API Keys

All requests to the ReddGrow API must be authenticated with an API key. Keys are created from your dashboard and are prefixed with rg_.

Create an API key

1. Sign up or log in at reddgrow.ai
2. Navigate to Settings > API Keys
3. Click Create new key
4. Give the key a descriptive name (e.g. production, dev-local, my-agent)
5. Copy the key immediately — it will not be shown again

Use your API key

Option 1 — CLI authentication

reddgrow auth login rg_your_api_key_here

The CLI stores the key securely in your local config. Subsequent commands will use it automatically.

Option 2 — Environment variable

export REDDGROW_API_KEY=rg_your_api_key_here

Set this in your shell profile (.zshrc, .bashrc) or your application's environment configuration. The CLI and SDK both pick up this variable automatically.

Option 3 — Request header

Pass the key directly in each HTTP request:

curl -H "x-api-key: rg_your_api_key_here" https://api.reddgrow.ai/agent/me

Manage existing keys

From Settings > API Keys you can:

• View all active keys and their last-used timestamp
• Rename a key
• Revoke a key immediately (takes effect within seconds)

Revoking a key permanently invalidates it. Any request using a revoked key will receive a 401 Unauthorized response.

Security best practices

• Never commit API keys to source control. Use environment variables or a secrets manager instead.
• Use one key per environment. Create separate keys for development, staging, and production so you can rotate or revoke them independently.
• Use CI/CD secrets. In GitHub Actions, store the key in repository secrets and reference it as ${{ secrets.REDDGROW_API_KEY }}. In other CI systems, use their equivalent secrets store.
• Rotate keys periodically. Create a new key, update your environment, then revoke the old one.
• Monitor usage. Unexpected credit consumption may indicate a leaked key.