> ## Documentation Index
> Fetch the complete documentation index at: https://docs.scrapegraphai.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Managing your API keys

> How to create, rotate, and revoke your ScrapeGraphAI API keys

Your API key authenticates every request you make to the ScrapeGraphAI API. Keep it secure and rotate it if you suspect it has been compromised.

## Finding your API key

1. Log in to the [ScrapeGraphAI dashboard](https://scrapegraphai.com/dashboard).
2. Navigate to **Settings**.
3. Your API key is displayed in the **API Key** section.

## Using your API key

Pass the key in the `SGAI-APIKEY` header for direct API calls. The v2 SDKs read it automatically from the `SGAI_API_KEY` environment variable — you can also pass it explicitly to the factory.

<CodeGroup>
  ```python Python theme={null}
  from scrapegraph_py import ScrapeGraphAI

  # Reads SGAI_API_KEY from env, or pass explicitly:
  sgai = ScrapeGraphAI(api_key="your-api-key")

  res = sgai.extract("Extract the title", url="https://example.com")
  ```

  ```javascript JavaScript theme={null}
  import { ScrapeGraphAI } from "scrapegraph-js";

  // Reads SGAI_API_KEY from env, or pass explicitly:
  const sgai = ScrapeGraphAI({ apiKey: "your-api-key" });

  const res = await sgai.extract({
    url: "https://example.com",
    prompt: "Extract the title",
  });
  ```

  ```bash cURL theme={null}
  curl -X POST https://v2-api.scrapegraphai.com/api/extract \
    -H "SGAI-APIKEY: your-api-key" \
    -H "Content-Type: application/json" \
    -d '{"url": "https://example.com", "prompt": "Extract the title"}'
  ```
</CodeGroup>

## Keeping your key secure

* **Never commit your API key** to a public repository. Use environment variables instead:

```bash theme={null}
# .env
SGAI_API_KEY=your-api-key-here
```

```python theme={null}
from scrapegraph_py import ScrapeGraphAI

# Picks up SGAI_API_KEY from the environment automatically
sgai = ScrapeGraphAI()
```

* **Never expose your key in frontend code**. Make API calls from a server or backend function.
* **Add `.env` to your `.gitignore`** to avoid accidentally committing secrets.

## Rotating your API key

If your key has been exposed or you want to rotate it for security:

1. Go to **Settings** in the [dashboard](https://scrapegraphai.com/dashboard).
2. Click **Regenerate API Key**.
3. Copy the new key immediately — it will only be shown once.
4. Update all services and environment variables that use the old key.
5. The old key will be invalidated immediately.

<Warning>
  Rotating your key will invalidate the old one. Any service still using the old key will start receiving `401 Unauthorized` errors.
</Warning>