284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Integration Tests / Check for relevant changes (push) Waiting to run
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Mobile checks / Mobile unit tests (push) Waiting to run
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Temporal Readiness / fast-readiness (push) Waiting to run
Temporal Readiness / docker-parity (push) Waiting to run
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Unit Tests / Skipped-test budget (push) Waiting to run
Unit Tests / Nx affected unit tests (push) Waiting to run
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz Source: /opt/alga-psa on psa.joliet.tech
4.8 KiB
4.8 KiB
How to Get Your PostHog API Key: Step-by-Step Guide
Overview
PostHog uses different types of API keys for different purposes. This guide will walk you through finding your Project API Key in the PostHog dashboard and explain the differences between public and private keys.
Understanding PostHog API Keys
Types of Keys
-
Project API Key (Public Key)
- Used for client-side integrations (JavaScript, mobile apps)
- Safe to expose in frontend code
- Allows sending events and identifying users
- Cannot read or modify data
-
Personal API Key (Private Key)
- Used for server-side integrations and API access
- Must be kept secret
- Allows full read/write access to your data
- Used for administrative tasks and data retrieval
Step-by-Step Guide to Finding Your Project API Key
Step 1: Log in to PostHog
- Navigate to app.posthog.com (or your self-hosted PostHog instance)
- Enter your email and password
- Click "Sign in"
[Screenshot: PostHog login page showing email and password fields with the Sign in button]
Step 2: Access Your Project Settings
Once logged in, you'll be in your PostHog dashboard.
- Look for the gear icon (⚙️) in the left sidebar
- Click on "Project settings"
- Alternatively, you can click on your project name at the top of the sidebar and select "Project settings" from the dropdown
[Screenshot: PostHog dashboard with left sidebar highlighted, showing the gear icon for Project settings]
Step 3: Navigate to the Project API Keys Section
In the Project Settings page:
- Look for the "Project API key" section near the top of the page
- You'll see your Project API key displayed in a box
[Screenshot: Project Settings page with the Project API key section highlighted]
Step 4: Copy Your Project API Key
- Your Project API key will be displayed in a format like:
phc_AbCdEfGhIjKlMnOpQrStUvWxYz1234567890 - Click the "Copy" button next to the key
- The key will be copied to your clipboard
[Screenshot: Close-up of the Project API key field with the Copy button highlighted]
Finding Your Personal API Key (Private Key)
If you need a Personal API Key for server-side operations:
Step 1: Access Account Settings
- Click on your profile picture or initials in the bottom-left corner
- Select "Account settings" from the menu
[Screenshot: Profile menu dropdown with "Account settings" option highlighted]
Step 2: Navigate to Personal API Keys
- In the Account Settings page, find the "Personal API keys" section
- Click on "Personal API keys" in the sidebar
[Screenshot: Account Settings page with Personal API keys section in the sidebar]
Step 3: Create or View Personal API Key
- If you don't have a Personal API key yet, click "Create personal API key"
- Give your key a descriptive name (e.g., "Server Integration")
- Select the appropriate scopes/permissions
- Click "Create key"
- Important: Copy the key immediately - you won't be able to see it again!
[Screenshot: Personal API keys page showing the Create personal API key button and existing keys list]
Important Security Notes
Project API Key (Public)
- ✅ Safe to use in client-side code
- ✅ Can be committed to version control
- ✅ Visible in browser developer tools
- ❌ Cannot perform administrative actions
Personal API Key (Private)
- ❌ Never expose in client-side code
- ❌ Never commit to version control
- ✅ Use environment variables to store
- ✅ Full access to read/write data
Using Your API Keys
Client-Side (JavaScript) Example
posthog.init('phc_YourProjectAPIKeyHere', {
api_host: 'https://app.posthog.com'
});
Server-Side Example
// Store in environment variable
const POSTHOG_PERSONAL_API_KEY = process.env.POSTHOG_PERSONAL_API_KEY;
// Use for API requests
const response = await fetch('https://app.posthog.com/api/projects/', {
headers: {
'Authorization': `Bearer ${POSTHOG_PERSONAL_API_KEY}`
}
});
Troubleshooting
Can't Find Your Project API Key?
- Ensure you have the appropriate permissions in your organization
- Check that you're in the correct project (if you have multiple projects)
- Contact your PostHog administrator if you lack access
API Key Not Working?
- Verify you're using the correct type of key for your use case
- Check that the key hasn't been revoked or expired
- Ensure you're using the correct API endpoint
Additional Resources
Note: The interface may vary slightly depending on your PostHog version and whether you're using PostHog Cloud or a self-hosted instance.