API Key Management

Add, rotate, and secure your LLM provider API keys in LumenFlow.

Adding an API key#

  1. Go to Settings → Model Configuration
  2. Select your provider
  3. Paste your API key
  4. Click Save

LumenFlow validates the key by making a lightweight test call to the provider. If validation fails, you'll see the specific error.

Key security#

Your API key is encrypted with industry-standard encryption before storage. The encryption is workspace-specific, so keys cannot be accessed across workspaces. Encryption keys are stored separately from your data, providing multiple layers of protection.

Rotating keys#

To rotate your API key:

  1. Generate a new key from your provider's dashboard
  2. Go to Settings → Model Configuration
  3. Click Update Key
  4. Paste the new key
  5. The old key is immediately discarded

Revoking access#

If you suspect a key is compromised:

  1. Revoke the key at your provider's dashboard immediately
  2. Update the key in LumenFlow settings
  3. Check the audit trail for unexpected actions

warning Never share your API key in chat messages, emails, or documentation. LumenFlow will never ask for your key outside the settings page.