oakallow has two API key tiers
- Management keys are for setup and configuration. Use them to register tools, create organizations, define tenants, and set permission rules. Management operations are free. Management keys cannot access runtime endpoints.
- Standard keys are for runtime. Your AI agent uses these to check permissions (each check returns a signed decision receipt) and log results. Runtime operations are billed at $0.005 per call.
Each key is scoped to a single organization. API keys are SHA-256 hashed at creation. The raw key is shown once and cannot be retrieved.