API Key

All API requests require an access key. Keys are prefixed with cr_ and authenticate your requests to the CodeRender API.

Getting a key

1. Sign in at coderender.app/login
2. Go to your dashboard
3. Click Generate in the Access Key card to create your key
4. Copy and save the plaintext key — it is shown only once

Only the hash is stored on the server. If you lose the plaintext, generate a new key (this revokes the previous one).

Using the key

Send the key in the Authorization header:

Authorization: Bearer cr_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

The same key works for both the API and the Figma plugin. One key per account.

Rotating your key

Generating a new key from the dashboard automatically revokes the previous key. Any requests using the old key will receive 401 Unauthorized. Update the key in all your integrations after rotation.

Security

• • Never expose your key in client-side code, public repositories, or logs.
• • Use environment variables or a secrets manager.
• • If you suspect your key is compromised, generate a new one immediately from the dashboard.