← Back to Help Center
🔑 API Keys
Managing AI provider keys, credentials, and deploy tokens.
AI Provider Keys
SaaSClaw uses AI providers (like OpenAI, Anthropic, etc.) to power the wizard. You need provider API keys for the wizard to work.
Adding a Provider Key
- Go to Settings from the Studio navigation.
- Find the API Keys or Provider Keys section.
- Enter your API key for the provider you want to use.
- Save. The key is stored securely and used by the wizard during sessions.
Per-Project Provider Keys
You can also set provider keys at the project level:
- Open your project page.
- Navigate to Environment Variables or Credentials.
- Add your provider API key as an environment variable (e.g.,
OPENAI_API_KEY).
Project-level keys override global settings, giving you fine-grained control over which provider and key each project uses.
Deploy Tokens
Deploy tokens allow you to trigger deploys programmatically (e.g., from CI/CD pipelines or Git hooks).
Creating a Deploy Token
- Open your project page.
- Navigate to Settings → Deploy Tokens.
- Click Create Token.
- Copy the token — you won't be able to see it again.
Using a Deploy Token
Include the token in your deploy request to authenticate:
curl -X POST https://saasclaw.app/studio/<slug>/deploy/ \
-H "Authorization: Bearer <your-token>"
Environment Variables
Store configuration and secrets for your deployed application:
- Open your project page.
- Click Environment Variables.
- Add key-value pairs (e.g.,
DATABASE_URL, SECRET_KEY).
- These variables are injected into your app at runtime.
💡 Tip: Never hardcode secrets in your source code. Always use environment variables for database URLs, API keys, and other sensitive values.
Token Usage & Costs
Track your AI token usage per project:
- Open your project page.
- Click Token Stats to see usage breakdowns by session.
- This helps you understand costs and optimize your prompts.
⚠️ Security: API keys and deploy tokens are sensitive credentials. Treat them like passwords. Never commit them to Git or share them publicly. If a token is compromised, rotate it immediately from Settings.