> ## Documentation Index
> Fetch the complete documentation index at: https://docs.apiosk.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Provider SDK Keys

> Use a long-lived sk_live_ key to publish and manage listings, and make paid calls, headlessly, without a browser session or per-request wallet signature.

# Provider SDK Keys

Publisher management endpoints normally authenticate with a wallet-signed header
(see [/guides/publishers](/guides/publishers)). For headless automation, CI,
servers, agents, that is awkward. A **provider SDK key** is a long-lived bearer
credential that authenticates the same operations without signing each request.

## Minting a key

Create a key in the portal under **Settings → SDK & API keys**. The full secret
is shown **once** at creation and stored only as a hash plus a short prefix, copy
it then, and treat it like a password.

A provider SDK key looks like `sk_live_` followed by a hex secret.

<Warning>
  Keep `sk_live_` keys server-side. Rotate or revoke a key from the portal at any
  time; a revoked key stops working immediately.
</Warning>

## Using a key

Send it as a bearer token:

```bash theme={null}
curl -X POST https://gateway.apiosk.com/v1/apis/register \
  -H "Authorization: Bearer sk_live_..." \
  -H "Content-Type: application/json" \
  -d '{ "slug": "my-api", "origin_url": "https://api.example.com" }'
```

The same key authenticates the full publisher surface, `register`,
`GET /v1/apis/mine`, updates, delete, and endpoint docs, with no per-request
signature.

A provider SDK key can also act as a **payer credential**: presented on a paid
call it settles over the provider's own balance on the same rail selection as a
connect token. That makes one key enough for a server that both publishes and
consumes APIs.

## Related links

* Publishers: [/guides/publishers](/guides/publishers)
* Publisher lifecycle: [/guides/publisher-lifecycle](/guides/publisher-lifecycle)
* SDK (consumer client): [/guides/sdk](/guides/sdk)
