Skip to main content
Chance authenticates API requests with a per-account API key sent in the x-api-key header.

Creating a key

  1. Sign in to the dashboard.
  2. Click Create API key.
  3. Copy the key — it starts with chance_sk_ and is shown only once.
Keys are secrets. Store them server-side (environment variables, a secrets manager) and never expose them in browser or mobile code. Only a hash of your key is ever stored on our side, so we can’t recover a lost key — create a new one and revoke the old.

Revoking a key

Revoke any key from the dashboard. Revocation is immediate; requests with a revoked key return 401.

Scoping

Each key is scoped to the account that created it and draws on that account’s credits. Use separate keys per service so you can revoke one without disrupting the others.