HITL Logo
HITLHuman‑in‑the‑Loop

Managing API Keys

Programmatically interact with HITL. Build integrations, automate tasks, and connect external applications to your agents.

🔑What are API Keys?

🔌

Build Integrations

Connect HITL with your apps and services

Automate Tasks

Trigger agent actions from scripts and workflows

🌐

External Access

Access HITL from external applications

API Key Management Interface

API key management interface

🧭Getting to API Keys

1

Open Agents Tab

From bottom navigation bar

2

Tap API Keys

In settings menu or top of screen

📋API Key Management Screen

Your central hub for all API key-related activities

📭Empty State

If you haven't created any keys yet, you'll see a message prompting you to create your first one

📝Key List View

Each key entry shows:

Key Name: Descriptive name you provided
Key Prefix: First few characters for identification
Creation Date: When it was created

Creating a New API Key

1

Tap Create Button

On the API Key Management screen, tap Create New API Key

2

Name Your Key

Enter a descriptive name (e.g., "GitHub Workflow Integration" or "Personal Automation Script")

3

Confirm Creation

Tap Create to generate the key

⚠️IMPORTANT: Your New API Key

After you create the key, you'll see the full API key displayed.

🔒

This is the only time the full key will ever be displayed. For security reasons, the app will not store or show the full key again.

💾

You must copy this key and store it in a secure location immediately, such as a password manager.

🔄

If you lose the key, you will have to revoke it and create a new one.

🗑️Revoking an API Key

If a key is no longer needed or you suspect it has been compromised, revoke it immediately. This permanently disables the key.

1

Open Management Screen

Go to the API Key Management screen

2

Find the Key

Locate the key you wish to revoke in the list

3

Tap Revoke

Tap the Revoke button or icon for that key

4

Confirm

Confirm in the dialog that appears

The key will be removed from the list and will no longer be able to access the HITL service.

🔐Security Best Practices

🔑Treat Like Passwords

API keys grant access to your account and agents. Handle them with the same care as passwords.

🚫Never Share Keys

Don't expose keys in client-side code, public GitHub repositories, or forum posts.

🔄Rotate Regularly

Periodically revoke old keys and create new ones to minimize compromise risk.

📝Descriptive Names

Use clear names so you can easily identify and revoke keys when needed.