Skip to main content

How API Keys Work

When you purchase access to a knowledge base, Ardie issues you a scoped API key. This key is your credential for querying that specific knowledge base via the API.

Key Principles

Ardie-Issued

All API keys are issued by Ardie. You never receive supplier infrastructure keys or direct access to publisher systems.

Scoped Access

Each key grants access to exactly one knowledge base. If you purchase access to multiple knowledge bases, you’ll have separate keys for each.

Revocable

Keys can be revoked at any time from your dashboard if compromised or no longer needed.

API Key Format

Your API key will look something like: 
ardie_sk_live_abc123xyz789...
The prefix indicates:
  • ardie_ — Issued by Ardie
  • sk_ — Secret key (keep confidential)
  • live_ — Production key (vs test_ for sandbox)

Managing Your Keys

Access your API keys from the Dashboard. For each key, you can see:
FieldDescription
Knowledge BaseWhich KB this key grants access to
Created AtWhen the key was issued
Last UsedMost recent API call with this key
PrefixFirst few characters for identification
Never expose your API key in client-side code, public repositories, or logs. Treat it like a password.

Security Best Practices

1

Use Environment Variables

Store your API key in environment variables, not in code:
export ARDIE_API_KEY="ardie_sk_live_..."
2

Rotate Keys Periodically

If you suspect a key may be compromised, revoke it immediately and generate a new one.
3

Use Server-Side Only

Make API calls from your backend server, never from browser JavaScript or mobile apps.

Next Steps

Authentication

Learn how to use your API key in requests

Rate Limits

Understand usage caps and limits