> ## Documentation Index
> Fetch the complete documentation index at: https://docs.behaviq.io/llms.txt
> Use this file to discover all available pages before exploring further.

# API access

> Create API keys and service accounts for integrations.

API access lets developers and internal tools call BehavIQ without using the web app.

<img src="https://mintcdn.com/petruslabsptyltd/ZqiV5LlbuV-wxLL4/assets/business-api-access.png?fit=max&auto=format&n=ZqiV5LlbuV-wxLL4&q=85&s=726c8658da8a6076e7df4bb186722c58" alt="The BehavIQ API access page with API keys and service accounts." width="1024" height="1140" data-path="assets/business-api-access.png" />

## API keys

API keys authenticate requests to the public API. Each key belongs to one workspace.

Use an API key when a trusted server needs to call BehavIQ for chat, audio, bot listing, credits, or usage.

Keys are shown once when created. Store the secret in a server-side secret manager. Do not put API keys in browser code, mobile apps, public repositories, or support tickets.

## Key limits

Admins can set API key caps where the workspace plan supports them. Caps apply to API key traffic only.

A cap of `0` means no usage is allowed for that key. Leave the cap blank when you do not want a key-level cap.

## Service accounts

A service account represents a non-human integration. It can own API keys and keeps automation separate from a real employee account.

Use service accounts for integrations that should keep working when a staff member changes role or leaves.

Archive a service account when the integration is retired.

## Rotation and revocation

Rotate a key when the secret may have been exposed or when ownership of an integration changes.

Revoke old keys instead of leaving them active. Revoked keys stop working immediately.
