Skip to content
CryptGPT

API Keys

API Keys

Getting an API Key

  1. Visit cryptgpt.co/pricing
  2. Choose a tier (Free, Lite, or Pro)
  3. Complete checkout (Lite/Pro) or get started immediately (Free)
  4. Your API key will be provided

Key Format

API keys are 32-character lowercase hex strings:

a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4

Using Your Key

Include your API key in the Authorization header:

Terminal window
curl https://cryptgpt.co/v1/chat/completions \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"model": "gemma-4-26b", "messages": [{"role": "user", "content": "Hello"}]}'

Security Best Practices

  1. Never commit API keys to version control
  2. Use environment variables to store keys
  3. Rotate keys periodically
  4. Use different keys for different environments
  5. Monitor usage for unexpected activity

Rotating Keys

To rotate your API key:

Terminal window
curl -X POST https://cryptgpt.co/admin/keys/rotate \
  -H "Authorization: Bearer YOUR_API_KEY"

This will:

  1. Invalidate your current key
  2. Generate a new key
  3. Return the new key (shown only once)

Revoking Keys

Contact support to revoke your API key. Revoked keys cannot be restored.

Key Prefix

API keys use a prefix-based lookup system for fast validation:

  • First 8 characters are stored in plaintext for lookup
  • Full key is verified using Argon2id hashing
  • This provides both security and performance