Using API Tokens
API tokens authenticate your code to access Groundlight services. They look like api_2GdXMflhJ... and should be treated as sensitive credentials.
The SDK can access your token in two ways:
- Environment Variable (Recommended)
from groundlight import Groundlight
# Automatically uses GROUNDLIGHT_API_TOKEN environment variable
gl = Groundlight()
- Direct Configuration
from groundlight import Groundlight
token = get_token_from_secure_location()
gl = Groundlight(api_token=token)
Security Best Practices
- Store tokens in environment variables or secure vaults
- Never commit tokens to code repositories
- Limit token access to necessary personnel
- Rotate tokens periodically
- Revoke unused tokens promptly
Managing Tokens
Access token management at dashboard.groundlight.ai/reef/my-account/api-tokens
Create a Token
- Navigate to the API tokens page
- Enter a token name and click "Create API Token"
- Save the generated token securely - it won't be shown again!
Revoke a Token
- Find the token in your dashboard by name
- Click "Delete"
- Confirm revocation
Important: Update your applications with a new token before revoking an old one to prevent service interruption.