Prerequisites
Before creating an API key, make sure you:
- Have a BabySea account (personal or team).
- Are signed in to the dashboard.
- Have an owner-level role on the account. Members can view the page, but cannot create or manage keys.
Step by step
Open API keys
Navigate to API keys in the sidebar.
Click Create API key
Click Create API key in the top right corner. The dialog title is Add API key.
Fill in the Name field
Enter the Name value for the key. The current dashboard accepts up to 100 characters.| Example name | Use case |
|---|
prod-api-worker | Production backend generating images |
dev-frontend | Development environment |
staging-monitor | Staging health checks |
analytics-reader | Dashboard that reads usage data |
Choose Permissions
Select one of the built-in permission presets from the Permissions section:| Preset | Dashboard description |
|---|
Full Access | All permissions - read, write, delete |
Generate Only | Create & read generations + browse models |
Read Only | Read generations, account info, health - no spending |
Monitor Only | Health checks & model catalog - no account data |
Optional - add an IP allowlist
Use the IP allowlist (optional) field if you want the key to work only from specific IPs. Enter the list as comma-separated values:203.0.113.10, 198.51.100.5, 2001:db8::1
Click Add
Click Add to create the key.
Store the key
After creation, BabySea opens the View API key dialog and shows the full secret once:bye_a1B2c3D4e5F6g7H8i9J0k1L2m3N4o5P6q7R8s9
Show value and Hide value- A copy button
- The final action Done
Store the key somewhere safe before you close the dialog.This is the only time the full key is shown. Once you close this dialog, the raw key cannot be retrieved.
Using your key
With the SDK
import { BabySea } from 'babysea';
const client = new BabySea({
apiKey: process.env.BABYSEA_API_KEY,
region: 'us',
});
const result = await client.generate('bfl/flux-schnell', {
generation_prompt: 'A baby seal on a sunny beach',
});
With cURL
curl -X POST https://api.us.babysea.ai/v1/generate/image/bfl/flux-schnell \
-H "Authorization: Bearer bye_your_api_key" \
-H "Content-Type: application/json" \
-d '{"generation_prompt": "A baby seal on a sunny beach"}'
With Python
import requests
response = requests.post(
"https://api.us.babysea.ai/v1/generate/image/bfl/flux-schnell",
headers={
"Authorization": "Bearer bye_your_api_key",
"Content-Type": "application/json",
},
json={"generation_prompt": "A baby seal on a sunny beach"},
)
print(response.json())
Verify the new key
Before sending generation traffic, verify the key with GET /v1/status:
curl https://api.us.babysea.ai/v1/status \
-H "Authorization: Bearer bye_your_api_key"
Store your key securely
Environment variable
Secrets manager
Add the key to your .env file (make sure .env is in your .gitignore):BABYSEA_API_KEY=bye_your_api_key
const client = new BabySea({
apiKey: process.env.BABYSEA_API_KEY!,
region: 'us',
});
Use a secrets manager such as AWS Secrets Manager, HashiCorp Vault, 1Password, or Vercel Environment Variables. Reference the secret at runtime instead of embedding it in code.
Never commit API keys to version control, embed them in client side code, or share them in plain text (Slack, email, etc.).
After creation
Your new key appears in the API keys table. From that table, owners can later:
- Rotate the key to create a replacement key and keep the old key working for 24 hours.
- Revoke the key to disable it immediately.
- Delete the key to permanently remove it and all associated logs.
The table also shows the key prefix, creation time, status, last-used time, and any stored IP allowlist values.