Skip to main content
Organization and project-level API keys are an Enterprise feature. Enterprise subscriptions allow you to set API keys at both a project level and organization level.

How do I set organization-level API keys?

To set organization-level API keys, you must have an Enterprise subscription and be an organization admin or owner.
If you set an API key at the organization level, any projects in this organization will use this API key unless an API key is added at the project level.
  1. First, click ‘Settings’ in the sidebar of Relevance AI
  2. Then, click ‘Integrations control’
  3. Navigate to the integration you want to set an API key for and toggle it on
  4. Enter the API key on the pop-up that appears, and click ‘Save’

How do I set project-level API keys?

To set project-level API keys, you must have an Enterprise subscription and be an organization admin or owner, or project admin or editor.
If you set an API key at the project level, this will override the organization level API key.
  1. First, navigate to your project in Relevance AI and click ‘Integrations & API Keys’
  2. Then, navigate to the integration you want to set an API key for
  3. Enter the API key on the pop-up that appears, and click ‘Save’

Custom API Keys

Custom API Keys allow you to securely store and use API credentials from external services in your agents and tools. Understanding how these keys are accessed and shared within your projects is important for maintaining security.

Who Can Access Custom API Keys

Custom API Keys are accessed in JavaScript code steps and Python code steps using the syntax {{secrets.key_name}}. These keys are available to all agent builders within a project. Key points about access:
  • Any builder with access to the project can use any Custom API Key in their code execution steps
  • Custom API Key access is project-wide, regardless of who created the key
  • All project members with builder permissions (Admin, Editor, or Member who can create assets) can reference Custom API Keys in their tools and agents
Learn more about managing project membership and permissions in the RBAC documentation.

Security Considerations

While Custom API Keys are automatically redacted with <redacted> when code steps attempt to print them out, members who can create Custom API Keys should exercise caution. Other builders in the project can use those keys to gain elevated access to downstream resources.
Important security points:
  • Automatic redaction: Custom API Keys are protected from accidental exposure in logs and outputs
  • Shared access risk: Any builder in the project can use Custom API Keys to access external systems with the permissions granted to those credentials
  • Project membership matters: Carefully consider who has builder access to projects containing sensitive API credentials

Frequently asked questions (FAQs)

No. This feature is available for Enterprise subscriptions only.
The project-level API key does. If you want the organization-level API key to be used, the project-level API key must be removed.
Integrations that rely on OAuth or third-party services don’t support shared credentials, so users will need to connect their own, or service accounts.
  • Provide Custom API Keys that are limited in scope and permissions (e.g., read-only access, specific resource access)
  • Create separate projects with only trusted team members when working with sensitive credentials
  • Use OAuth credentials via User Level Authentication instead of Custom API Keys where possible
Currently, all Custom API Keys in a project are accessible to all builders in that project. Use project isolation to control access to sensitive credentials by creating separate projects with limited membership.
Custom API Keys are shared credentials stored at the project level that all builders can use. OAuth authentication via User Level Authentication allows each user to authenticate with their own credentials, providing better security and individual accountability.