Skip to main content
Navigate to Settings → API Keys to manage your API access tokens for programmatic access to Kasava. API Keys settings page showing list of keys

Viewing Your API Keys

The API Keys page displays all your active keys with the following information:
FieldDescription
NameThe descriptive name you assigned to the key
Key PrefixA masked preview showing only the key prefix (e.g., ksa_****)
CreatedWhen the key was created
Last UsedWhen the key was last used for an API request
ExpiresThe expiration date, if one was set
StatusVisual badges indicating if a key is Expired or Expiring soon

Creating an API Key

1

Open API Keys

Go to Settings → API Keys
2

Click Create

Click Create API Key (or Create New API Key if you already have keys)
3

Enter a Name

Provide a descriptive name to help you identify this key (e.g., “Production Server”, “CI/CD Pipeline”, “Local Development”)
4

Set Expiration (Optional)

Click the date picker to set an expiration date for the key. If left empty, the key will never expire.
5

Create and Copy

Click Create API Key. Your new key will be displayed. Copy it immediately using the copy button.
Your API key is only displayed once at creation. Store it securely in a password manager or secrets vault. You cannot retrieve the key again - if you lose it, you’ll need to regenerate or create a new key.
Create API Key dialog showing name input and expiration date picker

Viewing API Key Usage

Monitor how your API keys are being used:
1

Open Key Menu

Click the (three dots) menu button on the key you want to inspect
2

Select View Usage

Click View Usage to open the usage statistics dialog
The usage dialog displays:
MetricDescription
Total RequestsAll-time number of API requests made with this key
Requests TodayNumber of requests made in the current day
This MonthNumber of requests made in the current month
Last UsedThe exact date and time the key was last used
If an API key shows no usage, ensure you’re including it in your requests using the X-API-Key header.

Regenerating an API Key

If you suspect a key has been compromised or need to rotate keys:
1

Open Key Menu

Click the (three dots) menu button on the key
2

Select Regenerate

Click Regenerate from the dropdown menu
3

Confirm

Review the warning that the current key will be invalidated, then click Regenerate
4

Copy New Key

Copy your new API key immediately - it won’t be shown again
Regenerating a key immediately invalidates the old key. Any applications using the old key will stop working and will need to be updated with the new key.

Deleting an API Key

1

Open Key Menu

Click the (three dots) menu button on the key
2

Select Delete

Click Delete from the dropdown menu
3

Confirm Deletion

Review the warning, then click Delete to permanently remove the key
Deleting an API key is permanent and cannot be undone. Any applications using this key will no longer be able to authenticate.

Using API Keys

Include your API key in the X-API-Key header when making requests: 
curl -H "X-API-Key: your-api-key" https://api.kasava.dev/v1/repositories

Best Practices

  1. Use descriptive names - Name keys after their purpose (e.g., “GitHub Actions CI”, “Production Backend”)
  2. Set expiration dates - For temporary access or compliance requirements, set keys to expire
  3. Rotate regularly - Regenerate keys periodically to limit exposure if a key is compromised
  4. Monitor usage - Check usage statistics to detect unexpected activity
  5. Never commit keys - Store API keys in environment variables or secrets managers, never in code

General Settings

Account preferences

Organization

Team and usage management