# API Key Module

In this section of the documentation, you will find resources to learn more about the API Key Module and how to use it in your application.

Refer to the [Medusa Admin User Guide](https://docs.medusajs.com/user-guide/settings/developer) to learn how to manage publishable and secret API keys using the dashboard.

Medusa has API-key related features available out-of-the-box through the API Key Module. A [module](https://docs.medusajs.com/learn/fundamentals/modules) is a standalone package that provides features for a single domain. Each of Medusa's commerce features are placed in Commerce Modules, such as this API Key Module.

Learn more about why modules are isolated in [this documentation](https://docs.medusajs.com/learn/fundamentals/modules/isolation).

## API Key Features

- [API Key Types and Management](https://docs.medusajs.com/commerce-modules/api-key/concepts): Manage API keys in your store. You can create both publishable and secret API keys for different use cases.
- [Token Verification](https://docs.medusajs.com/commerce-modules/api-key/concepts#token-verification): Verify tokens of secret API keys to authenticate users or actions.
- [Revoke Keys](https://docs.medusajs.com/commerce-modules/api-key/concepts#api-key-expiration): Revoke keys to disable their use permanently.
- Roll API Keys: Roll API keys by [revoking](https://docs.medusajs.com/references/api-key/revoke) a key then [re-creating it](https://docs.medusajs.com/references/api-key/createApiKeys).

***

## How to Use the API Key Module

In your Medusa application, you build flows around Commerce Modules. A flow is built as a [Workflow](https://docs.medusajs.com/learn/fundamentals/workflows), which is a special function composed of a series of steps that guarantees data consistency and reliable roll-back mechanism.

You can build custom workflows and steps. You can also re-use Medusa's workflows and steps, which are provided by the `@medusajs/medusa/core-flows` package.

For example:

```ts title="src/workflows/create-api-key.ts" highlights={highlights}
import { 
  createWorkflow, 
  WorkflowResponse,
  createStep,
  StepResponse,
} from "@medusajs/framework/workflows-sdk"
import { Modules } from "@medusajs/framework/utils"

const createApiKeyStep = createStep(
  "create-api-key",
  async ({}, { container }) => {
    const apiKeyModuleService = container.resolve(Modules.API_KEY)

    const apiKey = await apiKeyModuleService.createApiKeys({
      title: "Publishable API key",
      type: "publishable",
      created_by: "user_123",
    })

    return new StepResponse({ apiKey }, apiKey.id)
  },
  async (apiKeyId, { container }) => {
    const apiKeyModuleService = container.resolve(Modules.API_KEY)

    await apiKeyModuleService.deleteApiKeys([apiKeyId])
  }
)

export const createApiKeyWorkflow = createWorkflow(
  "create-api-key",
  () => {
    const { apiKey } = createApiKeyStep()

    return new WorkflowResponse({
      apiKey,
    })
  }
)
```

You can then execute the workflow in your custom API routes, scheduled jobs, or subscribers:

### API Route

```ts title="src/api/workflow/route.ts" highlights={[["11"], ["12"]]} collapsibleLines="1-6" expandButtonLabel="Show Imports"
import type {
  MedusaRequest,
  MedusaResponse,
} from "@medusajs/framework/http"
import { createApiKeyWorkflow } from "../../workflows/create-api-key"

export async function GET(
  req: MedusaRequest,
  res: MedusaResponse
) {
  const { result } = await createApiKeyWorkflow(req.scope)
    .run()

  res.send(result)
}
```

### Subscriber

```ts title="src/subscribers/user-created.ts" highlights={[["11"], ["12"]]} collapsibleLines="1-6" expandButtonLabel="Show Imports"
import {
  type SubscriberConfig,
  type SubscriberArgs,
} from "@medusajs/framework"
import { createApiKeyWorkflow } from "../workflows/create-api-key"

export default async function handleUserCreated({
  event: { data },
  container,
}: SubscriberArgs<{ id: string }>) {
  const { result } = await createApiKeyWorkflow(container)
    .run()

  console.log(result)
}

export const config: SubscriberConfig = {
  event: "user.created",
}
```

### Scheduled Job

```ts title="src/jobs/run-daily.ts" highlights={[["7"], ["8"]]}
import { MedusaContainer } from "@medusajs/framework/types"
import { createApiKeyWorkflow } from "../workflows/create-api-key"

export default async function myCustomJob(
  container: MedusaContainer
) {
  const { result } = await createApiKeyWorkflow(container)
    .run()

  console.log(result)
}

export const config = {
  name: "run-once-a-day",
  schedule: `0 0 * * *`,
}
```

Learn more about workflows in [this documentation](https://docs.medusajs.com/learn/fundamentals/workflows).

***


---

The best way to deploy Medusa is through Medusa Cloud where you get autoscaling production infrastructure fine tuned for Medusa. Create an account by signing up at cloud.medusajs.com/signup.