Skip to content

Dashboard & API keys

The dashboard is the control plane for humans — separate from the proxy data plane. It’s served by the server service and talks to Postgres for tenancy.

Dashboard login uses Auth0 (OAuth2 / OIDC). On first login your org is provisioned just-in-time, so a new user lands in a working org without manual setup. Proxy traffic itself never uses Auth0 — it uses API keys.

From the dashboard you can:

  • Create a key — give it a name, and the API key is shown once; store it immediately. The name is just a label, not part of the credential.
  • List keys by name with their last-used time.
  • Disable / revoke a key — it stops working on the proxy right away.
  • Delete a key.

Only the SHA-256 hash of each key is stored; the plaintext key is never persisted.

  • Requests and bandwidth spent against your plan quota, with remaining quota and utilisation.
  • The plan catalog (Basic / Pro / Enterprise) with an upgrade path.
  • A recent-requests log and success/error-rate charts.

See Analytics & usage for what’s measured.

The dashboard is built against a single OpenAPI spec that also generates the typed frontend SDK, so the UI and the documented API never drift. If you want to automate key or usage management, the same API is available programmatically.