API keys_

API keys are secrets used by Appwrite Server SDKs and the Appwrite CLI to prove their identity. What can be accessed each API key is restricted by scopes instead of permissions.

API keys vs Dev keys

API keys and Dev keys are not the same and cannot be used interchangeably.

API keys permit access to Appwrite services in production environments, with access controlled through scopes to ensure secure and controlled server-side operations. Dev keys, conversely, are specifically designed to help you avoid abuse limits and CORS errors in test and development environments.

API keys are for server SDKs and the CLI in production environments, while Dev keys are for client SDKs in development environments.

Create API key

To create a new API key, navigate to Overview > Integration > API keys and click Create API key.

You can then use the API key to initialize the Appwrite client in your server-side apps.

When adding a new API Key, you can choose which scopes to grant your application. If you need to replace your API Key, create a new key, update your app credentials and, once ready, delete your old key.

Manage API keys with a Server SDK

You can also manage API keys programmatically using a Server SDK. This requires an API key with the keys.read and keys.write scopes.

List API keys

Get an API key

Create an API key

Update an API key

Delete an API key

Scopes

When adding a new API key, you choose which scopes to grant. Scopes are grouped by service, matching the categories shown in the Appwrite Console.