Instance API keys
Obtaining credentials
Request headers
instance-id: <your-instance-id>
api-key: <your-api-key>
Content-Type: application/jsonScope & isolation
Rotation
Last updated
When to use: see Choose your auth for the decision rule. This page covers the Instance API key model.
The KAI Instance API (https://api.kai-studio.ai) uses static API-key authentication. Every request must carry two headers.
Go to your KAI admin portal → Instances → select your instance → API credentials.
Copy the instance_id and api_key.
If you do not have access to the admin portal, contact KAI support.
instance-id: <your-instance-id>
api-key: <your-api-key>
Content-Type: application/json(Exact header names are instance-id and api-key, lowercase with hyphens.)
One (instance_id, api_key) pair grants access to exactly one instance. Permissions are not user-level — there is no notion of "user" on this API. Any caller presenting the correct headers has full instance access.
To rotate a compromised key:
Admin portal → Instances → Regenerate API key.
The previous key is revoked immediately.
Update any deployed integrations with the new value.
Never expose an instance API key in client-side code (browsers, mobile apps, public widgets). This is a machine-to-machine credential only. For user-facing scenarios, use K-AI MCP with OAuth 2.1 instead.
Last updated