Skip to main content
Artifacta authenticates via API key. Every request — CLI, SDK, and REST API — requires a valid key.

Get your API key

  1. Sign up at app.artifacta.dev/signup
  2. Complete onboarding — a key is auto-generated for you
  3. Or create additional keys at app.artifacta.dev/dashboard/keys
Your full API key is shown once at creation time. Copy it immediately. You cannot retrieve it later — only the last 4 characters are visible after creation.

Key format

ak_live_<32 alphanumeric characters>
Example: ak_live_x9f7v3m1p0q2r4s6t8u0w1y3z5a7b9c2

Authenticate the CLI

Priority order: ARTIFACTA_API_KEY env var > config file.

Authenticate the Python SDK

from artifacta import Client

# Option 1: Auto-detect from environment or config file
client = Client()
# Reads ARTIFACTA_API_KEY from env, then ~/.config/artifacta/config.toml

# Option 2: Explicit key
client = Client(api_key="ak_live_abc123")

Authenticate the REST API

curl https://api.artifacta.dev/v1/artifacts \
  -H "Authorization: Bearer ak_live_abc123"
Every API request requires the Authorization: Bearer <key> header.

Verify authentication

artifacta whoami
Output
Tenant:  acme-corp
Plan:    free
Key:     ...k9f7 (last 4)
Usage:   0 / 10,000 requests this month
Storage: 0 B / 1 GB
Or in Python: 
info = client.whoami()
print(info.tenant_name)  # "acme-corp"
print(info.plan)         # "free"

Key limits

PlanMax active keys
Free10
Pro50
Revoked keys don’t count toward the limit. Revoke unused keys at app.artifacta.dev/dashboard/keys.

Security notes

  • Keys are hashed (SHA-256) before storage — Artifacta never stores your full key
  • A revoked key is immediately unusable
  • Keys do not expire — revoke manually when no longer needed
  • All keys have full tenant access (no per-key permission scopes in V1)