API & Key Management

This page separates user-level keys from organization-level API access.

Core functions

• personal API keys for users
• organization API keys (User Management API, if enabled)
• connection management for integrated services and OAuth-based MCP connections

Admin practice

• rotate keys regularly
• grant API access only for concrete integration needs
• revoke unused keys quickly

External provider keys

Workspace admins can store their own API keys for external translation services (e.g., DeepL). See Translation Settings for details.

Technical Deep Dive

• API Overview
• API Authentication
• User Management API