API Keys
Create and manage API keys for accessing Lunogram APIs
To ingest data into Lunogram via the client libraries or modify data via admin endpoints, you first need to create an API Key. Each key is bound to a project and only allows interacting with data in that project.
Create an API Key
Navigate to Settings -> API Keys
Open your project settings and select the API Keys section.
Click Create Key
A dialog will open where you can configure your new key.
Fill in the details
Provide a name, optional description, and select a role.
Copy your key
The key value is shown after creation. Copy and store it securely, you can always view it again from the table.
Roles
Every API key is assigned a role that determines what it can access. Roles are additive — each higher level includes all permissions from the levels below it.
Write-only access designed for client-side SDKs and public integrations. Safe to expose in frontend code.
| Permission | |
|---|---|
| Create & update users, events, and organizations | ✅ |
| Read any resource | ❌ |
| Modify campaigns, journeys, or settings | ❌ |
Client keys are the only role safe to use in browser or mobile app code. They can ingest data but cannot read or modify existing resources.
Read-only access across all project resources. Ideal for dashboards, monitoring tools, and reporting integrations.
| Permission | |
|---|---|
| View users, campaigns, journeys, templates | ✅ |
| View events, lists, tags, and documents | ✅ |
| Create, update, or delete any resource | ❌ |
Full content management for campaigns, journeys, and more. Includes everything in Support and Client.
| Permission | |
|---|---|
| Everything in Support and Client | ✅ |
| Create & manage campaigns, templates, journeys | ✅ |
| Manage lists, tags, documents, locales, and actions | ✅ |
| Manage providers and integrations | ❌ |
| Destructive operations (delete subscriptions, etc.) | ❌ |
Full project access including providers, integrations, and dangerous operations. Includes everything in Editor.
| Permission | |
|---|---|
| Everything in Editor | ✅ |
| Manage providers and integrations | ✅ |
| Delete subscriptions, actions, and organizations | ✅ |
Admin keys have unrestricted access to your project. Never expose them in client-side code or public repositories.
Update an API Key
Click on an existing API key to update its name, description, or role. The key value itself cannot be changed.
Which Role Should I Use?
Frontend App or Mobile SDK
Use a Client key. It can only write data and is safe to ship in public code.
Analytics Dashboard
Use a Support key. It provides read-only access for reporting and monitoring.
Backend Integration
Use an Editor key if you need to manage campaigns and content, or an Admin key for full control.
CI/CD or Automation
Use an Admin key for scripts that need unrestricted access. Keep it in environment variables.