Build a completely custom deployment using your agent's API - for teams that need more than the standard channels offer.

Your product has a built-in help panel. You want your Outlearn agent to power it - same knowledge, same instructions, same quality - but surfaced inside your own UI instead of a standard widget. There is no pre-built option for that. There does not need to be.

The chat widget, email channel, and team chat integrations cover most deployments. But some teams have products, platforms, or workflows that do not fit a standard pattern. The API is how those teams deploy. It gives your developers direct programmatic access to your agent so they can embed it anywhere, trigger it from any workflow, and build whatever interface your product requires - with full control over how it looks, where it lives, and how it behaves.

In this article, you'll learn:

• What API keys are and when you need them
• How to create an API key
• How to manage and revoke keys

What Are API Keys?

An API key is a secure credential that allows an external application or developer to interact with your Outlearn agent via the API. Think of it as a password that your systems use to identify themselves to Outlearn.

You need an API key when:

• A developer on your team is building a custom integration with your agent
• You want to embed the agent in a platform that doesn't have a built-in Outlearn deployment option
• You're automating interactions with your agent from an external system

If you're not building a custom integration, you don't need to touch this section.

How to Create an API Key

1. Go to the Deploy tab.
2. Scroll to the Developer section.
3. Click Manage API.
4. On the API Keys page, click + Create API Key.
5. Give the key a descriptive name and an optional label to indicate its environment (e.g., "Production", "Staging", "Testing").
6. Click Create.
7. Copy the full key immediately - it is only shown once at creation. Once you leave the page, you cannot retrieve it again.

Managing Existing Keys

Your API keys are listed in a table showing:

• Name: The label you gave the key
• Prefix: The first few characters of the key (for identification without exposing the full key)
• Created: When the key was created
• Last used: When the key was last used to make a request
• Actions: Options to manage or revoke the key

Revoking a Key

If a key is compromised, no longer needed, or used by a team member who has left:

1. Find the key in the table.
2. Click the action option next to it.
3. Revoke or delete the key.

Once revoked, any system using that key will immediately lose access.

Best Practices

• Create separate keys for each environment (Production, Staging, Testing) - this way, if a test key is compromised, your production integration is unaffected.
• Never share API keys in public repositories, Slack messages, or emails — treat them like passwords.
• Store keys in a secure secrets manager (e.g., AWS Secrets Manager, HashiCorp Vault, or your platform's equivalent) — not in plain text files or code.
• Revoke keys immediately when a developer who had access leaves your organization.
• Check the Last used column periodically - if a key hasn't been used in months, it may be safe to revoke it and reduce your attack surface.