Api Keys
Use Api Keys when an external system needs to call Siesta AI without an interactive user login. Typical examples are backend integrations, scheduled jobs, webhook-style handoffs, or internal services that need to create or read Siesta AI objects through the external API.
An API key belongs to the organization and is tied to the user who created it. In backend integrations, API key authentication is used for /api/v1 requests by sending the key together with the organization id.
Use the tab to:
- create a named API key for a specific integration or environment,
- search existing keys by name,
- reveal or copy a key value for setup,
- delete a key that is no longer used,
- check when a key was created.
For external API calls, send these headers:
X-Api-Key: <api-key-value>
X-Org-Id: <organization-id>
Keep API keys out of prompts, public docs, screenshots, frontend code, and shared chat messages. Store them in the calling system's secret manager or environment variables. If a key is exposed, create a replacement key, update the integration, and delete the old key.
Recommended naming pattern:
<system>-<environment>-<purpose>
Examples:
crm-prod-syncdatawarehouse-dev-importwebhooks-prod-dispatch
