> ## Documentation Index
> Fetch the complete documentation index at: https://docs.orbitsearch.com/llms.txt
> Use this file to discover all available pages before exploring further.

# View and audit your Orbit Search API keys

> Use the Orbit developer dashboard to review active and revoked API keys, scopes, last-used timestamps, and expiry status.

Use the [Orbit developer dashboard](https://developer.orbitsearch.com/dashboard/keys) to audit the API keys associated with your account or organization. The dashboard shows safe key metadata only; raw `sk_orb_...` values are shown once at creation and are never displayed again.

## What you can inspect

Open **Dashboard** → **API keys** to review:

| Field       | What it means                                                            |
| ----------- | ------------------------------------------------------------------------ |
| Key name    | The human-readable label assigned when the key was issued                |
| Display key | A safe identifier such as `sk_orb_a0186...55fd`                          |
| Ownership   | Whether the key belongs to your personal account or an organization      |
| Scopes      | The operations the key can call, such as `search:read` or `profile:read` |
| Status      | Whether the key is active, revoked, or expired                           |
| Last used   | The most recent authenticated request made with the key                  |
| Expiration  | The optional expiry time, if one was set                                 |

<Tip>
  During a key rotation, watch the new key's last-used timestamp in the dashboard. Once it starts updating and the old key stops receiving traffic, you can revoke the old key.
</Tip>

## Public API behavior

Developer API keys authenticate search and profile-read requests. They cannot create, list, revoke, delete, or inspect other API keys.

<Note>
  The key-management experience lives in the dashboard because public API callers only receive dashboard-issued developer keys. Start from a dashboard-issued `sk_orb_...` key, then use that key only for developer API requests.
</Note>
