API Keys: Authenticate Requests to Forjinn
Generate and manage API keys to authenticate your application's requests to Forjinn flows. Learn how to create, use, rotate, and delete keys securely.
API keys let your applications and integrations authenticate with Forjinn. When you embed a chatflow in a product, call a flow from a script, or connect a third-party tool, you include an API key in the request header. Forjinn validates the key before executing the flow.
Each API key is scoped to the workspace it was created in. A key created in the Production workspace cannot be used to call flows in the Staging workspace.
Generate an API key
You need the apikeys:create permission.
In the left sidebar, navigate to API Keys.
Select Add New Key in the top-right corner.
Enter a descriptive name so you can identify the key later — for example, "Production web app" or "CI integration".
The key is shown once immediately after creation. Copy it to a secure location (such as your app's secrets manager). Forjinn does not show the full key again after you leave this page.
Store your API key securely. Treat it like a password — do not commit it to version control, include it in client-side code, or share it in chat. If a key is compromised, delete it and generate a new one.
Use the API key in requests
Include your API key in the Authorization header of every request to the Forjinn API:
Authorization: Bearer <your-api-key>Here is an example calling a chatflow prediction endpoint:
curl -X POST \
https://your-forjinn-host/api/v1/prediction/<chatflow-id> \
-H "Authorization: Bearer <your-api-key>" \
-H "Content-Type: application/json" \
-d '{"question": "What is the status of my order?"}'import requests
response = requests.post(
"https://your-forjinn-host/api/v1/prediction/<chatflow-id>",
headers={
"Authorization": "Bearer <your-api-key>",
"Content-Type": "application/json",
},
json={"question": "What is the status of my order?"},
)
print(response.json())const response = await fetch(
"https://your-forjinn-host/api/v1/prediction/<chatflow-id>",
{
method: "POST",
headers: {
"Authorization": "Bearer <your-api-key>",
"Content-Type": "application/json",
},
body: JSON.stringify({ question: "What is the status of my order?" }),
}
);
const data = await response.json();Replace <your-api-key> with the key you generated, and <chatflow-id> with the ID of the flow you want to call. You can find a chatflow's ID in its settings panel inside the Forjinn canvas.
Rename a key
You need the apikeys:create or apikeys:update permission.
Navigate to API Keys in the sidebar.
Click the edit icon next to the key you want to rename.
Enter a new name and click Save. The key value itself does not change — only the display name is updated.
Rotate a key
Forjinn does not rotate keys in place. To replace a key:
Generate a new key following the steps above. Give it a name that indicates it is the replacement — for example, "Production web app (new)".
Replace the old key value with the new one in every application or service that uses it.
Once you have confirmed the new key works, delete the old one (see below).
Keep both keys active in parallel during rollout so you can update services without downtime.
Delete a key
You need the apikeys:delete permission.
Navigate to API Keys in the sidebar.
Click the delete icon next to the key and confirm. Any request that uses this key will immediately receive a 401 Unauthorized response.
Import keys from a JSON file
You can bulk-import API keys from a JSON export. This is useful when migrating between environments.
You need the apikeys:import permission.
Navigate to API Keys in the sidebar.
Select Import and choose your JSON file.
Select how to handle keys that already exist in the workspace:
- Add new only — imports only keys that do not exist yet
- Overwrite if exists — replaces existing keys with the imported values
- Replace all — deletes all existing keys, then imports
- Error if exists — aborts the import if any key name already exists
Click Import to apply.
Replace all permanently deletes all existing API keys before importing. Any applications using the old keys will stop working immediately.
API keys vs. gateway keys
Forjinn has two distinct types of keys:
| API keys | Gateway keys | |
|---|---|---|
| Purpose | Authenticate requests to Forjinn flows via the Forjinn API | Authenticate requests through the API Gateway (LiteLLM proxy) |
| Managed in | API Keys section (sidebar) | API Gateway section |
| Used for | Calling chatflows and agentflows from your application | Routing LLM requests through the unified gateway endpoint |
| Scoped to | A workspace | A gateway configuration |
Use API keys when you are calling Forjinn flows directly. Use gateway keys when you are routing requests to LLM providers through Forjinn's API Gateway.
Permissions reference
| Permission | What it allows |
|---|---|
apikeys:view | View API keys in the current workspace |
apikeys:create | Create new API keys |
apikeys:update | Rename existing API keys |
apikeys:delete | Delete API keys |
apikeys:import | Import API keys from a JSON file |