Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Every API in the Admin section of this guide (the Admin API, Analytics APIs, Compliance API, Spend Limits API, Usage and Cost API, and Rate Limits API) is authenticated with an Admin API key. You do not need a separate key for each API.
Where you create the key depends on which Claude product your organization uses.
| Your organization | Create the key in | Key prefix | Who can create it | Works with |
|---|---|---|---|---|
Claude Console (Claude Platform, platform.claude.com) | Claude Console > Settings > Admin keys | sk-ant-admin01-... | Organization members with the admin role | Admin API, Usage and Cost API, Rate Limits API, Claude Code Analytics API, and the Compliance API Activity Feed |
Claude Enterprise (claude.ai) | claude.ai > Organization settings > API | sk-ant-api01-... | The organization's primary owner | Compliance API, Claude Enterprise Analytics API, and Spend Limits API, according to the scopes you select |
A key created in one organization cannot be used to manage a different organization. If your company uses both Claude Console and Claude Enterprise, create one key in each.
Sign in as an organization admin
Only organization members with the admin role can create Admin API keys. See Organization roles and permissions.
Open Admin keys settings
Create the key
Click Create key, give it a name, and click Create. Claude Console keys do not have selectable scopes; every key carries full Admin API access.
Copy and store the secret
Copy the displayed secret (starting with sk-ant-admin01-) and store it in your secrets manager. The full secret is shown only once.
Sign in as the primary owner
Only the primary owner of the Claude Enterprise parent organization can create these keys.
Open API settings
Go to claude.ai > Organization settings > API and find the Keys section.
Click + Create key
Name the key and select the scopes you need from the scopes table. You can combine scopes from different APIs (for example, read:analytics and read:spend_limits) on a single key.
Copy and store the secret
Copy the displayed secret (starting with sk-ant-api01-) and store it in your secrets manager. The full secret is shown only once.
When you create a Claude Enterprise key, select every scope that the APIs you plan to call require. Scopes are fixed at creation; to add a scope later, create a new key.
| To call... | Select these scopes |
|---|---|
| Spend Limits API: read members' effective spend limits and increase requests | read:spend_limits |
| Spend Limits API: set or clear per-user spend limits; approve or deny increase requests | write:spend_limits |
| Claude Enterprise Analytics API: engagement, adoption, cost, and usage reports | read:analytics |
| Compliance API Activity Feed: organization-wide activity events | read:compliance_activities |
| Compliance API content endpoints: read chats, files, projects, and users | read:compliance_user_data |
| Compliance API content endpoints: delete chats, files, and projects | delete:compliance_user_data |
| Compliance API organization endpoints: read organization metadata and settings | read:compliance_org_data, read:compliance_org_settings |
The Compliance and Analytics APIs must be enabled for your organization before keys with those scopes can be used. See Get access to the Compliance API and Analytics APIs.
Pass the key in the x-api-key header on every request. See each API's documentation for complete request examples.
A call that exceeds the key's scopes returns 403 Forbidden with a message listing the scopes the key has and the scopes the endpoint needs.
Manage organization members, workspaces, and API keys.
Set per-member spend limits and review increase requests for your Claude Enterprise organization.
Report on Claude Code productivity or Claude Enterprise engagement and adoption.
Audit activity and retrieve or delete user content across your organization.
Was this page helpful?