Skip to main content

Access Key Management

Key Management

Last updated: 2025-11-25 16:31:42

Overview

To use Bitdeer AI Cloud APIs, you need to obtain an Access Key (access_key) and Secret Key (secret_key). These keys are used for API request authentication and signature generation.

How to Obtain Access Key

Step 1: Navigate to Access Control

  1. Log in to the Bitdeer AI Cloud console
  2. Navigate to Access Control in the main menu
  3. Click Access Key to enter the access key management page

Step 2: Create Access Key

  1. On the Access Key management page, click Create Access Key or New Key
  2. (Optional) Enter a descriptive name for the key pair to help identify its purpose
  3. Click Create or Confirm to generate the key pair

Step 3: Save Your Keys

  1. After creation, a dialog will display both access_key and secret_key
  2. Important: The secret_key is only displayed once during creation and cannot be retrieved later
  3. Copy and save both keys immediately:
    • Save access_key in a secure location (you can view it again later in the console)
    • Save secret_key immediately - it cannot be viewed again after closing the dialog
    • Consider using a password manager or secure vault for storage

Note: If you lose your secret_key, you must create a new key pair. The old secret_key cannot be recovered.

Key Usage

After obtaining your keys, you can use them to:

  • Generate signatures for API requests using the signature algorithm
  • Authenticate API calls to Bitdeer AI Cloud services
  • Integrate with third-party applications and automation tools

For detailed information on how to use the keys for API authentication, refer to the Signature Method documentation.

Security Tips

Storage

  • Never expose secret_key in API requests, logs, or public code
  • Store keys securely and never commit them to version control systems (Git, SVN, etc.)
  • Use environment variables or secure configuration files for key storage
  • Avoid hardcoding keys in application source code

Usage

  • Use HTTPS for all API requests
  • Never include secret_key in request URLs or query parameters
  • Implement proper error handling to avoid leaking keys in error messages