API keys
Create, scope, rotate, and revoke API keys for server-side automation, with guidance on storing secrets safely and limiting access by environment.
API keys authenticate machine-to-machine calls. They are simpler than OAuth but easier to leak—never embed them in browsers or mobile apps.