The LightYear API uses Bearer token authentication. All API requests must include your API key in the Authorization header.
Generate an API Key
- Log in to the control panel.
- Navigate to Account → API.
- Click Generate API Key.
- Enter a descriptive label (e.g.,
terraform-prod). - Click Generate.
- Copy the API key — it is only shown once.
[!WARNING] Treat your API key like a password. Never commit it to version control or expose it in client-side code.
Authentication Header
Include your API key in every request:
>_BASH
$curl https://api.lightyear.host/v1/account \$ -H "Authorization: Bearer YOUR_API_KEY"Test Your API Key
>_BASH
$curl https://api.lightyear.host/v1/account \$ -H "Authorization: Bearer YOUR_API_KEY"OUTPUT
{
"account": {
"name": "John Doe",
"email": "[email protected]",
"balance": "25.00",
"pending_charges": "1.23"
}
}Store API Keys Securely
Environment Variables (Recommended)
>_BASH
$export LIGHTYEAR_API_KEY="YOUR_API_KEY"Use in scripts:
>_BASH
$curl https://api.lightyear.host/v1/servers \$ -H "Authorization: Bearer $LIGHTYEAR_API_KEY".env Files
INI
LIGHTYEAR_API_KEY=YOUR_API_KEYAdd .env to .gitignore:
>_BASH
$echo ".env" >> .gitignoreAPI Key Permissions
| Permission | Description |
|---|---|
| Read | List and view resources |
| Write | Create, update, and delete resources |
| Full | All permissions including billing |
Create read-only keys for monitoring tools and full-permission keys only for automation that needs to create/delete resources.
Revoke an API Key
- Navigate to Account → API.
- Find the key you want to revoke.
- Click Delete.
Revoked keys are immediately invalidated.