Create a Secret Key

A secret key authenticates your integrations with Datature Vi through the Vi SDK. The carousel below walks through creating one from your organization settings. Access scope and permission level are not in the create dialog yet; Datature Vi will make them customizable in a future release.

Before You Start

You need Owner or Admin role to create secret keys
Have a secure location ready to store the key (environment variable, password manager, or secrets manager): you can only copy it once
Until scope and permission pickers ship, new keys use full organization access

Navigate to the Secret Keys tab

From your organization dashboard, click Settings at the bottom of the left sidebar and select the Members tab.

You should see

The Secret Keys table showing the newly created key with Last Used showing Never

The new key appears in the table. Last Used starts at Never and updates after the first authenticated request.

Access scope and permission level pickers are not in the product UI yet. Datature Vi will add them in a future release so you can customize each key. Until then, new keys keep full organization access. The sections below describe how scope and permissions will work once you can set them.

Access scope

Access scope controls which resource categories the key can reach.

Access scopes

Scope

What it allows

Turn off when

Dataset Access

List, read, create, and modify datasets and their contents (assets, annotations)

The key only needs to start training runs or manage deployments

Training Access

Create and manage training projects, workflows, and runs

The key only needs to upload data or manage deployments

Deployment Access

Manage deployed models and run inference

The key only handles data preparation or training

When customization is available, new keys can start with all three scopes enabled. You will be able to narrow the scope to follow the principle of least privilege: give each key access only to what it needs. A key used by an annotation pipeline, for example, could use Dataset Access only.

Permission levels

The permission level controls what operations the key can perform within its allowed scopes.

Permission levels

Level

What it can do

Typical use

Full

Complete read and write: create, modify, and delete resources

Production Vi SDK integrations and CI/CD pipelines that manage resources programmatically

Read Only

View and list resources; cannot create, modify, or delete

Dashboards, monitoring tools, or scripts that only fetch data

Labeler Only

Create and edit annotations only; cannot change datasets, training projects, or organization settings

Annotation-only workflows where external annotators should not have broader access

Restricted

Custom limited access

When none of the other levels match your needs

When both controls are available, you will pair the permission level with the access scope for fine-grained control. For example, a key with Dataset Access + Read Only can list datasets and download annotations but cannot upload new images or start training runs.

Verify the key was created

After closing the dialog, your new key appears in the Secret Keys table.

Secret Keys table columns

Column

What you see

Name

The label you chose

Last Used

Shows Never until the key authenticates its first request

Created

Today's date

Created By

Your username

Access

The configured scope (for example, All) once scope controls ship

Permission

The selected level (for example, Full) once permission controls ship

Action menu (⋯)

Edit permissions or remove the key

Next steps

Vi SDK Getting Started

Install the SDK and make your first authenticated call using your new key.

Delete A Secret Key

Revoke keys that are no longer needed or have been compromised.

Secret Keys Overview

Security best practices, rotation schedules, and key management.