Skip to main content

Creating API Keys

Learn how to create API keys for accessing WAYSCloud services. This guide covers the dashboard method and best practices for storing your keys securely.

Overview

API keys are your credentials for accessing WAYSCloud services programmatically. Each key can be scoped to specific services (Storage, LLM, Database, DNS, GPU).

Prerequisites

  • ✅ Active WAYSCloud account
  • ✅ Verified email address
  • ✅ Active subscription or credits

Creating API Keys via Dashboard

Step 1: Log In

  1. Navigate to my.wayscloud.services
  2. Enter your email and password
  3. Complete two-factor authentication (if enabled)

Step 2: Navigate to API Keys

  1. Click API Keys in the left sidebar
  2. View your existing API keys (if any)
  3. Click Create New API Key button

Step 3: Configure Your API Key

Fill in the API key creation form:

1. API Key Name (Required)

Enter a descriptive name to identify this key:

✅ Good examples:
- "Production Storage API"
- "Development LLM Testing"
- "Backup Script Database Access"

❌ Bad examples:
- "key1"
- "test"
- "asdf"

2. Service Selection (Required)

Select which services this key can access:

ServiceWhat it enables
StorageS3-compatible object storage (upload/download files)
LLMLarge language models (chat completions, streaming)
DatabasePostgreSQL/MariaDB management (create, snapshots, backups)
DNSDomain management (zones, records, DNSSEC)
GPUGPU-accelerated services (video, TTS, transcription)
Security Tip

Create separate keys for each service or application for better security and easier management.

3. Description (Optional)

Add notes about where this key will be used:

Examples:
- "Used by production web app for image storage"
- "CI/CD pipeline database provisioning"
- "Personal scripts for LLM experiments"

4. IP Whitelist (Optional, Advanced)

Restrict API key usage to specific IP addresses:

# Single IP
203.0.113.42

# CIDR range
203.0.113.0/24

# Multiple IPs (comma-separated)
203.0.113.42, 198.51.100.10

Leave empty to allow all IPs.

Step 4: Create and Copy Your Key

  1. Review your settings
  2. Click Create API Key
  3. IMMEDIATELY COPY THE API KEY - it's shown only once!
wayscloud_storage_a1b2c3d4_XyZ789SecretKeyThatYouMustCopyNow123456
  1. Click I have saved my API key to confirm
Critical

The API key secret is shown only once. If you lose it, you must delete the key and create a new one. There is no way to retrieve it later.

Step 5: Store Your Key Securely

Choose a secure storage method:

Password Manager (Recommended for personal use)

  • 1Password, Bitwarden, LastPass, KeePass

Secrets Management (Recommended for production)

  • HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, Google Secret Manager

Environment Variables (For development)

# Linux/macOS - Add to ~/.bashrc or ~/.zshrc
export WAYSCLOUD_API_KEY="wayscloud_storage_a1b2c3d4_YourSecretKey"

# Windows PowerShell
$env:WAYSCLOUD_API_KEY = "wayscloud_storage_a1b2c3d4_YourSecretKey"

.env File (For local development)

# Create .env file
WAYSCLOUD_API_KEY=wayscloud_storage_a1b2c3d4_YourSecretKey

# Add to .gitignore (IMPORTANT!)
echo ".env" >> .gitignore

Verifying Your API Key

Test your new API key:

export WAYSCLOUD_API_KEY="your_key_here"

# Test Storage API
curl -X GET "https://api.wayscloud.services/v1/storage/" \
  -H "Authorization: Bearer $WAYSCLOUD_API_KEY"

# Expected: 200 OK with list of buckets

Managing API Keys

Viewing Existing Keys

  1. Go to my.wayscloud.services/api-keys
  2. See all active keys with:
    • Name and description
    • Service permissions
    • Creation date
    • Last used date
    • IP whitelist (if configured)

Revoking API Keys

If a key is compromised or no longer needed:

  1. Go to API Keys in dashboard
  2. Find the key to revoke
  3. Click Revoke or Delete
  4. Confirm the action
warning

Revoking is immediate and cannot be undone. All applications using that key will stop working.

Rotating API Keys

Best practice: Rotate keys every 90 days

Rotation Steps:

  1. Create a new API key with same permissions
  2. Update your applications to use new key
  3. Test thoroughly in staging environment
  4. Deploy to production
  5. Monitor for 7 days (grace period)
  6. Delete the old key

Security Best Practices

✅ Do This

  1. Use descriptive names - Easily identify keys later
  2. Create separate keys - One per service/application
  3. Rotate regularly - Every 90 days minimum
  4. Use IP whitelisting - When possible
  5. Store securely - Password manager or secrets management
  6. Monitor usage - Check dashboard regularly
  7. Use environment variables - Never hardcode keys

❌ Don't Do This

  1. Never commit to git - Keys should never be in repositories
  2. Never share keys - Create separate keys for each user
  3. Never hardcode - Always use environment variables
  4. Never log keys - Sanitize logs
  5. Never email keys - Use secure sharing methods only

Troubleshooting

Key Creation Failed

Problem: "Failed to create API key"

Solutions:

  • Check you have an active subscription
  • Verify email is confirmed
  • Check quota limits (max 50 keys per account)
  • Contact support if issue persists

Key Not Working

Problem: 401 Unauthorized error

Solutions:

# Verify key format
echo $WAYSCLOUD_API_KEY
# Should start with: wayscloud_{service}_

# Check Authorization header format
Authorization: Bearer wayscloud_storage_abc123_secret

# Common mistakes:
# ❌ Authorization: wayscloud_storage_abc123_secret (missing Bearer)
# ❌ Authorization: Bearer  wayscloud_storage_abc123_secret (extra space)
# ❌ Authorization: bearer wayscloud_storage_abc123_secret (lowercase)

Permission Denied

Problem: 403 Forbidden error

Solutions:

  • Verify key has correct service enabled
  • Using storage key? Must have "Storage" checked during creation
  • Using LLM key? Must have "LLM" checked during creation
  • Create new key with correct services if needed

Next Steps

Support

Need help with API keys?