API keys - Mistral AI Documentation
Summary
Mistral AI's documentation details the management of API keys, which authenticate requests to its API and tools. Organization admins can create, review, rotate, and delete API keys across Workspaces via the Admin Panel, while individual developers manage their own keys from the User Profile modal in Studio. API keys are categorized by product surface: Studio for standard API usage, Vibe for Vibe Code, and Mistral Code for legacy use. When creating a key, admins can name it, assign it to a Workspace, set an optional expiration date, and define its Connector access scope (Shared connectors only or Private and shared connectors). Once created, a key's Workspace, scope, or expiration cannot be changed, requiring a new key for modifications. Keys are confidential, shown only once, and must be stored securely, not committed to version control. Keys are scoped to their creation Workspace, affecting quota and rate limits, and are not tied to specific subscription plans.
Key takeaway
For MLOps Engineers managing Mistral AI deployments, carefully plan your API key strategy. You must create separate Workspaces for development, staging, and production environments, each with dedicated API keys, to ensure proper resource isolation and rate limiting. Always store keys in a secure secrets vault immediately after creation, as they are shown only once and cannot be retrieved. Never commit keys to version control. Understand that key settings like Workspace and scope are immutable, requiring new key generation for changes.
Key insights
Mistral AI API keys authenticate requests, are managed by admins or developers, and are scoped to Workspaces for security and resource control.
Principles
- API keys are confidential and shown once.
- Key settings are immutable post-creation.
- Keys are Workspace-scoped for resources.
Method
Admins create keys via the Admin Panel by specifying a name, Workspace, optional expiration, and Connector access scope, then copying the key immediately.
In practice
- Store API keys in a secrets vault.
- Create separate Workspaces for environments.
- Use "Shared connectors only" for automation.
Topics
- Mistral AI API
- API Key Management
- Workspace Scoping
- Connector Access
- Security Best Practices
- Access Control
Best for: AI Engineer, Software Engineer, MLOps Engineer
Related on AIssential
Editorial summary, takeaway, and curation by AIssential. Original article published by mistral.ai via Google News.