> ## Documentation Index
> Fetch the complete documentation index at: https://docs.iyzpdf.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get API Key

> Create, store, rotate, and send IyzPdf API keys safely.

Use API keys for every client integration shown in this documentation.

## Create A Key

1. Sign in at `https://portal.iyzpdf.com/login`.
2. Open the **API Keys** screen.
3. Enter a descriptive name such as `Production`, `Staging`, or `Billing Worker`.
4. Create the key and copy the full secret immediately.

The product currently allows up to **5 API keys** per account.

## What The Key Looks Like

Keys use the `iyz_live_` prefix:

```text theme={null}
iyz_live_your_key_here
```

## How To Send The Key

Include the key in the `X-API-Key` header on every request:

```http theme={null}
X-API-Key: iyz_live_your_key_here
```

## Storage Recommendations

* Store keys in server-side environment variables or a secret manager.
* Use separate keys for production and non-production environments.
* Use separate keys for different services when you want simpler rotation.
* Rotate a key immediately if you suspect exposure.
* Never commit keys to Git.
* Never expose keys in browser code.

## Rotation Pattern

Use a simple zero-downtime rotation flow:

1. Create a new key in the portal.
2. Deploy the new key to your service.
3. Confirm live traffic succeeds with the new key.
4. Deactivate or delete the old key.

## Backend-Only Usage

If your product has a browser frontend, your frontend should call **your own backend**. Your backend should then call IyzPdf with the API key. This keeps the secret out of the browser and lets you add your own authorization, quotas, and audit logging.