[ ROOT ]
$GENERATE-RANDOM.ORG
Developer Tools for Random Data Generation // v2.6.1
root@generate-random:~/api-keys/python$ _

Generate API Keys in Python

Complete code tutorial with examples and best practices

PHP JavaScript
Python
Java C# C++ Ruby Go

[ Code Example - Quick Summary ]

Language: Python

What: Generate cryptographically secure API keys in Python using the <code>secrets</code> module. The secrets module is specifically designed for security-critical applications like API key generation.

Try it: Use our interactive Api-keys generator or integrate this code into your Python application.

Generate cryptographically secure API keys in Python using the secrets module. The secrets module is specifically designed for security-critical applications like API key generation. Looking for other languages? Check our code examples in PHP , JavaScript , Java , C# , C++ , Ruby and Go or use our interactive web generator.

Python Code Example

import secrets
import base64

def generate_api_key(length=32):
    """Generate hexadecimal API key."""
    return secrets.token_hex(length)

# Generate 256-bit (32 byte) API key
api_key = generate_api_key(32)
print(api_key)
# Output: "a7f3e9c2d8b4f1a6e5c9d7b3f8a2e6c4d9b5f7a3e8c6d2b9f4a7e1c5d8b3f6a9"

def generate_api_key_base64(length=32):
    """Generate base64 URL-safe API key."""
    return secrets.token_urlsafe(length)

api_key_base64 = generate_api_key_base64(32)
print(api_key_base64)
# Output: "p3_pwr2L8RpuXJbT-IouaztX86jG0rmU9KfhxdizNpo"

# Generate with prefix for versioning
def generate_versioned_api_key(prefix="sk", length=32):
    """Generate API key with prefix (e.g., sk_live_, sk_test_)."""
    token = secrets.token_urlsafe(length)
    return f"{prefix}_{token}"

versioned_key = generate_versioned_api_key("sk_live", 32)
print(versioned_key)
# Output: "sk_live_p3_pwr2L8RpuXJbT-IouaztX86jG0rmU9KfhxdizNpo"

[EXPLANATION]

Python's secrets module provides three convenient functions: token_hex() for hexadecimal encoding, token_urlsafe() for Base64 URL-safe encoding, and token_bytes() for raw bytes. The token_urlsafe() function is particularly useful as it automatically handles URL-safe encoding without manual replacement of special characters.

Expected Output

Hexadecimal: a7f3e9c2d8b4f1a6e5c9d7b3f8a2e6c4d9b5f7a3e8c6d2b9f4a7e1c5d8b3f6a9
Base64 URL-safe: p3_pwr2L8RpuXJbT-IouaztX86jG0rmU9KfhxdizNpo
With prefix: sk_live_p3_pwr2L8RpuXJbT-IouaztX86jG0rmU9KfhxdizNpo

Common Use Cases

  • Django REST Framework authentication
  • Flask API endpoints
  • FastAPI bearer tokens
  • Python microservices authentication
  • CLI tool authentication

Important Notes

  • Always use secrets module, never random
  • token_hex(n) generates 2n characters
  • token_urlsafe(n) generates approximately 4n/3 characters
  • Add prefixes for key identification (e.g., "sk_live_", "sk_test_")
  • Use Argon2 or bcrypt to hash keys before database storage

Try Our Interactive Generator

Don't want to write code? Use our free web-based Api-keys generator with instant results.

TRY API-KEYS GENERATOR →

Other Programming Languages

PHP $ view --lang=php

View Api-keys generation code examples in PHP
JAVASCRIPT $ view --lang=javascript

View Api-keys generation code examples in JavaScript
JAVA $ view --lang=java

View Api-keys generation code examples in Java
C# $ view --lang=csharp

View Api-keys generation code examples in C#
C++ $ view --lang=cpp

View Api-keys generation code examples in C++
RUBY $ view --lang=ruby

View Api-keys generation code examples in Ruby
GO $ view --lang=go

View Api-keys generation code examples in Go