Learn about managing your API keys to authenticate requests with WorkOS
WorkOS authenticates your API requests using your account's API keys. If you do not include your correct key when making an API request, or if you use an incorrect key, WorkOS will return a
Your WorkOS account has two types of API keys: publishable and secret.
- Publishable keys are only meant to identify your account with WorkOS. They aren't secret, and can safely be made public in any of your client-side code. Publishable keys are prepended with
- Secret keys can perform any API request to WorkOS. They should be kept confidential, and only stored on your application's servers. Secret keys are prepended with
Your account has a total of four keys: a publishable key and secret key pair each for your Default Project and Demo Project environments. Each API request made to a Default or Demo Project only exists in its separate environment. Any actions or objects in one environment cannot be changed by actions or objects in the other.
Your API keys are available in your Developer Dashboard. WorkOS includes example API keys in our example code if you're not logged in. Replace these example keys with your own or log in to read code examples that contain your own Demo environment API key.
We recommend using only your Demo Project API keys for testing and development. This ensures that live customer data in your Default Project aren't accidentally modified.
WorkOS uses your Project ID to uniquely identify the application that corresponds to your WorkOS project. Your Project ID is used when integrating SSO to construct a unique authorization URL for your application, as well as to retrieve user profiles after a successful authentication.
Your account has two Project IDs: one ID each for your Default Project and Demo Project environments. Each Project ID and its associated application exists in its separate environment. Any actions made in one environment will not affect the other environment.
Your Project ID is available in your Developer Dashboard's SSO Configuration page.
Like API keys, we recommend using only your Demo Project ID for testing and development.