Managing API Keys

You can manage your API keys through the Nolano dashboard.

Go to API Keys Dashboard

The dashboard provides an easy-to-use interface for all your API key management needs.

What are API Keys?

API keys are unique identifiers that authenticate your requests to the Nolano API. They act as both an identifier and a password, ensuring that only authorized users can access forecasting services and manage API resources.

Key Features

Secure by Design

SHA-256 Hashing

Keys are hashed before storage - original keys are never stored in plain text

Usage Tracking

Every API call is logged with detailed usage statistics and monitoring

Expiration Control

Set custom expiration dates or create keys that never expire

Instant Revocation

Immediately revoke compromised keys with audit trails

Storage and Handling

Never expose API keys in client-side code: API keys should only be used in server-side applications where they can be kept secure.
Environment Variables: Store API keys in environment variables, not in your source code.
# ✅ Good: Environment variable
export NOLANO_API_KEY="ak_577aa2f186866ec0c75d1068bcff79cd3da4344b80aec1572e0fa07b364227d6"

# ❌ Bad: Hardcoded in source
api_key = "ak_577aa2f186866ec0c75d1068bcff79cd3da4344b80aec1572e0fa07b364227d6"

Regular Rotation (Coming soon)

Implement a regular key rotation schedule:
  1. Production Keys: Rotate every 90 days
  2. Development Keys: Rotate every 30 days
  3. Emergency Rotation: Immediately if compromise suspected

Rate Limits by Key Type

Permission LevelRequests/MinRequests/HourRequests/Day
Read Only5050010,000
Read/Write1001,00050,000
Admin2002,000100,000
Full Access5005,000250,000
Enterprise Plans: Custom rate limits and dedicated support available. Contact support@nolano.com for details.