Skip to main content
Together uses API keys to authenticate requests. Keys are scoped to Projects, meaning a key only has access to the resources within its Project.
Multi-Project key scoping is in early access. Not all resources and APIs fully support Project-scoped keys yet. Contact support for details on current coverage.

Authentication

Include your API key in the Authorization header of every API request: 
curl https://api.together.ai/v1/chat/completions \
  -H "Authorization: Bearer $TOGETHER_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "meta-llama/Llama-3-70b-chat-hf",
    "messages": [{"role": "user", "content": "Hello"}]
  }'
Or set it as an environment variable for SDK usage: 
export TOGETHER_API_KEY=your-api-key

Organization Default Key (Deprecated)

Every Organization has a default API key, scoped to the Organization’s default Project. Only the Organization Owner can access and manage it. You can find it in your account settings under Manage Account. This key:
  • Is always available to copy (unlike other keys, which are only shown once at creation)
  • Cannot be revoked, but can be regenerated if compromised
  • Is automatically recognized across all Together systems after regeneration
The Organization Default Key is deprecated. We recommend creating Project API keys instead for better scoping and management.

Creating Additional Project API Keys

We recommend creating independent API keys for separate use cases, systems, or workloads (e.g., one for production, one for development, one for CI/CD, one for inference).
  1. Navigate to the Project you want to create a key for (early access: switch Projects from the Project selector in Settings)
  2. Go to the Project’s API Keys settings
  3. Click Create API Key
  4. Give it a name and optional expiration date
  5. Click Create
  6. Copy the key immediately — it won’t be shown again
New API keys are displayed only once at creation. Save them in a secure location (e.g., a secrets manager) immediately. If you lose a key, you’ll need to create a new one.

Project Key Scoping

API keys are scoped to Projects:
  • A key created in Project A can only access resources in Project A
  • Keys persist even if the Collaborator who created them is removed from the Project
  • Both Project Admins and Member-role Collaborators can create and revoke keys
This means you can safely share a Project API key with a CI/CD pipeline or External Collaborator without giving them access to resources in other Projects.
Project key scoping is in early access. Not all resources and APIs fully support this feature yet. Keys created before multi-Project support was enabled are scoped to your Organization’s default Project.

Cost Analytics & Usage

You can use API key IDs to segment usage and cost by key and workload. The api_key_id is supported for inference and code interpreter requests, so you can track which keys are driving spend in your Project’s cost analytics.

Current Limitations

  • No per-key usage limits. You can’t cap spend or rate-limit a specific API key. Usage limits apply at the Organization level.
  • Organization Default Key can’t be revoked. It can only be regenerated.

Playground

The Together Playground recognizes all API keys associated with your account. When you use the Playground, it shows available models across all your keys and Projects.

Best Practices

  • Name your keys descriptivelyprod-inference, ci-pipeline, dev-local — so you can identify and rotate them easily
  • Set expiration dates for keys used in temporary or testing contexts
  • Rotate keys regularly and revoke any that are no longer in use
  • Never commit keys to source control. Use environment variables or a secrets manager.

Projects

Understand how API keys are scoped to Projects

Roles & Permissions

Who can create and manage API keys

API Reference

Technical authentication specification