});

Managing Keys

Multiple Keys

You can create multiple API keys for different environments or services. Each key has independent access to all your gates and resources.

Revoking a Key

To revoke a key, click the Delete button next to it in the dashboard. Revoked keys immediately stop working — any application using that key will receive authentication errors.

Last Used Tracking

The dashboard shows when each key was last used, helping you identify unused keys that should be cleaned up.

Security Best Practices

Never commit API keys to source control. Use environment variables or a secrets manager.
Use separate keys for development, staging, and production environments.
Rotate keys periodically. Create a new key, update your application, then revoke the old one.
Revoke unused keys. If a key hasn’t been used recently, consider deleting it.

API Keys vs Provider Keys

	Layer API Keys	Provider Keys (BYOK)
Purpose	Authenticate with Layer AI	Route through your own provider account
Format	`layer_...`	Provider-specific (e.g., `sk-proj-...`)
Count	Multiple allowed	One per provider
Affects billing	Uses your Layer plan quota	Charges appear on your provider account

For more on provider keys, see Bring Your Own Keys.

Getting Started

SDK Reference

Platform

Integrations

Provider Compatibility

Overview

Key Format

Creating a Key

From the Dashboard

Using a Key

Managing Keys

Multiple Keys

Revoking a Key

Last Used Tracking

Security Best Practices

API Keys vs Provider Keys

Getting Started

SDK Reference

Platform

Integrations

Provider Compatibility

​Overview

​Key Format

​Creating a Key

​From the Dashboard

​Using a Key

​Managing Keys

​Multiple Keys

​Revoking a Key

​Last Used Tracking

​Security Best Practices

​API Keys vs Provider Keys

Overview

Key Format

Creating a Key

From the Dashboard

Using a Key

Managing Keys

Multiple Keys

Revoking a Key

Last Used Tracking

Security Best Practices

API Keys vs Provider Keys