Authentication
API keys without cache scans
Presented keys are SHA-256 hashed and resolved with one exact Redis lookup. Invalid random tokens do not trigger Redis KEYS/SCAN work or a database fallback.
- Email verification required before live key creation
- Workspace-scoped creation and deactivation
- Exact cache invalidation when a key is deactivated