API Keys
API keys authenticate external applications that call your Blueprints. You need an API key for any integration that connects to Leapter at runtime — including the REST API, MCP connections, and n8n HTTP workflows.
Where to find API Keys
Click API Keys in the left sidebar of Leapter. This opens the API Keys management page.
The table shows all your API keys with:
| Column | Description |
|---|
| Name | The friendly name you gave the key |
| Permissions | Which project the key can access |
| Key | The key prefix (the full key is only shown once at creation) |
| Status | Whether the key is Active or Revoked |
| Last Used | When the key was last used to make an API call |
| Created | When the key was created |
Create an API key
- Click Create API Key in the top right.
- Enter a Key Name — a friendly name to help you identify this key later (e.g., “n8n Integration” or “Production API”).
- Select the Project the key should have access to.
- Click Create Key.
After creation, the full API key is displayed. Copy it immediately — you will not be able to see the full key again. All keys start with the lpt_ prefix.
Store your API key securely. If you lose it, you will need to create a new one. Never share API keys in public repositories or client-side code.
Use your API key
Pass the API key as a header in all requests to Leapter:
- Header name:
X-API-Key
- Header value: your API key
For example, in a curl request:
curl -X POST "https://lab.leapter.com/runtime/api/v1/{appspace}/{project-id}/{endpoint}" \
-H "Content-Type: application/json" \
-H "X-API-Key: lpt_your-api-key-here" \
-d '{"input1": "value1"}'
Revoke a key
If a key is compromised or no longer needed, you can revoke it:
- Find the key in the table.
- Click the three-dot menu on the right.
- Select Revoke.
Revoked keys stop working immediately. You can toggle Show revoked keys to see previously revoked keys.
What to do next
