> ## Documentation Index
> Fetch the complete documentation index at: https://fal.ai/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Key-Based Authentication

Key-based authentication lets you authenticate fal API requests using a secret key generated from the dashboard. This is the recommended authentication method for production applications, CI/CD pipelines, and any environment where you need programmatic access.

Keys are scoped to control what operations they can perform, giving you fine-grained control over access. You can create and manage keys from the fal dashboard at any time.

## Overview

There are two main reasons to use key-based authentication:

1. When calling [ready-to-use models](https://fal.ai/models)
2. In headless remote environments or CI/CD (where GitHub authentication is not available)

## Generating the keys

Navigate to our dashboard keys page and generate a key from the UI [fal.ai/dashboard/keys](https://fal.ai/dashboard/keys)

## Scopes

Scopes provide a way to control the permissions and access level of a given key. By assigning scopes to keys, you can limit the operations that each key can perform. Currently there are only two scopes, `ADMIN` and `API`. If you are just consuming [ready-to-use models](https://fal.ai/models), we recommend that you use the `API` scope.

### API scope

* Grants access to all models on fal, including ready-to-use models and your own deployed endpoints.
* Grants access to API-scoped [Platform APIs](/api-reference/platform-apis/index).

### ADMIN scope

* Grants full access to private models.
* Grants full access to CLI operations.
* Grants access to ready-to-use models.
* Grants access to API-scoped and ADMIN-scoped [Platform APIs](/platform-apis).
