API product analytics installation

Personal API keys can enable full access to your account, like logging in with your email and password. You can create multiple, give them different scopes, and each can be invalidated individually. This improves the security of your PostHog account. Personal API keys need to be kept private and shouldn't be used in the frontend.

How to obtain a personal API key

  1. Go to the Personal API keys section in your account settings

  2. Click + Create a personal API Key.

  3. Give your key a label - this is just for you, usually to describe the key's purpose.

  4. Choose the scopes for your key. We recommended selecting only the scopes required for the API endpoints you really need. This is a security best practice. You can always modify the scopes later if you need to.

  5. At the top of the list, you should see your brand new key. Immediately copy its value, as you'll never see it again after refreshing the page.

You can create as many keys as you like. Personal API keys are deleted when a user is deleted.

How to create an api key

How to authenticate using the personal API key

There are two options:

  1. Use the Authorization header and Bearer authentication, like so:
    JavaScript
    const headers = {
        Authorization: `Bearer ${POSTHOG_PERSONAL_API_KEY}`
    }
  2. Put the key in request body, like so:
    JavaScript
    const body = {
        personal_api_key: POSTHOG_PERSONAL_API_KEY
    }

Any one of these methods works, but only the value encountered first (in the order above) will be used for authentication.

For more details, see our API docs.

Community questions

Was this page useful?

Questions about this page? or post a community question.