API Keys
API keys are managed in the Developer Portal dashboard. There is no public REST API for key CRUD using API-key authentication — use the portal (Clerk sign-in).
Create a key
- Open API Keys in the portal.
- Choose a name, environment (live or test), and optional scopes.
- Copy the full secret when shown — it will not be displayed again.
List, revoke, and rotate
- List active and revoked keys with metadata (prefix, scopes, last used).
- Revoke keys you no longer need — revoked keys return API_KEY_INVALID.
- Rotate generates a new secret for the same key record; update your servers before revoking the old secret.
Scopes
Scopes restrict what a key can do. Default keys receive all standard scopes:
- assets:create
- assets:read
- video:create
- video:read
- split:create
- split:read
- jobs:read
- usage:read
- webhooks:read
- webhooks:write
Missing scope returns INSUFFICIENT_SCOPE. Legacy scope names from early keys are still accepted internally.
Limits
Team and Custom plans allow up to 10 active API keys per organization (see Usage).
Environments
live keys use the flk_live_ prefix; test keys use flk_test_. Use test keys while building integrations. Test keys are not a billing sandbox — credits are charged to your organization the same as live keys. Buy more credits in the main app billing if needed.