API keys
API keys let you access the Animus API from scripts, CI/CD pipelines, or custom integrations. Each key is scoped to specific permissions and tied to your account.
Creating a key
- Open the Animus app
- Go to Integrations
- Under API Keys, click Create
- Give your key a name (e.g. “My CLI Key”)
- Select the permissions you need
- Click Create Key and copy the key immediately — it won’t be shown again
Using your key
Send the key as a Bearer token in the Authorization header:
curl https://api.animus.so/api/v1/content/recent \
-H "Authorization: Bearer anm_your_api_key_here"
anm_ so they’re easy to identify.
Scopes
Each API key has one or more scopes that control what it can access:
| Scope | Description | Example endpoints |
|---|
read | Read content, collections, and library stats | GET /content/recent, GET /collections |
write | Create, update, and delete content and collections | POST /content, DELETE /collections/:id |
search | Search across your library | GET /search |
403 Forbidden.
Start with only the scopes you need. You can always update a key’s scopes later.
Managing keys
You can have up to 10 active API keys per account.
- Revoke a key to immediately disable it. Any application using the key will lose access.
- Update a key to change its name or scopes without regenerating the secret.
Both actions are available in the Integrations page of the Animus app, or via the API:
# List your keys
curl https://api.animus.so/api/v1/api-keys \
-H "Authorization: Bearer YOUR_JWT_TOKEN"
# Revoke a key
curl -X DELETE https://api.animus.so/api/v1/api-keys/KEY_ID \
-H "Authorization: Bearer YOUR_JWT_TOKEN"
API key management endpoints require JWT authentication (your session token), not an API key. API keys cannot manage other API keys.
Security best practices
- Never commit API keys to version control
- Use environment variables to store keys
- Create separate keys for different applications
- Revoke keys you no longer need
- Use the minimum scopes required for each integration
