> ## Documentation Index
> Fetch the complete documentation index at: https://anaconda.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# API keys

export const Comments = ({children}) => {
  return <div class="my-4 px-5 py-4 overflow-hidden rounded-2xl flex gap-3 border border-zinc-500/20 bg-zinc-50/50 dark:border-zinc-500/30 dark:bg-zinc-500/10" data-callout-type="comments">
      <div class="w-4">
        <svg width="14" height="14" viewBox="0 0 640 640" fill="currentColor" xmlns="http://www.w3.org/2000/svg" class="w-5 h-5" aria-label="Comments">
            <path d="M320 112C434.9 112 528 205.1 528 320C528 434.9 434.9 528 320 528C205.1 528 112 434.9 112 320C112 205.1 205.1 112 320 112zM320 576C461.4 576 576 461.4 576 320C576 178.6 461.4 64 320 64C178.6 64 64 178.6 64 320C64 461.4 178.6 576 320 576zM280 400C266.7 400 256 410.7 256 424C256 437.3 266.7 448 280 448L360 448C373.3 448 384 437.3 384 424C384 410.7 373.3 400 360 400L352 400L352 312C352 298.7 341.3 288 328 288L280 288C266.7 288 256 298.7 256 312C256 325.3 266.7 336 280 336L304 336L304 400L280 400zM320 256C337.7 256 352 241.7 352 224C352 206.3 337.7 192 320 192C302.3 192 288 206.3 288 224C288 241.7 302.3 256 320 256z" />
        </svg>
      </div>
      <div class="text-sm prose min-w-0 w-full">
        {children}
      </div>
    </div>;
};

API keys authenticate users and automated systems to access platform resources. You can include multiple scopes to define access permissions in API keys that you create, but you cannot grant access to resources that you do not have access to already.

## Creating an API Key

1. [Sign in to Anaconda](https://auth.anaconda.com/ui/login/).

2. Open the user dropdown menu and select <Icon icon="user" iconType="regular" /> *Account Settings*.

3. Click the *API Keys* tab.

4. Click <Icon icon="plus" iconType="regular" /> **Create API Key**.

5. Provide a unique name for your API key.

6. Choose permission levels for the scopes your key should include. You can select one or both of the following:

   * **User resources**: Provides access to the platform's user-level APIs. Include this scope if you need to interact programmatically with projects, data, or other assets associated with your account.

     <Note>
       This scope mirrors your platform permissions (except for any administrative controls).
     </Note>

   * **Platform channels**: Authenticates your local conda client or automated build systems so they can use channels you have access to within Anaconda Platform. Include this scope if you need to install packages from channels hosted on your instance.

7. Set an expiration date from the dropdown. API keys have a maximum lifespan of one year.

   <Note>
     If you choose *Custom*, a calendar field appears. Use it to specify a date.
   </Note>

8. Click **Create API Key**. Save your newly generated API key in a secure location.

   <Caution>
     API keys are only available at the time of creation. You will not be able to view your API key after you close the dialog. Save your API key in a secure location, and do not share it with anyone. If you lose your API key, you must create a new one. Creating a new API key invalidates access granted by the previously generated key.
   </Caution>

   <Note>
     Alternatively, you can generate an API key by logging in at the command line using `anaconda-auth login`.
   </Note>

## Using API Keys

If your conda client runs as part of an automated process, such as a CI/CD pipeline, or if you are using conda within Docker builds on your desktop, configure them to use your local API key (generated when you logged in using `anaconda-auth`) to authenticate conda using one of the following methods:

<Tabs>
  <Tab title="Using an environment variable">
    1. Open Anaconda Prompt or Powershell (Terminal on macOS/Linux).
    2. Set your API key as an environment variable:

           <CodeGroup>
             ```sh Anaconda Prompt theme={null}
             for /f "usebackq delims=" %i in (`anaconda auth api-key`) do set ANACONDA_AUTH_API_KEY=%i
             ```

             ```sh Anaconda Powershell theme={null}
             $env:ANACONDA_AUTH_API_KEY = (anaconda auth api-key)
             ```

             ```sh Terminal theme={null}
             export ANACONDA_AUTH_API_KEY="$(anaconda auth api-key)"
             ```
           </CodeGroup>
  </Tab>

  <Tab title="Using the keyring">
    1. Verify `preferred_token_storage` is set to `"anaconda-keyring"`. See `anaconda-auth` [configuration parameters](/cli-reference/anaconda-auth/getting-started#configuration).
    2. Open Anaconda Prompt (Terminal on macOS/Linux).
    3. Copy the `~/.anaconda/keyring` file to your automated workflow system:

       ```sh theme={null}
       scp ~/.anaconda/keyring user@<TARGET_SYSTEM>:~/.anaconda/keyring
       ```
  </Tab>

  <Tab title="Docker">
    If you use conda in Docker builds, you can securely provide your Anaconda API key during build time using Docker secrets. This allows authenticated commands to run without exposing your API key in an image layer.

    1. Open Anaconda Prompt or Powershell (Terminal on macOS/Linux).

    2. Set your API key as an environment variable:

           <CodeGroup>
             ```sh Anaconda Prompt theme={null}
             for /f "usebackq delims=" %i in (`anaconda auth api-key`) do set ANACONDA_AUTH_API_KEY=%i
             ```

             ```sh Anaconda Powershell theme={null}
             $env:ANACONDA_AUTH_API_KEY = (anaconda auth api-key)
             ```

             ```sh Terminal theme={null}
             export ANACONDA_AUTH_API_KEY="$(anaconda auth api-key)"
             ```
           </CodeGroup>

    3. Each Dockerfile *must* also contain the `anaconda-registration` package:

       ```dockerfile wrap theme={null}
       RUN conda install --name base anaconda-registration --channel https://repo.anaconda.cloud/repo/anaconda-tools --override-channels
       ```

    4. For all other `conda` or `anaconda` commands that require authentication, provide the following:

       ```sh theme={null}
       RUN --mount=type=secret,id=ANACONDA_AUTH_API_KEY 
       ```

       ```sh Example command requiring auth theme={null}
       RUN --mount=type=secret,id=ANACONDA_AUTH_API_KEY conda create -p /opt/env -y "python=3.13" "anaconda-client"
       ```

    5. When building your image, pass the key as a Docker secret:

       ```bash theme={null}
       docker build --secret id=ANACONDA_AUTH_API_KEY -t <IMAGE_NAME> .
       ```

           <Comments>
             Replace \<IMAGE\_NAME> with the name for your Docker image.
           </Comments>
  </Tab>
</Tabs>

For API integrations, include the key in the authorization header:

```sh theme={null}
Authorization: Bearer (anaconda auth api-key)
```

This lets automated workflows—such as data synchronization jobs or deployment pipelines—interact securely with the platform using the same permissions you hold.