> ## Documentation Index
> Fetch the complete documentation index at: https://docs.gcore.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authenticate to functions with API keys

This guide explains how to add and edit API keys to protect function endpoints from unauthorized access.

## Create an API key

1. In the **Cloud** menu, go to **Function as a Service** > **API Keys** and click **Create API Key**.

<Frame>
  <img src="https://mintcdn.com/gcore/QIEAnezmG8Bl8nMk/images/docs/cloud/faas/authenticate-to-functions-with-api-keys/1.png?fit=max&auto=format&n=QIEAnezmG8Bl8nMk&q=85&s=93fee8ce9c24eb38751cf2f3f7306d88" alt="API keys for functions in the Cloud menu" width="4768" height="2276" data-path="images/docs/cloud/faas/authenticate-to-functions-with-api-keys/1.png" />
</Frame>

2. In **General**, specify the API key name (required) and description (optional).

<Frame>
  <img src="https://mintcdn.com/gcore/QIEAnezmG8Bl8nMk/images/docs/cloud/faas/authenticate-to-functions-with-api-keys/2.png?fit=max&auto=format&n=QIEAnezmG8Bl8nMk&q=85&s=e716c0ac3cda000066ece7f14f58d70a" alt="Fill in the general information about API keys" width="622" height="285" data-path="images/docs/cloud/faas/authenticate-to-functions-with-api-keys/2.png" />
</Frame>

3. In **Access to functions**, specify which functions can be authenticated using the given key.

<Frame>
  <img src="https://mintcdn.com/gcore/QIEAnezmG8Bl8nMk/images/docs/cloud/faas/authenticate-to-functions-with-api-keys/3.png?fit=max&auto=format&n=QIEAnezmG8Bl8nMk&q=85&s=cd74eaf57b120612cd99c79a66631ec9" alt="Specify functions that can be authorized with the API key" width="622" height="206" data-path="images/docs/cloud/faas/authenticate-to-functions-with-api-keys/3.png" />
</Frame>

4. For **Expiration**, set the date until when the API key remains valid. To keep the key indefinitely, select **Never expire**.

<Frame>
  <img src="https://mintcdn.com/gcore/QIEAnezmG8Bl8nMk/images/docs/cloud/faas/authenticate-to-functions-with-api-keys/4.png?fit=max&auto=format&n=QIEAnezmG8Bl8nMk&q=85&s=4d53daa29f05399f8bbfcba4a76bf875" alt="Set the expiration period for an API key" width="622" height="206" data-path="images/docs/cloud/faas/authenticate-to-functions-with-api-keys/4.png" />
</Frame>

5. Click **Create**.

6. Copy and save the key.

<Warning>
  The key is shown only once. Tokens are not stored, so the issuer is responsible for secure storage and usage.
</Warning>

The API key is now active. All requests to the function endpoint must include a valid API key in the `X-API-Key` header. Requests without a valid key receive a 401 error.

If an expiry date was set, a notification appears in the Customer Portal before it expires.

## Change API key settings

The description, expiration date, and functions accessible with a given key can all be updated after creation.

1. Go to the API key list, click the three dots next to the key you want to change, and click **Edit**.

<Frame>
  <img src="https://mintcdn.com/gcore/QIEAnezmG8Bl8nMk/images/docs/cloud/faas/authenticate-to-functions-with-api-keys/5.png?fit=max&auto=format&n=QIEAnezmG8Bl8nMk&q=85&s=802e5cf413b96ae31471a5ccc9d424aa" alt="Edit API key settings" width="1952" height="756" data-path="images/docs/cloud/faas/authenticate-to-functions-with-api-keys/5.png" />
</Frame>

2. Go to the tab you need and change the settings as follows:

* **General**: Change the key description.
* **Access to functions**: Change the functions that can be authenticated with the key.
* **Expiration**: Reset the expiry date.

3. Click **Save**.

## Delete an API key

1. Go to the API key list, click the three dots next to the key you want to delete, and click **Delete**.

<Frame>
  <img src="https://mintcdn.com/gcore/QIEAnezmG8Bl8nMk/images/docs/cloud/faas/authenticate-to-functions-with-api-keys/6.png?fit=max&auto=format&n=QIEAnezmG8Bl8nMk&q=85&s=03f40374ad7547d1215e3f64413bc9ba" alt="Delete an API key" width="1952" height="756" data-path="images/docs/cloud/faas/authenticate-to-functions-with-api-keys/6.png" />
</Frame>

2. Confirm the deletion.

## FAQs

1. **What should I do if I forget or lose my API key?**

Delete the key in the Customer Portal, create a new one and add it to the function.

2. **Can I revoke an API key if it was compromised?**

If your key was compromised, delete it in the Customer Portal, create a new one and add it to the function.

3. **How can I check if my API key is still valid?**

Valid keys have the status "Active" in the API key list. If an API key is no longer valid, it will have the status "Expired".
