API Key Management API key generation, storage, validation, and lifecycle management for authenticating with CosmicAC services. API keys authorize requests to your inference endpoints and track usage.
API keys use the following format:
ttr-proj-<base64_encoded_36_random_bytes> ttr-proj-a8F3kL9mNpQrStUvWxYz1234567890abcdef The API key system supports the following capabilities:
Capability Description Dual Storage Stores keys in local SQLite and distributed HyperDB/Autobase Security Hashes keys with HMAC-SHA256 using configurable secrets Lifecycle Operations Create, validate, revoke (soft delete), update Rate Limiting Limits key creation to 5 keys per minute per user
Field Type Description apiKeyIdstring Unique identifier (key_<hex>) apiKeystring HMAC-SHA256 hashed value projectIdstring Associated project UUID userIdstring Owner user ID statusenum active or revoked createdAttimestamp Key creation time expiryAttimestamp Key creation time lastUsedAttimestamp Last usage time revokedAttimestamp Revocation time (if revoked)
{ "apiKeyId" : "key_<hex>" , "apiKey" : "hashed_value" , "projectId" : "project_uuid" , "userId" : "user_id" , "status" : "active|revoked" , "createdAt" : "timestamp" , "expiryAt" : "timestamp" , "lastUsedAt" : "timestamp" , "revokedAt" : "timestamp" } Field Type Description idstring Unique identifier (key_<hex>) apiKeyIdstring Associated key ID projectIdstring Associated project UUID userIdstring Owner user ID timestampinteger Unix timestamp datestring Key creation time hourinteger Hour of day (0-23) tokensIninteger Input tokens consumed tokensOutinteger Output tokens generated requestsinteger Number of requests
{ "id" : "usage_<hex>" , "apiKeyId" : "key_<hex>" , "projectId" : "project_uuid" , "userId" : "user_id" , "timestamp" : 1704067200 , "date" : "2025-01-01" , "hour" : 14 , "tokensIn" : 150 , "tokensOut" : 320 , "requests" : 1 } Status Description activeThe key is valid and can be used for authentication. revokedThe key is soft-deleted and rejected on validation.
