Product

API keys

API keys authenticate the CLI and REST API. They are tied to your workspace and inherit your scan credits and target limits.

Create a key

  1. Open Settings → API keys in the app.
  2. Generate a new key and copy it immediately. It is shown only once.
  3. Store it in a password manager or CI secret—never commit keys to git.

Use a key

CLI:

slate config set-key ba_your_key_here

Or set an environment variable:

export SLATE_API_KEY=ba_your_key_here
export SLATE_API_URL=https://api.slatesecurity.ai

API requests send Authorization: Bearer ba_…. See Authentication.

Revoke a key

Revoke keys you no longer need from the API keys settings page. Revocation takes effect immediately; update CI secrets and local config if you rotate keys.