Remote OpenClaw Blog
Claude API Key: How to Get One and Use It Safely (2026)
8 min read ·
A Claude API key is a secret token from Anthropic's developer Console that authenticates your requests to the Claude API, and getting one takes about two minutes: create a Console account (console.anthropic.com, which now lives at platform.claude.com), open the API Keys page under Settings, and click Create Key. The key is shown once, billing is per token with no monthly fee, and the same key powers the SDKs, raw HTTP calls, and Claude Code in API mode. This guide covers the exact steps, current pricing, rate limits, and the security practices that keep your key from being stolen, verified against Anthropic's official docs as of July 5, 2026.
How to Get a Claude API Key
Getting a Claude API key requires a Claude Console account and takes four steps:
- Create a Console account. Go to console.anthropic.com (Anthropic's developer Console, now hosted at platform.claude.com) and sign up with an email address. This account is separate from a claude.ai chat account.
- Add billing. Buy prepaid credits or add a payment method under the billing settings. The API has no free tier, so requests fail until the account is funded.
- Create the key. Open Settings > API Keys and click Create Key. Name it after the project or environment it belongs to (for example "staging-invoice-agent"), and scope it to a workspace if you use them.
- Copy it once and store it. Anthropic keys start with
sk-ant-and are displayed a single time. Put the key straight into a password manager or secrets manager, then set it as an environment variable where your code runs.
export ANTHROPIC_API_KEY="sk-ant-your-key-here"
# Verify it works with one request
curl https://api.anthropic.com/v1/messages \
-H "x-api-key: $ANTHROPIC_API_KEY" \
-H "anthropic-version: 2023-06-01" \
-H "content-type: application/json" \
-d '{"model": "claude-sonnet-5", "max_tokens": 100,
"messages": [{"role": "user", "content": "Say hello"}]}'
Anthropic also ships a keyless option for development machines: the ant CLI's ant auth login opens a browser OAuth flow and stores a short-lived credential the SDKs read automatically, per the official quickstart. For servers and CI, a standard API key (or Workload Identity Federation) remains the right tool.
Claude API Pricing
Claude API pricing is pay as you go, metered per million tokens (MTok) with separate input and output rates and no monthly minimum. Current rates from Anthropic's pricing docs as of July 2026:
| Model | Input / MTok | Output / MTok | Context |
|---|---|---|---|
| Claude Fable 5 | $10.00 | $50.00 | 1M |
| Claude Opus 4.8 | $5.00 | $25.00 | 1M |
| Claude Sonnet 5 | $3.00 ($2.00 intro through Aug 31, 2026) | $15.00 ($10.00 intro) | 1M |
| Claude Haiku 4.5 | $1.00 | $5.00 | 200K |
Two levers cut those numbers substantially: prompt caching bills repeated context at roughly a tenth of the input rate, and the Batch API processes asynchronous jobs at a 50 percent discount. For a deeper dive into what the newest models cost in practice, see our Claude Fable 5 price breakdown and our guide to using Opus models in the Anthropic API.
Using Your Key: SDKs and Claude Code
Every official surface reads the same ANTHROPIC_API_KEY environment variable, so one export covers the Python and TypeScript SDKs, the ant CLI, and Claude Code. The SDKs need zero configuration beyond it:
pip install anthropic # Python
npm install @anthropic-ai/sdk # TypeScript
# Python: the client finds ANTHROPIC_API_KEY automatically
python -c "
import anthropic
msg = anthropic.Anthropic().messages.create(
model='claude-sonnet-5', max_tokens=100,
messages=[{'role': 'user', 'content': 'Say hello'}])
print(msg.content[0].text)"
Claude Code in API mode: with ANTHROPIC_API_KEY set (or Console billing selected at login), Claude Code bills per token against your Console account instead of a subscription. That is the standard route for CI pipelines and automation, and the full tradeoff versus Pro and Max plans is covered in our is Claude Code free guide. The same key also drives open-source agents; our OpenClaw Claude setup guide shows that configuration end to end.
