> ## Documentation Index
> Fetch the complete documentation index at: https://arizeai-433a7140.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# API Keys

Phoenix offers three types of authentication credentials: **System API Keys, User API Keys, and the Admin Secret**

## System API Keys

System keys authenticate actions on behalf of the entire system rather than a specific user. These keys:

* Can only be created by administrators

* Are not tied to the admin who created them

* Persist even if the creating admin is deleted

* Are recommended for automated/programmatic interactions with Phoenix that don't involve user actions (such as querying REST APIs)

## User API Keys

User API keys authenticate actions on behalf of specific users. These keys:

* Are associated with and act on behalf of the user who created them

* Can be viewed and deleted by the user who owns them

* Are automatically deleted if the user account is deleted

* Are ideal for personal use cases (e.g., running experiments in a notebook)

## Admin Secret

The Admin Secret is a special authentication token that:

* Can be used as an alternative to API keys

* Authenticates as the first system user

* Must meet these requirements:

  * At least 32 characters long

  * Includes at least one digit and one lowercase letter

  * Must differ from `PHOENIX_SECRET`

  * Cannot be set if `PHOENIX_SECRET` is not configured

This key is particularly useful for:

* Provisioning Phoenix via REST APIs

* Deploying Phoenix as a sidecar application

* Programmatically generating authentication to send traces, datasets, etc. without requiring login

This secret is set via the `PHOENIX_ADMIN_SECRET` environment variable.

<Danger>
  We recommend removing this value from your deployment once you have created a system key.
</Danger>

## Key Expiration

Both System and User API keys support expiration dates. Setting expirations can:

* Limit access to specific tasks or timeframes

* Support security through automated key rotation

* Reduce the risk of compromised credentials
