In this knowledge base article we’ll walk through the steps to create an API key to be used for automation purposes by your CI/CD pipeline or other scripting platform. API Keys are not required to use thew GenR3d LLM Security Analyzer, as everything can be accomplished through the GUI. However, it is highly recommended you integrate scanning of your chatbots and agents into their deployment pipelines, using the provided automation. The documentation for how to use the automation can be found in the API Reference guide or in the API Access menu in the GenR3d platform.

To start, when you click on the API Access header on the left hand navigation you will see a screen showing no active API keys.

From here, click on “Create a new API key” on the right hand side of the screen. When you do, you will see a “Creating API key” notification. Once the API key has been created, a window will show you the newly created API key.

You must copy and save or write down this API key immediately.

The API key will not be accessible again in full once you click “Done”, and you’ll have to delete and recreate a new API key.

Click “Done” once you’ve saved your API key somewhere it can be retrieved, you’ll see the previous screen with the API key partially visible. This is so you can validate you have the complete API key later.

We STRONGLY recommend you do not hardcode this API key into your automation, but instead save it in a password manager, secrets manager, or some other secure location that is accessible through your automation to pull only when it is necessary to login to the system. For example, with GitHub Actions you can follow the Using secrets in GitHub Actions pattern, or if you’re using AWS and GitLab you can follow the Use AWS Secrets Manager secrets in GitLab CI/CD pattern.

The templates we provide require you to store the API key in a secrets manager.