Rate Limits and Spend Caps
Claude API accounts are placed on a usage tier (Start, Build, Scale, or Custom) that sets both rate limits and a monthly spend cap, and organizations move up automatically as they use the API, per Anthropic's rate limits documentation. Limits are measured in requests per minute (RPM), input tokens per minute (ITPM), and output tokens per minute (OTPM), enforced per model with a token bucket algorithm.
| Tier | Monthly spend cap | Opus 4.x / Sonnet 5 limits |
|---|---|---|
| Start | $500 | 1,000 RPM, 2M ITPM, 400K OTPM |
| Build | $1,000 | 5,000 RPM, 5M ITPM, 1M OTPM |
| Scale | $200,000 | 10,000 RPM, 10M ITPM, 2M OTPM |
| Custom | No cap (arranged) | Negotiated with account team |
Three details worth knowing. First, cached input tokens do not count toward ITPM on current models, so prompt caching raises your effective throughput as well as cutting cost. Second, exceeding a limit returns a 429 error with a retry-after header, and the official SDKs retry automatically with backoff. Third, you can set your own spend limit below the tier cap in Console Settings > Limits, which is the single best guard against a runaway agent bill.
Security Best Practices
The most common way Claude API keys leak is developers committing them to public git repositories, according to Anthropic's official API key best practices. The non-negotiables:
- Never commit keys. Keep them in environment variables or a secrets manager, add
.envto.gitignore, and never hardcodesk-ant-strings in source. Anthropic participates in GitHub's secret scanning partner program and automatically deactivates keys detected in public repos, which saves you from abuse but also breaks production the moment you leak. - Scan before you push. Run a tool like Gitleaks locally or in CI so a key never reaches the remote; Anthropic recommends exactly this in its best practices article.
- One key per app and environment. Separate keys (and Console workspaces) per project make rotation painless and blast radius small.
- Do not paste keys into chats, tickets, or third-party tools. Uploading your key to a tool gives that tool's developer access to your account. Treat any key that has been shared anywhere as compromised and rotate it.
- Set spend limits and watch usage. A custom spend limit plus the Console usage dashboards turn a stolen key from a five-figure incident into a capped one.
- Rotate on any suspicion. Creating a replacement key and deleting the old one takes under a minute in Settings > API Keys.
The same rules apply to keys used by autonomous agents, where prompt injection adds another exfiltration path; our OpenClaw API key guide covers agent-specific key handling.
When You Do Not Need an API Key
You do not need a Claude API key for interactive use: the claude.ai apps run on free, Pro, and Max subscriptions with no key involved, and Claude Code runs on Pro and Max logins without Console billing. Developers working locally can also skip static keys with the ant CLI's OAuth login. The API key path is specifically for programmatic access: building products, automation, CI, and agents. Remember the two billing worlds never mix: a $200 Max subscription includes zero API tokens, and $200 of API credits grants no app subscription. Price both against your workload before committing.
Related Guides
- Is Claude Code Free? Plans That Include It
- How to Use Claude Opus in the Anthropic API
- Claude Fable 5 Price: Full Cost Breakdown
- OpenClaw API Key Guide: Setup and Security
Go deeper
The operator playbooks
Production-ready PDF guides for OpenClaw and Hermes Agent — $19.99 each.
Skills for this topic
Browse all skills →Frequently Asked Questions
How do I get a Claude API key?
Create a Claude Console account at console.anthropic.com (now hosted at platform.claude.com), add billing credits, then go to Settings and open the API Keys page and click Create Key. The key starts with sk-ant- and is shown only once, so copy it into a password manager immediately.
Is a Claude API key free?
Creating a key is free, but using it is not: the Claude API has no free tier and bills per token, starting at $1 per million input tokens on Claude Haiku 4.5 as of July 2026. Requests fail until the Console account has billing set up.
How much does the Claude API cost?
As of July 2026: Claude Haiku 4.5 costs $1/$5 per million input/output tokens, Claude Sonnet 5 costs $3/$15 (with an introductory $2/$10 rate through August 31, 2026), Claude Opus 4.8 costs $5/$25, and Claude Fable 5 costs $10/$50. Prompt caching and the 50 percent Batch API discount reduce real-world bills substantially.
Can I use my Claude Pro subscription instead of an API key?
Only for the apps and Claude Code. Pro and Max cover claude.ai and Claude Code logins, but they include no API usage; programmatic calls through the SDKs or raw HTTP always require a Console account and API key billed per token.
What should I do if my Claude API key leaks?
Rotate immediately: create a new key in Console Settings, update your environment, and delete the exposed key. If the leak was in a public GitHub repo, Anthropic's secret scanning partnership has likely already deactivated it. Then check the usage dashboard for unauthorized spend and tighten your spend limit.





