# API Keys API keys provide a secure and flexible way to authenticate requests to the OLI API. They serve as an alternative to bearer tokens, allowing users to manage long-lived authentication credentials for various use cases. Here's an overview of API key functionality This token can passed using the Authorization header to all endpoints {% hint style="info" %} This token can passed using the Authorization header to all endpoints {% endhint %} | Header Key | Header Value | | ------------- | ------------------ | | Authorization | `API-KEY ` | ### **Features of API Keys** 1. **Generation**: * API keys can be generated by authenticated users via a [`POST` request.](/authentication/api-keys/generate-a-key.md) * Keys can be customized with a name and an optional expiry date (in epoch milliseconds). 2. **Management**: * A user can have up to **5 active API keys** at a time. * The list of active and deleted API keys can be retrieved via the [`GET` endpoint.](/authentication/api-keys/list-all-keys.md) 3. **Deletion**: * API keys can be deleted when no longer needed using the [`DELETE` endpoint.](/authentication/api-keys/delete-a-key.md) * Deleted keys are immediately invalidated. ### **Security Best Practices** * **Use expiration dates** to limit the lifespan of API keys. * Regularly **review and delete unused keys** to minimize security risks. * Store API keys securely; they are only visible at the time of creation. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://devdocs.olisystems.com/authentication/api-keys.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.