Generate API Keys

Flexsee uses prefix-hashed API keys for authenticating requests to the client API. Each key belongs to an organization and can be managed from the dashboard.

Create a key

Open Settings → API Keys in the Flexsee dashboard.
Click Generate API key.
Optional: add a label to describe the integration (e.g., Production Server, QA Load Tests).
Copy the secret immediately. Flexsee stores only the bcrypt hash—fk_ secrets are never displayed again.
Provide the secret to your service as an environment variable.

Keys are prefixed (example: fk_cf61f039…). The UI shows the prefix and label so you can identify keys without revealing the full secret.

Use the key

Authorization: Bearer fk_xxxxxxxxxxxxxxxxx

X-Flexsee-Api-Key: fk_xxxxxxxxxxxxxxxxx

Every client API route accepts either header. The guard records the key prefix in billing metadata and updates the last_used_at timestamp in Postgres.

Rotate or revoke

Use the Revoke key button next to any active key.
Revocation is immediate—calls with the revoked secret begin returning 401.
Create replacement keys before revoking to avoid downtime.

Audit trails

last_used_at is updated automatically on each successful call. You can review the timestamp in the dashboard or query the api_keys table for deeper analysis.

Create a key​

Use the key​

Rotate or revoke​

Audit trails​

Create a key

Use the key

Rotate or revoke

Audit trails