API Keys Overview
Learn what API keys are, what they're used for, and how to create them in Stash Studio. Understand the basics of API key authentication for Stash services.
API keys are secret credentials used to authenticate server-to-server requests from your game backend to Stash services. They provide secure authentication for operations that should only be performed by your backend, never by client applications.
API keys are for server-side use only. Never expose them in client-side code, mobile apps, or web browsers.
What Are API Keys Used For?
API keys authenticate your backend when making requests to Stash for:
- Stash Pay: Generating checkout links, Quick Pay URLs, and querying payment status
- Stash Launcher: Managing build artifacts and handling authentication token flows
- Stash Webshop: Server-side operations like webhook verification, analytics, and custom backend tools (most Webshop operations use client-side bearer tokens)
For detailed information on product-specific authentication, see:
Creating API Keys
Navigate to API Secrets
Go to your game in Stash Studio → Project Settings → API Secrets.
Create a New API Secret
Click "Create API Secret" or "Add API Secret".
Name Your Key
Enter a descriptive name (e.g., "Production Backend", "Test Environment") to help identify the purpose of each key.
Copy the Secret
Click "Create" and copy the secret value immediately - it's only shown once.
The secret value is only displayed once at creation. If you lose the secret, you must create a new API key.
Security Notes
- Use descriptive names to identify the purpose of each key
- Create separate keys for different environments (test, staging, production)
- Store keys securely (see Security Best Practices)
Next Steps
- Using API Keys - Learn how to use API keys in your requests
- Common Pitfalls - Avoid common mistakes
- Security and Management - Best practices for securing and managing your keys
How is this guide?
View Logs in Stash Studio
Learn how to use Stash Studio's comprehensive logging tools to inspect events, debug communication between Stash API and your game backend, and identify integration issues. Access logs for outgoing events, incoming events, payments, and linked accounts.
Using API Keys
Learn how to use API keys to authenticate requests to Stash services. Includes authentication header format and code examples in multiple languages.