API keys let you connect external tools, scripts, and applications to your Giant Context project. Instead of logging in through the console, an API key gives programmatic access to your project's data — so you can read, create, update, and delete content directly from your own code.

Where API keys live

Creating a service account

Before you can generate an API key to connect external tools, you must first create a service account. Service accounts act as non-human users designed specifically for your scripts, applications, and integrations. You can manage them in the Service Accounts tab of your organization settings.

Giant Context Organization Settings panel showing the Service Accounts tab and Create Service Account button

Generate Service Account Keys

Navigate to the Service Accounts tab within your Organization Settings to create and manage API keys for external tools and scripts. Click Create Service Account to generate a new key.

Permissions

Service account permissions work just like human member permissions. If the service account has 'editor' access to a project, its API key can read and write content. If it has 'viewer' access, it can only read.

Creating an API key

API Key Creation

Generate a new API key to securely connect external tools and scripts to your project. Assign a recognizable name and set an optional expiration date. Remember to copy your key immediately upon creation, as it will only be displayed once.

Copy your key immediately

The full API key starts with 'gct_' and is only shown once at the moment of creation. Copy it immediately and store it somewhere safe. Later, only a short prefix will be visible for identification. If you lose the key, you'll need to create a new one.

Using your API key

Giant Context uses a token exchange flow to keep your credentials secure. You send your API key to the token endpoint and receive a short-lived JWT token in return. This temporary token is then included in your actual API requests to authenticate your programmatic access.

SDK Auto-caching

The SDK caches the JWT token internally and refreshes it automatically before it expires.

What you can do with the API

API keys let you connect external tools, scripts, and applications directly to your Giant Context project. Instead of logging in through the console, an API key provides programmatic access to your project's data, allowing you to perform the same operations automatically.

Permissions and Access Levels

API key capabilities depend entirely on the permissions of the user or service account they belong to. For example, a key tied to a service account with 'Viewer' access can only read data — it cannot create, update, or delete resources.

Maintaining API Keys

API Keys table showing Regenerate and Revoke actions

Manage your keys

You can manage active keys directly from the API Keys table in your account or service account settings.

Regenerating a key

Copy your new key

Just like during creation, your new key is only shown once. Copy it immediately from the dialog and store it somewhere safe. If you lose it, you will need to generate another one.

Revoking a key

Tips for keeping your keys safe

Clean up unused keys

Regularly review your API keys and service accounts. Promptly revoke any unused or stale keys to minimize security risks.

Troubleshooting & FAQ

Frequently Asked Questions

When an API key is created, you will see the full key exactly once. If you lose it, you cannot retrieve it. You will need to regenerate the key from your account settings, which will create a new key and immediately revoke the old one.

Giant Context uses a token exchange flow. If your request is rejected, it is likely because your JWT token has expired and needs to be exchanged again using your API key. Rejections can also occur if the service account or personal account lacks sufficient permissions for the specific project.

Service accounts are designed for production integrations and automated systems because they are not tied to an individual human user. Personal API keys are best suited for local development, custom scripts, or connecting developer-oriented tools like Claude Code.

Authentication Reminder

Giant Context uses a token exchange flow. You must send your API key to the token endpoint to receive a short-lived JWT token, which is then used in the Authorization header for actual API requests.

Built byHuman

This content was designed and written by a human.

API Keys