How do I create and manage API keys?
3 min readBeginner
API keys authenticate external tools — the CLI, MCP servers, CI/CD pipelines, and custom integrations — to access your Better i18n organization.
Creating an API key
- Go to Settings → API Keys (top-right avatar → Settings)
- Click "+ Create Key"
- Enter a descriptive Key Name (e.g., "MCP Server", "CI/CD Pipeline", "Dev Machine")
- Click Create Key
The key is shown once — copy it immediately. You won't be able to see the full key again.
Key format
API keys follow the format bi-xxxxxxxxxxxx. The key prefix tells you the type:
| Prefix | Type | Access |
|---|---|---|
bi_pub_ |
Public key | Read-only — safe for client-side, CDN access |
bi- |
Secret key | Full access — server-side only |
Security: Never expose secret keys in client-side code, public repositories, or browser-accessible files.
Where to use API keys
| Tool | Key type | Configuration |
|---|---|---|
| CLI | Secret | better-i18n login (stores locally) |
| MCP Server | Secret | BETTER_I18N_API_KEY env var |
| Frontend SDK | Public | apiKey in SDK config |
| CI/CD | Secret | Pipeline environment variable |
| Content API | Public/Secret | x-api-key header |
Managing existing keys
On the API Keys page you can:
- Copy — copy the masked key identifier
- Revoke — permanently disable a key (click the three-dot menu)
- View metadata — see creation date and expiration
Key expiration
Keys expire 1 year after creation. You'll see the expiration date in the keys list. Create a new key before the old one expires to avoid service disruption.
Best practices
- One key per purpose — create separate keys for CLI, MCP, CI/CD
- Rotate regularly — revoke old keys and create new ones periodically
- Use environment variables — never hardcode keys in source code
- Revoke immediately if a key is compromised